You do not have permission to see this catalog

TStark
Kilo Sage

I'm having user permissions issues with a Service Portal widget. As administrator I can access the widget on the portal no problem, but for any other user they receive the error: "You do not have permission to see this catalog".  This error message is generated from the Server script and I've done several trial & errors to make sure every other part of the portal is accessible to the same users. Below is the Server Script. Any insight is much appreciated.

 

(function() {

    data.category_id = $sp.getParameter("category_id");
    var page = options.link_target_page;
    
    if (data.category_id) {
        // Does user have permission to see this category?
        var categoryId = '' + data.category_id;
        var categoryJS = new sn_sc.CatCategory(categoryId);
        if (!categoryJS.canView()) {
            data.error = gs.getMessage("You do not have permission to see this category");
            return;
        }
    }
    // No category_id provided - at the root of the Service Catalog
    // So we'll show all top level categories for this catalog
    else {
        data.catalog_id = $sp.getParameter("sys_id") || $sp.getValue('sc_catalog');
        // Does user have permission to see this catalog?
        if (!$sp.canReadRecord("sc_catalog", data.catalog_id)) {
            data.error = "You do not have permission to see this catalog ";
            return;
        }
    }
    
    if (data.category_id) {
        var currentCategory = new GlideRecord('sc_category');
        if (currentCategory.get(data.category_id)) {
            data.category_title = currentCategory.title.toString();
            data.category_desc = currentCategory.description.toString();
        }
    }
    
    var items = data.items = [];
    var cat = new GlideRecord('sc_category');
    if (data.category_id) {
        cat.addQuery('parent',data.category_id);
    }
    else {
        cat.addQuery('sc_catalog',data.catalog_id)
        cat.addEncodedQuery('parentISEMPTY');
    }
    cat.addQuery('active','true');
    cat.orderBy('title');
    cat.query();
    while (cat.next()) {
        
        // Does user have permission to see this category?
        var catId = '' + cat.sys_id;
        var catJS = new sn_sc.CatCategory(catId);
        if (!catJS.canView()) {
            continue;
        }
        
        var item = {};
        $sp.getRecordDisplayValues(item, cat, 'title,description,homepage_image,sys_id');
        item.sys_class_name = cat.sys_class_name + "";
        item.page = page;
        items.push(item);
        
    }
})()

 

 

1 ACCEPTED SOLUTION

I figured it out. At first I didn't know exactly what to comment out, but with more trial & error I was able to get it working by commenting out the specific code as display in the screenshot below. Thanks for your assistance on this Pranesh.

 

find_real_file.png

View solution in original post

17 REPLIES 17

Pranesh072
Mega Sage
Mega Sage

check for the user criteria on catalog item

find_real_file.png 

That was the first thing I checked. Not the issue. Thanks for your reply though. I ruled out other factors to the point where if I removed this widget I have no problem. We have two portals with totally separate Catalogs, Categories, Catalog Items...if I apply this widget to the other portal I get the same error.

Thanks,
AJ

i think so, you are getting error due this statement and dont have access to catalog.

 

 data.catalog_id = $sp.getParameter("sys_id") || $sp.getValue('sc_catalog');
        // Does user have permission to see this catalog?
        if (!$sp.canReadRecord("sc_catalog", data.catalog_id)) {
            data.error = "You do not have permission to see this catalog ";
            return;
        }

Hi Pranesh. I'm aware of this, but I don't know how to modify it so that everyone within my organization can see this widget upon login. Right now thats not the case. Only those with admin role can.

Thanks,
AJ