Group By field(custom field) throws "Insufficient access for query_range" for client user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 hours ago
Hi All,
I am investigating a reporting issue after a recent ServiceNow upgrade.
Scenario:
Report is built on cmdb_ci.
Report uses Group By = Resource Group (custom field).
For some users (including admins), the report works correctly.
For one specific user, the report fails with an error similar to:
Insufficient access for 'query_range'
If I remove the Group By and set Group By = None, the same user can see all report data successfully.
Observations:
User has access to the underlying records because the data is visible when grouping is removed.
The issue occurs only when ServiceNow performs the grouping/aggregation on the Resource Group field.
No field-level ACL exists on the custom Resource Group field.
The field values are visible in list view for the affected user.
Questions:
Has anyone seen query_range errors affecting reports that use Group By?
Does report grouping internally trigger query_range ACL evaluation?
Were there any upgrade changes related to query_match / query_range ACL enforcement that could impact report aggregations?
What is the best way to troubleshoot which ACL is blocking the aggregation for the affected user?
Any guidance would be appreciated.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Query_range error is very common.
For it you dont need to remove group by.
Fix: In error , table_name.field_name is printed.
You need to create a custom query_range Access Control List (ACL) rule for the affected field.
- Navigate to System Security > Access Control in your ServiceNow instance.
- Click New to create a new ACL.
- Set the configuration as follows:
- Type: record
- Operation: query_range
- Name: <your table name > and select <your field name> from the field dropdown.
- Roles: Add the roles required by users who need to execute this filter.
- Save the ACL
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti