Issue
This article helps with restrict users from deleting attachments in a specific table (eg. Requested Item)
Resolution
The 'Manage Attachments' popup on a record is a UI page of attachment wherein removing the 'Remove' button will remove the button globally, and not specific to a table.
Restricting users from delete attachments on a table can be achieved by adding a before-delete business rule
Note: In this method, we are allowing users to click on the 'remove' button and the attachment disappears with the UI behavior; but when you reload the record, the attachment shows up (because the attachment was never deleted on the server-side because the business rule operation has aborted the action)
In below examples, the before-delete business rule restricts users other than Admin to abort deleting the attachment on the 'sc_req_item' table
Name: Restrict Delete attachment on RITM
Table: sys_attachment
Advanced: check
When: Before
Delete: check
Filter Condition: Table Name is sc_req_item
Script Conditon:
(function executeRule(current, previous /*null when async*/) {
// Add your code here
if(!gs.hasRole('admin')){
current.setAbortAction(true);
}
})(current, previous);
Related Links
This business rule works primarily to prevent deletion of the record in the sys_attachment table. If when reloading the task, the attachment reappears with an attachment of 0 bytes; this is because the base64 data for the file was deleted from the sys_attachment_doc table which resulted in a broken attachment link with an empty file.
Solve this by adding a matching "on before delete" business rule to both of these tables:
sys_attachment
sys_attachment_doc
