Different portal search results between users

Go to solution
eduque
Giga Expert

‎03-16-2017 02:04 PM

Hi everyone, I've been trying to troubleshoot this all morning and can't figure it out. Hopefully you can see how much I've tried to figure it out myself before asking for help, so any helping hand would be wonderful. Since "Debug security" doesn't work with portals, it's been very difficult to identify.

In our Service Portal, when a user searches for a term (in the below example, the term "trash"), they are supposed to see two results, one from a knowledge article and one from a facilities catalog (a service catalog). (FYI, the search widget being used is the homepage search widget, which calls the typeahead search widget)

Correct:

find_real_file.png

I have admin rights, but when I impersonate another user that doesn't have admin rights. all they see is this:

find_real_file.png

You can see that the Service Catalog item disappears from the search result.

Here is some additional information that I've been able to establish in my attempts to debug:

  • If I add "catalog_admin" role to a user, they now get access to both results.
    • If I add the roles that Catalog_admin contains (image_admin, catalog, and user_criteria_admin) but not catalog_admin, they do NOT see the correct results, so the user must have at least the "catalog_admin" role
    • The correct result only appears after I re-impersonate them, eg. I'm impersonating someone, then give them the catalog_admin role, I first have to impersonate someone else, then impersonate the new catalog_admin before I can refresh and see the correct result
  • The catalog that the portal is configured to is the Facilities Catalog, not the default Service Catalog.
    • find_real_file.png
    • If I change the catalog to Service Catalog, then users indeed can successfully search for items in the service catalog, but not the facilities catalog. This shows that users can see the default's catalog items when that's the catalog set, but cannot see facilities catalog items when the facilities catalog is set.
  • I have hundreds of ACLs that start with sc_ and I do not know what combination of which ones are controlling this.
  • I can't seem to find any scripts in the widget that are validating security, but I might be wrong

Help?

Preview file
51 KB
Preview file
109 KB
Preview file
113 KB
0 Helpfuls
  • 1,829 Views
1 ACCEPTED SOLUTION

Go to solution
eduque
Giga Expert

‎03-16-2017 04:11 PM

I figured it out, I ended up going through every ACL that starts with sc_, was active, and was a read operation. Anything that had the role "catalog_admin" i changed to public, one at a time. It finally started working on the last one I changed over, which then meant it could have been any combination of the ones I turned on. So I turned each one off one by one to make sure it still worked.



Here is the culprit:


sc_cat_item_producer [read]



change catalog_admin to public or something and it'll work.



I'm going to take a nice long nap now.


View solution in original post

6 REPLIES 6

Go to solution
Rushit Patel2
Tera Guru
In response to Rushit Patel2

‎03-16-2017 04:09 PM

also line 13,14,15 which checks for a particular catalog selected in portal record only. if you selected service catalog then it might not work


Go to solution
eduque
Giga Expert

‎03-16-2017 04:11 PM

I figured it out, I ended up going through every ACL that starts with sc_, was active, and was a read operation. Anything that had the role "catalog_admin" i changed to public, one at a time. It finally started working on the last one I changed over, which then meant it could have been any combination of the ones I turned on. So I turned each one off one by one to make sure it still worked.



Here is the culprit:


sc_cat_item_producer [read]



change catalog_admin to public or something and it'll work.



I'm going to take a nice long nap now.