Hi
I'm trying to add required roles to an ACL in Studio, but the system won't allow me to do it.
Without elevating my role to include security the entire ACL is read-only, as expected. When I elevate my account, I can edit the ACL and I have the option to insert another role in the Required Roles. But when I try to do this I get a message that "Security prevents writing to this field"
Another thread suggested turning on security debugging, which I did. However, with debugging turned on there's no option to add new roles even though my permissions are still elevated:
There are also no red entries in the debug log to indicate a security issue.
Is this a bug?
How can I achieve the same thing directly in the system tables?
BTW I have tried both Chrome and Firefox and cleared all session data and cookies to rule out browser issues.
Regards
David
Hi David,
I think I understand now your original problem. It was a misunderstanding. I suppose that you clicked on the first column (Created by [sys_created_by]), where nobody has write permission by default. You should click on the second column to insert the Role:
One can modify default ACL (*.sys_created_by) for Created by [sys_created_by] column
but it's not recommended, or you can add new write ACL on sys_security_acl_role.sys_created_by (which is not recommended too).
If you find comfortable to display Created by [sys_created_by] in Requires role list then you can add it as the second column (after the Role). It will provide probably less misunderstandings.
By the way, even if you would click in the first column (on "Insert new row.." text) then you will get the following picture:
where the line with existing ACL and the column headers are not gray. If you compare the last picture with the picture, which you posted in your question you will see that your picture was done with disabled Elevated Roles.
Regards
Oleg
