Hi everyone, I'm having an issue with iAccessHandler and ACLs. Whenever a ticket is assigned to a user, this user will be able to add attachments or read existents. If the ticket is not assigned to a user, the user will not be able to read attachments or add new ones to the ticket. I thought this could be caused by an ACL but I have disabled all of them and I still am not able to add or read attachments event if I have Admin role.
I even tried the "Session debug" > "Enable All" tool to understand what was happening and the messages I got are the following:
1) To read:
2) To create:
Do you have an idea of why this is happening?
Hi Victor,
ACL evaluation starts only if iAccessHandler() returns a result of "True" or "Not Evaluated". The IAccessHandler () Result=False as you described above means that it skipped ACL evaluation completely.
There's not much documentation on iAccessHandler, because it's a ServiceNow internal system check using hidden source code on the platform and cannot be accessed or modified by usual means. However, here's more info about it under the "ACL rule output messages" section: ACL debugging tools (servicenow.com)
I assume you are trying to perform the above failed action from a scoped app? If so, you might want to look into if you are missing some important scoped app roles. There is this checkbox in the scope app record:
