What do you mean by Access Control List (ACL)?
Access Control List (ACL) is used to control what data users can access and how they can access it.
The system searches for ACL rules that match both the object and operation the user wants to access. If there are no matching ACL rules for the object and operation combination, then the object does not require any additional security checks and the instance grants the user access to them.
What are the different types of operation of ACL?
The different types of operations of ACL are listed below:
Execute: User cannot execute scripts on record or UI page.
Create: User cannot see the New UI action from forms. The user also cannot insert records into a table using API protocols such as web services.
Read: User cannot see the object in forms or lists. The user also cannot retrieve records using API protocols such as web services.
Write: User sees a read-only field in forms and lists, and the user cannot update records using API protocols such as web services.
Delete: User cannot see the Delete UI action from forms. The user also cannot remove records from a table using API protocols such as web services.
List_edit: User cannot update records (rows) from a list.
Report_on: User cannot create reports on the object.
Personalize_choices: User cannot right-click a choice list field and select Configure Choices
edit_task_relations: User cannot define relationships between task tables.
edit_ci_relations: User cannot define relationships between Configuration Item [cmdb_ci] tables.
save_as_template: Used to control the fields that should be saved when a template is created.
add_to_list: User cannot view or personalize specific columns in the list mechanic.
Note: A user must pass both field and table ACL rules in order to access a record object.
If a user fails a field ACL rule but passes a table ACL rule, the user is denied access to the field described by the field ACL rule.
If a user fails a table ACL rule, the user is denied access to all fields in the table even if the user previously passed a field ACL rule.
When Business Rule run?
Business rules run based on two sets of criteria:
The time that the business rule is configured to run relative to a record being modified or accessed.
|Options||When the rule run|
|Before||After the user submits the form but before any action is taken on the record in the database.|
|After||After the user submits the form and after any action is taken on the record in the database.|
|Async||When the scheduler runs the scheduled job created from the business rule. The system creates a scheduled job from the business rule after the user submits the form and after any action is taken on the record in the database.|
|Display||Before the form is presented to the user, just after the data is read from the database.|
The database operation that the system takes on the record.
|Option||When the rule run|
|Insert||When the user creates a new record and the system inserts it into the database.|
|Update||When the user modifies an existing record.|
|Query||Before a query for a record or list of records is sent to the database. Typically you should use query for before business rules. See Before-Query example.|
|Delete||When the user deletes a record.|
What is the objective of display BR?
The primary objective of display BR is to use a shared scratchpad object, g_scratchpad, which is also sent to the client as part of the form. This can be useful when you need to build client scripts that require server data that is not typically part of the record being displayed.
What is the difference between Actual elapsed time and Business elapsed time?
Actual elapsed values are calculated on a 24×7 basis.
Business elapsed values are calculated based on the schedule specified in the task SLA. The schedule is taken from the SLA definition by default.
What will be the output of Actual and Business Elapsed time of the SLA if there is no Schedule is attached?
If no schedule is specified, then the Business elapsed time is the same as the Actual elapsed time.