- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2014 07:42 PM
I Created a table with a reference field to the sys_user table. when I'm in the form and click on that field's magnifying glass I can see all the users if I'm logged in as an admin but when I impersonate a normal user I can't see any records.
I Searched for and read about ACLs but I don't see one on the sys_user table that would prevent users from seeing those records.
I Would appreciate someone pointing me in the right direction.
Thanks,
Rick Forristall
Programmer Analyst
Goodwill of Central Arizona
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2014 07:49 PM
Hello Rick,
This is because as an Admin you have read access on the Records in the sys_user table and thus able to see the records but End Users do not have Read access to the Table and thus are not able to see the records.
You will have to provide a Read access to all your Users on the User table at the record level to make this possible.
Create an ACL with the following:-
Operation IS Read
Table is User(sys_user) and corresponding Dropdown field on the side will be empty (Ensuring Table Level access).
Thanks,
Subhajit
Please mark my answer as Correct if this really helped solve your issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2014 02:26 AM
If ACLs do not seem to be the cause of the issue, check if there is a "before query" business rule on Users table that could prevent users from seeing other users' data.
Blog: https://sys.properties | Telegram: https://t.me/sys_properties | LinkedIn: https://www.linkedin.com/in/slava-savitsky/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2014 06:03 AM
Slava,
Thank you for your reply.
I looked at all the business rules for the sys_user table with "before" in the When to Run field but am not sure any of those would prevent users from seeing other users' data. Is there something I should look for?
Thanks
Rick Forristall
Programmer Analyst
Goodwill of Central AZ
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2014 06:12 AM
Look for any business rules that match the following conditions:
Table: Users [sys_user]
When: before
Query: true
Such rules can restrict queries based on user's role. For example, the following script in a before query business rule would prevent non-admin users from seeing inactive records:
if (!gs.hasRole("admin"))
current.addQuery("active", "true");
Blog: https://sys.properties | Telegram: https://t.me/sys_properties | LinkedIn: https://www.linkedin.com/in/slava-savitsky/
