Admin Override is not working after recent patch upgrade
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-17-2026 09:38 AM
After the recent patch upgrade to Zurich patch 5, we have noticed that Admins have lost access to update time zone on user record(sys_user).
We have a Write ACL, where we only allow the user to edit their own time zone and nobody else can edit it.
This ACL has Admin Override enabled, and this was working perfectly fine until last week and after patch 5 its broken.
I checked there is no other ACL on this field and when I deactivate the only ACL, it works fine. As a work around I have added the gs.hasRole("admin") condition in the script, and this works as expected.
Gone through patch 5 release notes and couldn't find anything related to this, is there anything that I am missing? any property that controls this or anything else?
I have also checked other admin override ACLs and that work fine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello.
I am facing the same issue on our client's instances.
All instances that were updated to Zurich have this problem.
The only instance working as intended is TEMP, because it is still on Yokohama... I did not find the cause yet or what happened after upgrade to Zurich.
I will get back to you if I find anything useful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
I'm curious have you tried using access analyzer with an admin account and picking that sys_user table and time zone field?
Also is this system property glide.security.admin.override.accessterm set to true?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi Brian.
Access analyzer => good point, i am going to try that. thank you
The sys_property "glide.security.admin.override.accessterm" is not set on customer's instance at all.
But if this would be the reason or cause, I would expect issues also on other fields where "admin overrides" feature is used (which is on most ACLs). But this not the case, and we see it (so far) only on this field...
+ important note is that there is just single field level ACL used. There is not mix of set up in case here would be 2 ACLs on one time_zone field where first ACL would have admin overrides set to TRUE and the second to FALSE.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Access analyzer results => no matter if the ACL is set as Admin overrides TRUE or FALSE, the analyzer always says that the "Admin override" feature is not applied.
We'll discuss internally if we set up the system property "glide.security.admin.override.accessterm" or not. I've noticed on PDI that once it is in the system, it cannot be changed (to false) or even deleted. But this might be only because it is PDI environment...I am not sure
I assume the missing property could be the cause.
anyway thank you Brian.
