ACL verses Before Query Business Rule - ServiceNow Community

ACL verses Before Query Business Rule

gflewis
Kilo Expert

What are the pros and cons of using an Access Control verses a Before Query Business Rule to block certain users from reading certain records? As far as I can tell, the functionality appears to be identical.

2 REPLIES 2

CapaJC
ServiceNow Employee
ServiceNow Employee

Before query is highly preferable if you can use one. It makes the database do the work by modify the query itself. With Contextual Security, your instance has to decide per record what a user can see after fetching them from the database.

With a before query rule, unavailable records are simply not there as far as the user is concerned. With Contextual Security they might get a list of 4 visible records, and the list might say 1 to 100 of 546 with a message at the bottom saying "96 records removed due to security constraints".


Mark Stanger
Giga Sage

Check out item 4 in this SNGuru article for more details on this subject.
http://www.servicenowguru.com/showcase/servicenow-security-tips/