What are the most optimal solution to show all the records in a list without modifying ACLs?

Rain Vaine
Kilo Sage

Hello experts,

Is there any possible way to show all the records in a list without creating or modifying the existing ACLs?
For example in the sys_attachment table, it also shows records from other table which has corresponding ACLs so some of the records are also not showing.

RainVaine_0-1725416651802.png

RainVaine_1-1725416692913.png

I am thinking of utilizing before query business rule but I am not sure if it is the best practice or if it will work. And if indeed work, will there be any burden on the performance of the instance every time the table is accessed. Any inputs and suggestion is greatly appreciated since I am still green on this topic.

Regards,
Vaine



3 REPLIES 3

AnirudhKumar
Mega Sage
Mega Sage

The only way to show a user all records in a list without touching ACLs is to grant the user admin role ðŸ˜‰

lol, your idea of using a Query BR is not bad... its just hard to nail down.

Imagine this: You'll first have to find out all the ACLs that are trying to hide your records... and for each of those ACLs you'll need to create a Query BR (or combine all those ACL logic into a single Query BR) that will hide the records 'better'...  

 

I don't think Performance gets affected... but you'll have to maintain the logic... it also might come back to bite you in future.

 

I recommend leaving those security messages as they are. If it ain't broken....

Sandeep Rajput
Tera Patron
Tera Patron

@Rain Vaine Query business rules are frequently used to filter data on any table. They can also be used to limit access to specific data. In terms of performance Query BRs are less performant than ACLs. However, judicious use of Query business rule will not have a noticeable impact on the performance. 

 

Please keep following points in consideration while using query BR.

1. Please do not use long/complex GlideRecord queries inside Query BR

2. Avoid Sys ID IN/NOT IN queries with long list of sys_ids

 

Hope this helps.

@Rain Vaine Please mark the response an accepted solution if it addressed your question.