- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-22-2023 11:34 AM
Hi,
We just installed CSM and noticed that fields that are references to sys_user are not visible to users with "sn_esm_agent"/"sn_customerservice_agent" role but not the "sn_customerservice.self_contributor" role.
We know that they are gated behind sn_customerservice.self_contributor, but we have been unable to find an ACL (debugging shows a pass, and the user can go to sys_user.list and see the users, so its not an ACL), UI policy, Business Rule, UI script or any other logic that could be applying this restriction. I have also checked and the fields are not being hidden clientside, but server side. Also it applies to any reference to sys_user field we add, opened_by, closed_by, assigned_to, etc.
To be clear, yes we could grant the role, but what if we cannot due to other reasons? What if our agents are not self contributors but we have some users (internal users) who are self contributors. How do we grant agent access to those fields without marking them as self contributors?
What I am looking for is specifically the logic that controls that behavior, not a workaround.
Thanks
Justin
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2023 10:31 AM
I also created a HI ServiceNow Support ticket and heard back from them.
If you have a table TableA and it has a field Field1 with Display set, you have to have ACL access to Field1, even if you have access to all row and all other fields on TableA, for reference fields that reference TableA to show other other tables.
As part of CSM, it installed this rule: /sys_security_acl.do?sys_id=99c59e12d7010200bef20ee60e6103cc on sys_user.name that gates it to CSM creators. That is what was blocking it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2023 10:31 AM
I also created a HI ServiceNow Support ticket and heard back from them.
If you have a table TableA and it has a field Field1 with Display set, you have to have ACL access to Field1, even if you have access to all row and all other fields on TableA, for reference fields that reference TableA to show other other tables.
As part of CSM, it installed this rule: /sys_security_acl.do?sys_id=99c59e12d7010200bef20ee60e6103cc on sys_user.name that gates it to CSM creators. That is what was blocking it.
