Ability to See RITM Details for an Approval on Employee Center

terrieb
Tera Guru

‎06-03-2024 10:40 AM

So before Tokyo, and on the old Service Portal, if a RITM had an approval, and the approval goes to someone outside without an itil role, they were able to approve from the Service Portal.

 

Now that we are on Washington, DC release and using the Employee Center portal (not Pro version), while the same people can approve on the Portal, they cannot see the details.  They need to see the variables to determine who is requesting the item and justification, etc... before they can approve.

 

This is the RITM view (internal itil view)

terrieb_0-1717436158259.png

 

This is the Employee Center View:

terrieb_1-1717436181270.png

Even though they have the approver role, and the "Additional Details" tab is there, they cannot see the two variables as they did previously on the old Service Portal.

 

Our work around for now is that they access the Service Portal and approve there but that is strictly a work around.  We need to be able to fix this on the Employee Portal so they can see everything.

 

Below is what they "saw" before..

terrieb_2-1717436418298.png

Thank you!

0 Helpfuls
  • 2,241 Views
11 REPLIES 11

Devon Bennett
Tera Contributor
In response to terrieb

‎06-05-2024 07:19 AM

You shouldn't need to give ITIL we didn't give our users ITIL and this works for us.  But that the tabs work with a higher role helps narrow down where you are having an issue.  This indicates that the widgets and the tabs are working.  I would check the Access Controls on the RITM table to make sure that approvers have read access to the variables.  

KBKennedy
Tera Contributor

‎08-27-2024 07:08 PM

Did you end up solving this issue? I'm having the same issue and haven't found an answer yet. 

 

I noticed that even though a user has the "approver_user" role, they cannot view the RITM details on the ESC approval. However, if that same user views the approval record from the backend, they can see the RITM details just fine.

 

Using the security debugger, I was able to see that the OOB ACL for approvers having read access to a RITM returns TRUE on the backend but returns FALSE when viewing from the ESC. The script below is what is being called in the ACL.

0 Helpfuls

Thao Nguyen1
Tera Contributor
In response to KBKennedy

‎09-25-2024 07:49 AM

Hi KBkennedy, 

did you solve the Problem? We also have the same issue.

0 Helpfuls

KBKennedy
Tera Contributor
In response to Thao Nguyen1

‎09-25-2024 08:05 AM

I have not solved the problem yet. I spun up a PDI and had the same behavior. The OOB ACL to let an approver view RITM details that they are approving doesn't work when viewing on the ESC. Looking at the code in the ApproverUtils script include, it seems like this is by design, but I don't quite understand the script enough to know how to adjust it. It does not meet any of the conditions of the 3 IF statements.

canApproversRead: function() {
        var transaction = GlideTransaction.get();
        var targetRecord = JSUtil.notNil(transaction) ? transaction.getRequestParameter("sysparm_record_target") : null;
        var result = false;

        if (typeof g_approval_form_request != "undefined" && g_approval_form_request == true) {
            result = true;
        } else if (targetRecord != null && targetRecord == "sysapproval_approver" && targetRecord != current.getTableName()) {
            var target = new GlideRecord(targetRecord);
            if (target.get(transaction.getRequestParameter("sys_id")) && target.canRead())
                result = true;
        } else if (targetRecord == current.getTableName() || transaction.getRequestParameter("sys_popup_direct")) {
            var sourceTable = transaction.getRequestParameter("sys_popup_direct") ? transaction.getRequestParameter("sysparm_table_name") : targetRecord;
            result = this.verify(sourceTable, current.getUniqueValue(), gs.getUserID());
        }

        return result;

 

I even tried making a new ACL (record, read, sc_req_item) with just the below script, and deactivating the OOB ACL, but that wasn't working either. That really confused me since it is a very straightforward script and works as intended if you provide a RITM sys_id and run this in Scripts - Background. ACL still returns false though. 

//answer = new ApproverUtils().canApproversRead();
var approval = new GlideRecord('sysapproval_approver');
approval.addQuery('approver', gs.getUserID);
approval.addQuery('sysapproval', current.sys_id);
approval.query();
if (approval.next()) {
    answer = true;
} else {
	answer = false;
}

For now, we are just having users approve/reject via email. Most tend to do that anyways and there isn't a problem printing the information to the notification. We just recently wanted to add Approvals to our My Tasks page, but it isn't helpful if users can't see what they are approving.

0 Helpfuls

x_tbm
Tera Contributor

‎05-06-2025 02:40 AM

We are facing the same problem. Any updates at this point?

0 Helpfuls