what permissions/checks are used to show/hide the Activity Stream Compose component and comments?

tdexter · ‎11-28-2024

Within CSM on the record default page where there is an Activity Stream Compose component and Activity Stream some users I have that I've given access to read `sc_req_item` which are assigned to a specific group and to write 3 fields within sc_req_item if it is assigned to their group are not able to see the compose box (component: Activity Stream Compose) and they cannot see `sc_req_item.comments` within the Activity Stream component - they can only see `field changes` entries.

I have tried giving read/write/create access to the the `sc_req_item.comments` and sc_req_item.work_notes` and many other fields and combinations, even `sc_req_item.*` and in all cases they cannot see the compose box or the comments in the stream.

In UIB there is no additional conditions to show/hide the compose component within the component configuration so I am assuming the underlying code for the component relies on some group/role/permission/ACL in order to determine if it should show the compose box and the comments within the stream. Any ideas what it relies on?

Bert_c1 · ‎11-28-2024

Try using the "Debug Security" module, enable that and test. you will see which ACLs are failing and which parts (hover mouse over the icons) are failing. Search the page for "RC = false".

tdexter · ‎11-28-2024

Thank you - I have done that and all the read/write ACLs associated with the field are passing, yet the component is still hidden. My suspicion is that the actual code of the component (which is not visible/modifiable by us, afaik) is specifically checking for a role, such as `itil` in order to show hide the compose functionality.

tdexter · ‎11-28-2024

* removed duplicate reply *