- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-08-2025 05:26 AM
Can someone help me with the minimum role needed to create a new remediation task from Issue record related list: "Remediation tasks". For admins, New button is displayed there. I want it to be enabled for Action Plan Owners as well.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-08-2025 05:33 AM - edited 04-08-2025 05:37 AM
That's the sn_grc_task table. If you look at the "create" ACLs for that table, OOTB people with sn_grc.business_user and sn_grc.manager roles can create them, if the script also evaluates to true. The script is true if:
the user has the sn_grc.user role OR
the user has the sn_grc.business_user role or sn_grc.business_user_lite role AND
the parent is not undefined and the parent is assigned to the current user OR
the parent is not undefined and the paren'ts class is sn_grc_issue OR
the user is the current issue's assigned_to
You may have added ACLs or changed the OOTB one in your environment, so you will have to check the ACLs in your instance to be sure it's the same.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-08-2025 05:33 AM - edited 04-08-2025 05:37 AM
That's the sn_grc_task table. If you look at the "create" ACLs for that table, OOTB people with sn_grc.business_user and sn_grc.manager roles can create them, if the script also evaluates to true. The script is true if:
the user has the sn_grc.user role OR
the user has the sn_grc.business_user role or sn_grc.business_user_lite role AND
the parent is not undefined and the parent is assigned to the current user OR
the parent is not undefined and the paren'ts class is sn_grc_issue OR
the user is the current issue's assigned_to
You may have added ACLs or changed the OOTB one in your environment, so you will have to check the ACLs in your instance to be sure it's the same.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2025 11:32 PM
Thanks. But on clicking the new button fields are read-only for users with sn_grc.manager role.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2025 05:10 AM
Then you need to look at the field ACLs (sn_grc_task.*). You may have one that's restricting access to fields that this user doesn't meet the criteria for.
