Dashboards - ACL not granting users visibility into table-view report widget

Chase Stevenson · ‎01-04-2019

Hello, we have a dashboard that hosts a report widget of results from the live_message_tag table. The report displays all results where tag = opslog and created within 24 hours ago.

As an admin, I have no issues viewing the results of the report on the dashboard:

Any other user that is not admin cannot view the results due to security constraints:

I have checked the ACL on the live_message_tag table, and tried adding a role that all our users have (ITIL) to the ACL, but still it didn't allow them to view the results. I then toggled "Active" to false on the ACL completely, and users STILL cannot view the results, so I'm led to believe this ACL is not what grants access to view the results of this report on the live_message_tag table.

Can someone recommend a different location to check permissions etc.?

**Update - I have granted all users that should be seeing these results the "live_feed_admin" role and it still is NOT working. They cannot view results.

Prateek kumar · ‎01-07-2019

The ACL you already have is not for the table. It provides access to all the fields on the table. Since you dont have one for the table the default rules will apply. So please create one with access to table.

It should be Live Message tag> --None--

PFA

Please mark my response as correct and helpful if it helped solved your question.
-Thanks

View solution in original post

Prateek kumar · ‎01-04-2019

In that case you might have to take a look at this ACL

]https://YOURINSTANCENAME.service-now.com/sys_security_acl.do?sys_id=9e0169f85bb11200cadc853291f91a2c&sysparm_record_target=sys_security_acl&sysparm_record_row=2&sysparm_record_rows=5&sysparm_record_list=nameINlive_message_tag%2Clive_message_tag.*%2C*%2C*.*^ORnameSTARTSWITHlive_message_tag.^operation%3Dread^ORDERBYDESCsys_updated_on

Please mark my response as correct and helpful if it helped solved your question.
-Thanks

Chase Stevenson · ‎01-04-2019

Can you explain what I should do with this ACL? I see it has a script: gs.getProperty('glide.sm.default_mode') == 'allow'

There are no roles listed. The description also shows: "Allow snc_internal users access to tables if default mode is allow."

What is classified as snc_internal users?

Prateek kumar · ‎01-04-2019

More information here

https://docs.servicenow.com/bundle/london-platform-administration/page/administer/security/concept/c_DefaultDenyProperty.html

Please mark my response as correct and helpful if it helped solved your question.
-Thanks

Chase Stevenson · ‎01-04-2019

Ok so default mode is to "allow" access to table UNLESS there's an ACL on the table designating otherwise.

If I have deactivated the ACL on the table (shown in screenshot above) shouldn't all users be allowed to view the table results now?