Employee Center Header Widget Invalidating Restricted Caller Access Records

jasonkist
Giga Guru

‎07-22-2022 09:36 AM

We've built a new Employee Center portal and cloned the Header|Footer to a new widget. When trying to write a simple gs.addInfoMessage("Arf " + data.top.menu) after line 59 in the server script, the portal throws error messages.

find_real_file.png

These 3 Restricted Caller Access Privileges become invalidated. 

find_real_file.png

After setting them back to 'Allow", the portal works again. Does anyone know what could be triggering this?

Preview file
159 KB
Preview file
34 KB
0 Helpfuls
  • 948 Views
5 REPLIES 5

RaghavSh
Kilo Patron

‎07-22-2022 09:56 AM

This is expected any code change made on the employee center header, we need to set few caller access to allowed again.

This maybe 3 in your case, it could me more if you have other scoped widgets on the page.

Pleas mark th answer helpful/correct, if this helps.


Raghav
MVP 2023
0 Helpfuls

Rob Sestito
Mega Sage

‎07-25-2022 06:49 AM

Hello,

As Raghav said, this is completely normal with EC changes. You will run into this more times - I ran into these as well during my implementation upgrade to EC portal. You just need to continue going to the restricted access area and allow the ones that need to be allowed.

Even now as I make changes we want down the road, I have to allow the access again.

It will keep happening as we use widgets in different scopes on the EC page.

Cheers,

-Rob

jasonkist
Giga Guru
In response to Rob Sestito

‎07-26-2022 06:39 AM

Under normal development, I can find these RCA's per the error and reset them as needed. My issue that I have a header widget in the Employee Center scope and when I put a statement such as gs.addInfoMessage("arf") in the server script, it causes those RCA's to change from allowed to invalidated consistently.

0 Helpfuls

Susan Britt
Mega Sage
Mega Sage
In response to jasonkist

‎07-27-2022 05:14 AM

This is normal as the others mentioned.  The scoped applications are separated for a reason, so you can control what access, if any, they have to/from other scopes.  When you make changes to the code of something that was previously allowed, you need to re-validate that being able to still access the other scope/record.  ServiceNow is not looking at what changes you made (e.g., just added an info message), it is seeing if it's changed any.  It is your responsibility to maintain the integrity of the scopes and their security.  It should become a normal practice now to always check the RCA records after update sets, changes, and even application/plugin installs and updates.