I searched a bit and couldn't find quite what I was looking for, but I'm sure it's been discussed before. Does anyone know how or if ACL/security is tied in specifically with the ESS view?
I noticed when working with the Self Service application/modules that one of our lists was not showing data in the Requested For column, even though it was showing the records themselves (no security constraint) but then when I clicked into the record, into the form view, I could see the data that was previously missing in the list view. My first thought was ACL's and security debugger to identify which rule was failing.
Once i found it in the debugger, I discovered was failing on the ACL for sc_request/read, specifically with the conditions (2nd column)
I clicked on the link to the ACL to validate the conditions, and by my estimation, (opened by or requested for) I was matching for the impersonated user. I then clicked on the link under conditions that indicated "User not allowed to access table: sc_request". This took me to a list view where I could see the missing data (requested_for) in the list view, filtered to my user as the opened_by or requested_for on the record.
I then compared the URLs from my module link and from the ACL's list view, and noticed that the ESS view was on one (the SS module link), but not the other. I then compared the debugger results with and without the ESS view param on the SS module URL and low and behold, list data was there and the condition check passed when the ESS view was not passed into the URL. (&sysparm_view=ess).
My next steps are to try and replicate the results in my dev sandbox running the same patch level to see if it's something we've done in our instance ACL's, but really, the reason for my post is that I'm just curious to the relationship of the ESS view and security/ACL's.
Thanks,
Daniel
For Requested Item (sc_req_item).
Click in the top of list then Configure -->List layout
Then add your required field from left to right then save.
