Is there an ACL or system property that allows external users to put attachments to catalog items?

CatchTheFletch · ‎06-12-2023

I found what I thought would be the answer in the system properties -> security page but after adding snc_external I'm still having issues. The only other role under "List of roles that can create attachments" is public. Any kind of direction on this would be appreciated. Right now when an external user attempts to attach something to submit a form it pulls up their computer browse option but then doesn't actually attach any file when selected.

iap · ‎02-01-2024

Hi,

Were you able to find a solution or workaround for this? I'm facing the same issue and still no luck...

Kind regards,

Irene

CatchTheFletch · ‎02-01-2024

Our issue was specific to our vendor portal within servicenow. Our issue stemmed from not being able to attach when impersonating it turns out and oddly would work if you signed into a test account. It's been a while since looking at this but checked my support case I opened up and they summed it up with there is no workaround because it's by design and recommended submitting an idea.

I know that doesn't solve your problem but test with a local user and open a support case. It took support a while to even be able to replicate the issue because it's so weird or maybe someone else has found the answer since I submitted this.

iap · ‎02-01-2024

Thank you so much for the quick reply!

Unfortunately I have been testing with the user and password of a snc_external user (not impersonating), and I'm getting the same attempt to attach, but nothing actually appears on the form.

I have been browsing the community and testing changing properties, checking ACLs and the most progress has been getting the attachment record to be inserted on sys_attachment, but it still doesn't appear on the attachment variable... which is mandatory.

I will continue to investigate, and report if there is any further progress.

Once again, thank you!

iap · ‎02-01-2024

Ok, so at least in my case it was needed to modify the read and create ACLs on sys_attachment to:

1) Include the snc_external role

2) The script was checking if the source_table of the attachment was sc_cart_item, but the attachments are temporarily associated to ZZ_YYsc_cart_item until they are submitted, so I adapted the "if" to check when the source_table value matches any of the two.

Amit Gujarathi · ‎06-12-2023

HI @CatchTheFletch ,
I trust you are doing great.

To address the issue you're experiencing with attaching files in ServiceNow, we need to adjust the system properties related to security settings. Follow the steps below:

Log in to your ServiceNow instance with administrative privileges.
Go to the "System Properties" section. You can find it by navigating to "System Definition" -> "System Properties."
Look for the "Security" category and locate the "List of roles that can create attachments" property.
By default, the only role specified is "public." This means that only users with the "public" role can attach files.
To allow external users to attach files, we need to add the "snc_external" role to the list of roles.
Edit the "List of roles that can create attachments" property and add "snc_external" to the existing value, separating each role with a comma.
Save the changes.

Was this answer helpful?

Please consider marking it correct or helpful.

Your feedback helps us improve!

Thank you!

Regards,

Amit Gujrathi