Data Filtration Security Constraints message "Number of records removed..." and Pagination
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-22-2024 03:54 PM
Client do not want the Security Constraints message that shows how many number records are removed because the current logged in user is denied of access ("Number of records removed due to security constraints...") also the Pagination showing number of records in total but removing the records they are denied of access to. We are looking for something that do not show this message however On Before query is giving us performance issues so we're looking at this "Data Filtration" however it also shows this security constraints message. I this something we can't disable both for ACL and Data Filtration?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-22-2024 04:20 PM
The data filtration is not designed to handle what you want just yet. I talked to ServiceNow about it and they have a very specific use case for it.
The only option is a before query BR. If its causing performance issues then I would make every effort to simplify it and also check every field you are filtering on has an index.
You can also open a performance case with ServiceNow and ask them to see if any indexes would speed things up and which fields you should add them to. They have tools that can check this kind of thing and suggest optimizations.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-22-2024 04:59 PM
Thank you I'll try what you said about raising it to servicenow regarding the performance of onBefore query, our use case really is showing sc_request records to user that have ritm or sc_task assigned to them, e.g. if user is assigned to an ritm or sc_task or both, then the parent sc_request record should be visible to them. Looping to check those type of records is causing performance issues specially if the user has alot of records assigned to them, sc_request does not have direct access to assigned to and assignment group fields of ritm and sc_tasks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-22-2024 04:27 PM - edited ‎07-22-2024 04:27 PM
Hi @ryev_a_ ,
This is as per the design and caused due to the ACLs. If you don't want to show this error to the users then it can be removed via a Query BR. Basically restriction via a BR rather than a ACL.
Please find the ServiceNow KB for the same-
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0693406
If my response has resolved your query, please consider giving it a thumbs up ‌‌ and marking it as the correct answer‌‌!
Thanks & Regards,
Sanjay Kumar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-22-2024 04:54 PM
Yeah we also tried using BR however our use case requires us to give user access to records only assigned to them in request management, e.g. users has assigned sc task or ritm to them, they should be able to see sc_request record for it. with this use case we need to perform loop to check ritm and sc tasks since sc_request is their parent record, this is causing performance issue when using on before query BR.
