Read access to sys_users table

Go to solution
MWright1
Giga Guru

‎06-20-2022 09:55 AM

Is it possible to give anyone with the role "snc_internal" access to read/view (not edit) sys_user table?  I need this so my catalog item would work...  there is a variable in the catalog item that references that table and right now it is coming up blank.

I do not want them to be able to edit anything... just read.

Where can I change this?

Thanks,

M

 

 

Labels:
0 Helpfuls
  • 2,582 Views
1 ACCEPTED SOLUTION

Go to solution
Allen Andreas
Administrator
Administrator
In response to MWright1

‎06-20-2022 10:59 AM

Hi,

There is a query business rule on the sys_user table, out of box, that limits the ability to see inactive users. You'd need to adjust this to ignore people with your custom role. So navigate to: System Definition > Business Rules. Then filter for the business rule named "user query" and then you'll see it.

If you don't mind, definitely give all the details as best you can in your original post (example condition filters, screenshots, etc.). as you can see, this changes what we'd reply with.

So in the condition in that query business rule on the sys_user table, you'd want to change it around to something like:

gs.getSession().isInteractive() && !(gs.hasRole("admin") || gs.hasRole("user_admin") || gs.hasRole("custom_role_here"))

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

0 Helpfuls
7 REPLIES 7

Go to solution
Steveanner
Tera Contributor

‎06-20-2022 10:00 AM

Create read acl on sys_user table and map snc_internal or update existing read acl by adding role to get the access .

0 Helpfuls

Go to solution
Jaspal Singh
Mega Patron
Mega Patron

‎06-20-2022 10:02 AM

Hi,

Ideally it should show up all users except for inactive ones. There exists an OOB Query BR on user table named: user query that limits only active users.

If you need to show inactive users as well then you need to modify the Query BR as said above.

Go to solution
MWright1
Giga Guru
In response to Jaspal Singh

‎06-20-2022 10:38 AM

That is exactly what I am looking for - inactive users.  Thanks.

0 Helpfuls

Go to solution
MWright1
Giga Guru
In response to Jaspal Singh

‎06-20-2022 10:41 AM

Stupid question... what is Query BR?  and where can I change this?  I only want certain roles to have access to the inactive users.  Is this possible?

0 Helpfuls