GlideRecordSecure cannot update HTML field on custom table, but GlideRecord works

Ganesh Prasad C
Tera Contributor

3 weeks ago

Hi Community,

We are trying to update an HTML field on a custom table using a script include.

When we use GlideRecord, the update works as expected.
However, when we switch to GlideRecordSecure, the update does not work.

What we have already checked/tried:

  • Verified ACLs (read/write) on the table and the HTML field

  • Ensured the integration user has the required roles

  • Added the integration user to the Conditional Script Writer group

  • Verified custom application cross-scope privileges

Despite this, the update only works with GlideRecord and fails with GlideRecordSecure.

This behavior started after our instance was upgraded to the Zurich release. Prior to the upgrade, the same logic was working as expected.

Any guidance would be appreciated.

Thanks in advance!

0 Helpfuls
  • 943 Views
13 REPLIES 13

Ganesh Prasad C
Tera Contributor
In response to Ankur Bawiskar

3 weeks ago

@Ankur Bawiskar 
After the attachment is downloaded and created in the attachment table, our Script Include is supposed to update the src to point to that attachment record, but that update isn’t happening.

GaneshPrasadC_0-1769700917715.png

 

0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Ganesh Prasad C

3 weeks ago

@Ganesh Prasad C 

since you are using attachment and want to show that in HTML, you should set it like this using src attribute and give correct attachment record sysId

Then it will work, you are using wrong src attribute in image tag

<img src="/sys_attachment.do?sys_id=8eee2320c3bef6105b9c7fedd401318c" alt="" width="417" height="271" data-library="false">

 

AnkurBawiskar_0-1769704505090.png

 

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Ganesh Prasad C
Tera Contributor
In response to Ankur Bawiskar

3 weeks ago

@Ankur Bawiskar 

We already have a Business Rule in place that runs after the attachment is created and updates the HTML field to point to the correct attachment record. 

To simplify the issue: the update logic is executing under the 'system ' user context, and that’s where the behavior changes. As a result, the BR runs but the src update never persists. 

For example, running the following is showing the below logs:

var findingInstanceGR = new GlideRecordSecure('finding_instance_table');
findingInstanceGR.get('<record_sys_id>');

gs.info("Testing canWrite (record): " + findingInstanceGR.canWrite()); // logs true
gs.info("Testing canWrite (field): " + findingInstanceGR['description'].canWrite()); // logs false

findingInstanceGR.setValue('description', 'test'); // no-operation
findingInstanceGR.update();

0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Ganesh Prasad C

3 weeks ago

@Ganesh Prasad C 

then it means it's an access issue.

See if something changed in Zurich release or raise a case with ServiceNow

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls