Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

UX Page Property works for admin but not for itil

Go to solution
Alon Grod
Tera Expert

‎07-22-2023 09:58 PM

Hi,

I have this UX Page Property:

{
  "contextual": [
    "record",
    "kb_view"
  ],
  "newTabMenu": [
    {
      "label": {
        "translatable": true,
        "message": "New Incident"
      },
      "routeInfo": {
        "route": "record",
        "fields": {
          "table": "incident",
          "sysId": "-1"
        },
        "multiInstField": "sysId"
      },
      "condition": {
        "tableDescription": {
          "table": "incident",
          "canCreate": true
        }
      }
    },
    {
      "label": {
				"translatable": true,
				"message": "New Request"
			},
			"routeInfo": {
				"route": "record",
				"fields": {
					"table": "sc_cat_item",
					"sysId": "-1"
				},
				"multiInstField": "sysId"
			},
			"condition": {
				"tableDescription": {
					"table": "sc_cat_item",
					"canCreate": true
				}
			}
		}
  ],
  "maxMainTabLimit": 10,
  "maxTotalSubTabLimit": 30
}

 

 

 

Screenshot 2023-07-23 at 7.56.02.png

 

 

When Im admin and I click on the '+' sign (next to the Home Tab) from the Service Operation Workspace, I need to choose between to options (which is fine):   

1)New Incident
2) New Request

But when I impersonate to a different user (only with itil role), I dont see the option of 'New Request' and I only have 'New Incident'.  What could be the problem? 

 

Screenshot 2023-07-23 at 7.56.35.png

 

0 Helpfuls
  • 822 Views
1 ACCEPTED SOLUTION

Go to solution
Sandeep Rajput
Tera Patron
Tera Patron

‎07-23-2023 10:33 AM

@Alon Grod The answer to your question lies within the following lines.

"condition": {
				"tableDescription": {
					"table": "sc_cat_item",
					"canCreate": true
				}
			}

The conditions mentioned in the condition section are evaluated against the user role, if we closely look at the write ACL defined on the sc_cat_item we find that user's with roles catalog_editor, catalog_manager, catalog_admin have the permissions to create a new record on the sc_cat_item table. 

 

Since the admin role already contains the catalog_admin role hence they are able to see the 'New Request' option. Whereas the ITIL role doesn't contain the catalog_admin role and hence they can't see this option in operations workspace.

 

In order to prove this assumption, you can simply assign the catalog_admin role to your ITIL user and impersonate using their account, this time you will be able to see the 'New Request' option inside the Service Operations Workspace.

 

Hope this helps.

 

View solution in original post

1 REPLY 1

Go to solution
Sandeep Rajput
Tera Patron
Tera Patron

‎07-23-2023 10:33 AM

@Alon Grod The answer to your question lies within the following lines.

"condition": {
				"tableDescription": {
					"table": "sc_cat_item",
					"canCreate": true
				}
			}

The conditions mentioned in the condition section are evaluated against the user role, if we closely look at the write ACL defined on the sc_cat_item we find that user's with roles catalog_editor, catalog_manager, catalog_admin have the permissions to create a new record on the sc_cat_item table. 

 

Since the admin role already contains the catalog_admin role hence they are able to see the 'New Request' option. Whereas the ITIL role doesn't contain the catalog_admin role and hence they can't see this option in operations workspace.

 

In order to prove this assumption, you can simply assign the catalog_admin role to your ITIL user and impersonate using their account, this time you will be able to see the 'New Request' option inside the Service Operations Workspace.

 

Hope this helps.