Incident Metric Report: "Security constraints prevent access to requested page" for Metric Admin, ITIL, and ITIL Admin role users

jhill1 · ‎07-07-2016

When running an Incident Metric Report that shows re-resolved incidents (Resolved_By has been updated) in a bar graph, grouped by user, users are getting:

"Security constraints prevent access to requested page"

but only when they try to double-click the bar graph on the report, to drill-down to the list of incidents. They can run the report, but trying to see the details of the results get this warning.

I've opened up all the ACLs for read access for the roles, and I am not showing any Red "X"es in the Security Debugger.

Is there any way to see what exactly is restricted?

Admin, of course, works.

Thanks to all!

J

jhill1 · ‎07-08-2016

I figured it out... after a lot of "fun" ACL shenanigans:

I created twelve seperate create, read, write, and report_on ACLs for:

incident_metric_list (ui_page)
incident_metric.* (record)
incident_metric (record)

while with each one, putting the roles that I want to have access in "the Requires role" list inside each ACL.

Works like a charm.

Thanks to everyone's input and for encouraging me to stick with the ACLs as the issue, even though I was getting all Green Xes in the security debug.

J

View solution in original post

jhill1 · ‎07-08-2016

I figured it out... after a lot of "fun" ACL shenanigans:

I created twelve seperate create, read, write, and report_on ACLs for:

incident_metric_list (ui_page)
incident_metric.* (record)
incident_metric (record)

while with each one, putting the roles that I want to have access in "the Requires role" list inside each ACL.

Works like a charm.

Thanks to everyone's input and for encouraging me to stick with the ACLs as the issue, even though I was getting all Green Xes in the security debug.

J

jhill1 · ‎07-08-2016

And, oh yeah... I removed the ITIL role from them all, just to tighten up security around it.

gtk · ‎11-02-2017

i gave 12 acl (create, read and write) but while trying to use fields i am getting this

please help

Community Alums · ‎03-13-2019

May be it is too late, but you will also need to provide proper ACLs on the metric definition and metric instance tables as well

VShine · ‎08-25-2020

I have created a database view & metric definition. Using that (duration to assignment group) for reporting. Everyone other than Admins getting "Security Concern" error while trying to access the report.

All database view ,Report & metric is in HR scope.

In Security debugger, I see this error:

Can someone help me please!