COE Security Policy - HR Admin Access

RW-43
Tera Contributor

3 weeks ago

When viewing a COE Security Policy record, users with the sn_hr_core.admin role aren't able to see or set the value of the COE field, which is just a list of hr case tables.

 

They also don't have the "Insert a new row..." option to add a new group to the policy, though they do have create access to the sn_hr_core_m2m_security_policy_group table.

 

RW43_0-1776278936881.png

 

Thought it might be a scoping issue, as my impersonation testing shows the same issue when I impersonate an HR admin user while under Global, and shows the correct behavior on the form when I impersonate an HR admin while under Human Resources: Core. 

0 Helpfuls
  • 784 Views
4 REPLIES 4

abirakundu23
Giga Sage

3 weeks ago

Hi @RW-43 ,

Please clear the system cache and check if any Restricted Caller Access records have been generated that might be blocking this.

If the user has the sn_hr_core.admin role and is operating within the Human Resource Core application scope, this issue should not occur.



Please mark helpful & correct answer if it's worthy for you.

0 Helpfuls

Tanushree Maiti
Kilo Patron

3 weeks ago

Hi @RW-43 

 

1. Ensure the HR Admin changes their application scope to Human Resources: Core before opening the COE Security Policy

2.  Check read/ write ACL on  sn_hr_core_case table  .Ensure sn_hr_core.admin has access.  //refer: COE policy 

3. Ensure user is part of Assignment group and that is added on the COE Security policy. Group has proper role (sn_hr_core.case_reader) or role as per your requirement

4. Make sure that List Edit is turned on for this user in the corresponding list.

To do this, open the list directly while impersonating the user.

Try to personalize the list and at the bottom of the popup that shows up, select the checkbox for Enable List edit and save it. //refer: KB0781564 Insert new row option not showing up in embedded list for one user 

3. Try in Incognito window / private browser

4. if still not solved , refer this

 KB2494873 HRSD Admins unable to view certain cases after Yokohama upgrade 

KB2671800 HR COE security read access behavior 

 

You can read nice blog on it :

HR Security Evaluation: ACL's and COE Security Policies

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Tanushree Maiti
Kilo Patron

3 weeks ago

Hi @RW-43 

 

Hi  

 

1. Ensure the HR Admin changes their application scope to Human Resources: Core before opening the COE Security Policy

2.  Check read/ write ACL on  sn_hr_core_case table  .Ensure sn_hr_core.admin has access.  //refer: COE policy 

3. Ensure user is part of Assignment group and that is added on the COE Security policy. Group has proper role (sn_hr_core.case_reader) or role as per your requirement

4. Make sure that List Edit is turned on for this user in the corresponding list.

To do this, open the list directly while impersonating the user.

Try to personalize the list and at the bottom of the popup that shows up, select the checkbox for Enable List edit and save it. //refer: KB0781564 Insert new row option not showing up in embedded list for one user 

3. Try in Incognito window / private browser

4. if still not solved , refer this

 KB2494873 HRSD Admins unable to view certain cases after Yokohama upgrade 

KB2671800 HR COE security read access behavior 

 

You can read nice blog on it :

HR Security Evaluation: ACL's and COE Security Policies

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Sabrina Ethridg
ServiceNow Employee

2 weeks ago - last edited 2 weeks ago

You need both the admin and hr admin roles
https://www.servicenow.com/docs/r/employee-service-management/hr-service-delivery/configure-hr-coe-s...

 

 

0 Helpfuls