scoped ACL are not evaluating if it passes global acl

Keyurkumar Chau
ServiceNow Employee
ServiceNow Employee

At first it runs global acls and it passes then it is not checking for scoped acls even it satisfy the condition of it.

So how we can runs the scoped acls?

 

Screenshot 2024-08-06 at 11.02.42 AM.png

8 REPLIES 8

Mark Manders
Mega Patron

What exactly are you doing? Because if you are opening a record on a scoped app, you should see more than just these 4 lines.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Keyurkumar Chau
ServiceNow Employee
ServiceNow Employee

Hey @Mark Manders  thanks for looking into this.

We wants to secure scoped records via ACL but it is not evaluating.

It shows only 4 lines because we ran gr.canRead() from background script.

Mark Manders
Mega Patron

Don't run it via script. Just activate the debugger and do it as the user you are in need of validating, to see what happens. On Xanadu this will even be easier, but not many customers are already there.

ACL's are not inherited. If you don't have access to the task table through ACL, you can still have access to incidents or changes, because they are evaluated on table, row and field level. 


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

 

We tried same after logging with user and tried to open kb_feedback record, but it still not evaluating.

 

Screenshot 2024-08-06 at 12.01.16 PM.png