Issue with Read ACL

Go to solution
davilu
Mega Sage

‎04-28-2022 02:35 PM

Our team is trying to implement a Read ACL rule for a new role (sn_hr_core.rh_operations_user) on the Workforce Admin Case table.  Users with this role should be able to view (and eventually update) the record.  We understand we will need another Write ACL, but wanted to get the Read one working first.  

Below is a screenshot of our ACL, seems pretty standard.  User must have that role and the case must be flagged as a specific case:

find_real_file.png

The count of 2 records is correct, however when we log in with our fictitious user who has that role and access the portal, he cannot see any of the records.  

find_real_file.png

Any thoughts or suggestions?  Thanks!

Preview file
177 KB
Preview file
26 KB
0 Helpfuls
  • 1,581 Views
1 ACCEPTED SOLUTION

Go to solution
Jan Cernocky
Tera Guru
In response to davilu

‎04-29-2022 07:36 AM

Can you check whether there is a BR rule where query = true that is assigned to this table?

E.g. for incident there is rule that only shows incidents to specific roles. So if you want to add read rules you also need to add the role to this BR, seems there might be something similar to your table

find_real_file.png

View solution in original post

Preview file
57 KB
5 REPLIES 5

Go to solution
Jan Cernocky
Tera Guru

‎04-28-2022 03:01 PM

You need one more ACL with table.* settings

So in your case that would be Workforce Admin Case table and * in the second column.

Also add the role and the condition

0 Helpfuls

Go to solution
davilu
Mega Sage
In response to Jan Cernocky

‎04-29-2022 06:25 AM

Thanks Jan!  I tried that but it still doesn't show:

find_real_file.png

With both ACLs active, it's still not showing the table in portal:

find_real_file.png

Preview file
26 KB
Preview file
18 KB
0 Helpfuls

Go to solution
Jan Cernocky
Tera Guru
In response to davilu

‎04-29-2022 07:36 AM

Can you check whether there is a BR rule where query = true that is assigned to this table?

E.g. for incident there is rule that only shows incidents to specific roles. So if you want to add read rules you also need to add the role to this BR, seems there might be something similar to your table

find_real_file.png

Preview file
57 KB

Go to solution
davilu
Mega Sage
In response to Jan Cernocky

‎04-29-2022 01:35 PM

Yesss thanks!  there was indeed a query business rule that requires case_reader role.  Thanks for pointing me to the right direction!

One last question, in order for a user with that role to read the record, is it necessary to have the workforce_case.* ACL as well? I thought the * would allow the user to read every field in the record.  If we just wanted the user to be able to see the record in a list, do we need that?  Just want to be sure I understand how ACLs work.  Thanks again!

 

0 Helpfuls