Delete attachment via a scoped scripted web service

Go to solution
santoshsahoonis
Kilo Guru

‎10-05-2016 05:04 AM

Hello,

I am stuck at a weird issue where I am not able to delete attachments via web service(SOAP) calls.

Some Setting:

1. The Scripted web service is in a scoped application.

2. I am able to create attachments from the scripted web service, but cannot delete.

Some of my observations so far:

1. I CAN delete the attachment manually when logged in as the same user(User being used is admin)

2. I CAN delete by executing background script/ Fix Script, with the same user(admin)

3. gr.canDelete() returns TRUE, but   gr.deleteRecord() returns FALSE, this is being logged in the scripted web service.

4. using GlideSecureRecord instead of GlideRecord also doesn't help.

5. I do not get any error or warnings

Anyone faced the same issue? or any idea what could be the issue?

CC,

david.legrand

0 Helpfuls
  • 1,919 Views
1 ACCEPTED SOLUTION

Go to solution
santoshsahoonis
Kilo Guru

‎10-05-2016 05:34 AM

So, after 4 hours of logging and trying 1000 different ways ,   I finally remembered that I had seen some 'Can delete' check box in the Table configuration.




And finally the Tool Tip says it all   :



find_real_file.png



But still I think ServiceNow should show some error message or atleast return 'FALSE' for the GlideRecord's canDelete() Method.


View solution in original post

Preview file
27 KB
4 REPLIES 4

Go to solution
david_legrand
Kilo Sage

‎10-05-2016 05:25 AM

I tried without success, feel free to share bright ideas


cc: ctomasi,


0 Helpfuls

Go to solution
Chuck Tomasi
Tera Patron
In response to david_legrand

‎10-05-2016 05:29 AM

Unfortunately I have nothing at this time and my priorities today do not permit me the time to experiment. Sorry.


0 Helpfuls

Go to solution
santoshsahoonis
Kilo Guru

‎10-05-2016 05:34 AM

So, after 4 hours of logging and trying 1000 different ways ,   I finally remembered that I had seen some 'Can delete' check box in the Table configuration.




And finally the Tool Tip says it all   :



find_real_file.png



But still I think ServiceNow should show some error message or atleast return 'FALSE' for the GlideRecord's canDelete() Method.


Preview file
27 KB

Go to solution
Ben Rowny
Tera Guru

‎07-09-2020 03:50 PM

Hi,

I know this is an old question, but it came up in my search for an answer to the same...

I found that you do NOT have to modify the OOTB sys_attachment Application Access or add a Cross Scope policy.  Instead you can just use the scoped version of GlideSysAttachment:

function deleteAllAttachments(record){
	// Utility function removes all the previous attachments
	// Must use GlideSysAttachment in scope
	var gsa = new GlideSysAttachment();

	var att = new GlideRecord('sys_attachment');
	att.addQuery('table_name',record.getTableName());
	att.addQuery("table_sys_id",record.sys_id);
	att.query();
	while(att.next()){
		gsa.deleteAttachment(att.sys_id);
	}
}

I believe this should also respect whether your current scope can access the table your attachments are attached to, which is important, and keeps security tight on your sys_attachment table.