Form/Table Template Permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi all,
I am trying to figure out how to set the permissions correctly for our users. We would like anyone with ITIL to be able to create and edit/delete any template that ONLY they created. We do not want them to be able to delete any template that they did NOT create. Right now it looks like we have an OOB ACL that allows deleting of any template with the template_editor role which is apart of the itil role.
Is there a way to restrict deleting and editing a template to only the user who created it?
Thanks,
Jonathan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @Jonathan102
Try ceating a Delete ACL on the sys_template table with a script like this:
answer = current.sys_created_by == gs.getUserName();
ACL configuration:
Table: sys_template
Operation: delete
Requires role: template_editor (or itil depending on your design)
Advanced: true
Script:
answer = current.sys_created_by == gs.getUserName();
This should allow users to delete only templates where they are the creator (sys_created_by). Any template created by another user should be denied for deletion.
Let me know if this worked, if yes, mark this as solved. Thank you 😊
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Thank you for the suggestion but it's still allowing them to delete.
Thanks,
Jonathan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
If you're comfortable, i would update the ootb delete acl and remove the template_editor role (because it contains itil) and replace with admin or another role that does not include itil. That way the new acl you created above will be the only one that allows them to delete (their own).
