ACL verses Before Query Business Rule - ServiceNow Community

ACL verses Before Query Business Rule

gflewis
Kilo Expert

‎11-18-2011 10:27 AM

What are the pros and cons of using an Access Control verses a Before Query Business Rule to block certain users from reading certain records? As far as I can tell, the functionality appears to be identical.

0 Helpfuls
  • 6,161 Views
2 REPLIES 2

CapaJC
ServiceNow Employee
ServiceNow Employee

‎11-18-2011 10:35 AM

Before query is highly preferable if you can use one. It makes the database do the work by modify the query itself. With Contextual Security, your instance has to decide per record what a user can see after fetching them from the database.

With a before query rule, unavailable records are simply not there as far as the user is concerned. With Contextual Security they might get a list of 4 visible records, and the list might say 1 to 100 of 546 with a message at the bottom saying "96 records removed due to security constraints".


Mark Stanger
Giga Sage

‎11-18-2011 03:40 PM

Check out item 4 in this SNGuru article for more details on this subject.
http://www.servicenowguru.com/showcase/servicenow-security-tips/