GlideRecordSecure not working in scoped widget
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2019 08:33 AM
Our team built a scoped widget, but can't seem to get GlideRecordSecure to work. When we cloned the widget into the Global application however, it works just fine. Does GlideRecordSecure not work in scoped applications/widgets?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2019 08:47 AM
I just ran a quick check in my personal instance and it seems to be working fine in different application scopes. I did notice that it had to add a cross-scope privilege for the table I was querying for the application to have read access to it. Have you checked your cross-scope privileges to make sure that's set up?
If you need to, you can force a cross-scope privilege to be added by running a background script like this one in your scoped application scope:
(function() {
var tableToQuery = 'incident'; // Set this to your table
var gr = new GlideRecordSecure(tableToQuery);
gr.orderByDesc('sys_created_on');
gr.setLimit(1);
gr.query();
if (gr.next()) {
gs.info('Able to read table {0}', tableToQuery);
}
})();Other than that, this might be a dumb question, but are you trying to use GlideRecordSecure in your server-side script or in client-side code?
Hope this helps,
--Dennis R
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2019 08:58 AM
Hey Dennis, I'm trying to run it on the server script of the widget. As for the cross-scope privileges, how did you get that to work? Looking at the form, what is the Target Scope and Target Name? Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2019 11:57 AM
This is the info on the cross-scope privilege record [sys_scope_privilege] I have:
Source Scope [source_scope]: <Your application scope name>
Target Scope [target_scope]: Global
Target Name [target_name]: <Table in global scope you're trying to access>
Target Type [target_type]: Table
Application [sys_scope]: <Your application scope name>
Operation [operation]: Read
Status [status]: Allowed
You may have to tweak some values depending on what you're trying to do. For example, if you need to be able to read, write, and create new records in a table in the global scope, create three cross-scope privilege records, one each with the operation Read, Write, and Create.
Or if you just want to have ServiceNow do it for you, make sure you're working in your application's scope (probably easiest by picking your application in the scope-picker control at the top of the console window, enabled in the developer settings), and run a background script doing the operations you want access to. For example, when I was in a scoped application's application scope and ran the script I posted above as a background script, I got the following message:
Security restricted: Read operation on table 'incident' from scope 'Calendar' was granted and added to 'Calendar' cross scope privileges(My application scope is called "Calendar" and the script above accesses the Incident [incident] table from that scope.) Not only did it create the cross-scope privilege for me, but it put it in an update record in my active update set.
Hope this helps,
--Dennis R
