How to allow a report to be viewed without giving the user the catalog_admin role

balston
Tera Contributor

3 weeks ago

How can the user be allowed to view the report without the catalog_admin role?  The report is viewable only if the user has the catalog_admin role.  The user is not an admin and should not have this role.  The user is able to view other reports shared with them.  The user already has the itil and the report_user roles.  Screenshots of the filter conditions for each report are included in this post.

In my test instance, in an attempt to allow the user to view the report without the catalog_admin role, the following was done:

 

1.  copied the report into my test instance

2.  created a new role

3.  added the new role to the user's group, and to copies of the out of the box ACLs, sc_task with read operation and to the sc_cat_item with read operation

4.  confirmed that the report is shared with the user  

5.  impersonated the user and unsuccessfully tried to view the report

 

Preview file
82 KB
Preview file
82 KB
0 Helpfuls
  • 1,396 Views
4 REPLIES 4

Shashank_Jain
Kilo Sage

3 weeks ago

@balston , You can share the report with specific users.

 

Refer this link : https://developer.servicenow.com/dev.do#!/learn/learning-plans/xanadu/new_to_servicenow/app_store_le...

 

 

If this works, please mark it as helpful/accepted — it keeps me motivated and helps others find solutions.
Shashank Jain
0 Helpfuls

AndersBGS
Tera Patron
Tera Patron

3 weeks ago

Hi @balston ,

 

basic reporting, user should have read access to the underlaying data and the report should be shared with the user bi direct sharing / group sharing. 

What error does the user encounter?

 

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

0 Helpfuls

Dr Atul G- LNG
Tera Patron
Tera Patron

3 weeks ago

Hi @balston The visibility of data and modules in ServiceNow is entirely based on the roles a user has. So in this case, if a user is able to see a catalog report, they must at least have a read-only role. I’m not 100% sure that sharing the report with a user who doesn’t have the minimum role will allow them to see the reporting data

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

Its_Azar
Tera Guru

3 weeks ago

Hi there @balston 

 

You don’t need to give the catalog_admin role just to let users view that report.  they can’t see it is because the report queries catalog-related tables like sc_task and sc_cat_item, and the ACLs on those require more than just itil or report_user. try either extending access by creating a custom role with only read access to the tables/fields and then attach it to the user or their group, or adjust the ACLs by cloning the existing ones and replacing the catalog_admin requirement with your custom role. Once that’s done and the report is shared, the user will be able to view it.

If this helps kindly accept the solution, thanks.

☑️ If this helped, please mark it as Helpful or Accept Solution so others can find the answer too.




Kind Regards,

Mohamed Azarudeen Z

Developer @ KPMG

 Microsoft MVP (AI Services), India
0 Helpfuls