Restrict Access to edit on catalog task if member/role is from XYZ assignment group

SNewbies · ‎02-22-2024

I am creating a SR TASK and assigning it to a XYZ group from a workflow, after SR TASK creation only members and roles of the XYZ Assignment group can modify / edit the SR TASK and everyone else can only view the record.

How can I achieve this?

Is there any other way to do so without using ACLs?

Thank you

palanikumar · ‎02-22-2024

Hi,

ACL is the easier way to do this. Other option is client script. You can call a Ajax Script and check whether the current user is member of the group. If not then set all the fields as read only.

Thank you,

Palani

Thank you,
Palani

Community Alums · ‎02-22-2024

Hi @SNewbies,

ACL is the best way to do this.

Here's a high-level example of what the ACL might look like:

Name: Restrict Edit Access for XYZ Assignment Group
Applies to: Catalog Task (or the specific table you're working with)
Operation: Write
Condition: When the current user's assignment group is XYZ
Roles: Any roles that should be exempt from this restriction
Actions: whatever action you want to take

Please mark my answer as correct or helpful if it helps you.

Thanks,

Kanhaiya

Mark Manders · ‎02-22-2024

Lately, the number of questions related to solutions where ACL's are the best option, with the explicit request not to use ACL's is getting is huge.

What is your objection to using ACL's? It's a genuine question, because if you have something that can only be read by one party and written to by another, then you are absolutely talking about ACL's.

Of course it can be done differently. You can write a client script or scripted UI policy to get the same, but that's less secure (since those need to load) and you will still need to script the exact same thing as you need to in an ACL.

Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark