User cannot download the attachment from the record producer

DeepikaM
Tera Contributor

Hi Team,

 

I'm working on the record producer which create the HR case. I have added attachment to the record producer, where attachment will be present in sys_attachment table. I have created rich text variable and added URL of the attachment. Form consists of attachment link where user can download the attachment. But only admin user able to download the attachment, snc_internal role user cannot download the attachment. Please provide the solution.

 

I would also like to know alternative ways to attach the attachments based on respective category and subcategory selection, so that user can download an attachment without any access issue.

 

 

@GauravBajaj @Jessica Chen @Marco Nappo_ 

4 REPLIES 4

Quang
Tera Contributor

Following OOB, we will have an ACL with snc_internal role that allows user to read records in sys_attachment table. Based on your information, I assume this OOB ACL has already deactivated or does not exists in your instance. You can verify the existing ACL in the sys_attachment table and locate the appropriate ACL to allow users to download the attachments. You can able to add new ACL to adapt with this requirement, but you must check/confirm with SA to avoid the security risks before proceeding.

DeepikaM
Tera Contributor

Hi @Quang ,

Thank you for the reply

Firstly I see there is no ACL on sys_attachment table for Human Resource:Core application scope. This means that I have to create the new ACL. I would like to know regarding the following queries:

  • If I grant read access to sys_attachment table specifically in Human Resource:Core application scope, won't it be security issues.
  • If yes, how can I grant access to the particular attachment.

Oya Orhan
Giga Guru

 Hi @DeepikaM ,

Creating a knowledge article an giving its link would be another option. 

 

If my post helped you, please click the accept solution button and hit the thumbs up! Thank you!

Oya

siraj5
Tera Contributor

Hi

please check is there any ACL  activated for snc_internal role that allow user to read records in sys_attachment table and also check the current user is added to Users/ Role list of Record producer. if required add new ACL to achieve the Requirement. 

Thanks!