Issue with Viewing tickets in Service portal

JohnnySnow · ‎01-21-2022

Hi Team,

Few of our users reported that they are not able to view their tickets & its content in service portal page. Below are the links that they use.

Upon troubleshooting I observed below things

1. the issue is not with Widget (as users with ITIL or other role are able to view their tickets/contents)

2. Users who are facing this issue doesn't have any role attached to their ids.

3. There is no snc_internal role available in the system (which I assumed is available by default, but, it seems like this is only available when we install CSM or other plugins, which has Explicit roles plugin, that comes with it)

4. The issue seem to happen post Rome upgrade, as this issue was not reported before.

5. I went through the ACLs but couldn't figure out any issue with those as well.

Can someone please guide on what else could be the issue here?

Ideal Scenario

Thanks in advance,

Thanks
Johnny

Please mark this response as correct or helpful if it assisted you with your question.

Allen Andreas · ‎01-21-2022

Hi,

This would point to a "read" ACL issue with the respective table.

So you'd want to review both table "read" and table.* "read" ACLs and ensure those users can access the records. Most likely, with the Rome upgrade, there may have been an additional role added or the condition changed to not allow them to see it.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

JohnnySnow · ‎01-24-2022

Hi,

I checked incident table ACLs.

Does that mean that I have to provide users with sn_incident_write role?

Thanks
Johnny

Please mark this response as correct or helpful if it assisted you with your question.

Allen Andreas · ‎01-24-2022

Hi,

So it appears that users would be able to read the table itself if they are the opened_by user, the caller_id user, or on the watch list.

This is why the records are "showing" in their widget...however...they DO NOT have read permission to the fields on the table due to the sn_incident_write role being listed within that table.* ACL.

So you would want to double-check the table again, for any additional table.* "read" ACLs and see if an adjustment should be made. I don't think this ACL table.* is out of box due to it being a "read" ACL and the role specific is "write". This may have been a custom ACL someone created, but this is why you're having an issue.

Consider deactivating this ACL or creating another table.* "read" ACL and use the conditions/script to ensure those other users can read as appropriate.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

JohnnySnow · ‎01-24-2022

Hi, Yes, that makes sense, let me try it and update you!

Thanks
Johnny

Please mark this response as correct or helpful if it assisted you with your question.