Issues viewing report

ericgilmore · ‎06-21-2023

ver. Tokyo

I have a published report that is supposed to allow Everyone view access. However, when a non-itil user attempts to see it, they get a blank list, and no on screen errors.

The report is supposed to display a list of Groups associated with the county a user is from.

The filter condition for the report is:

The error I see in the Warning log whenever a non-ITIL user attempts to go to the URL is:

IF I change the County condition to [ County ][ = ][ An actual county ], the non-ITIL user can THEN see groups associated with the County.

I've checked the ACL's on Report (sys_report) and the current non-ITIL users have all the needed roles to READ. But the error doesn't appear to be concerned with the ACL's and the error above is triggered before the ACL's come into play (via debug).

Has anyone else run into this?

ericgilmore · ‎06-22-2023

It turns out the error I was receiving was a red herring (misleading). After running debug, while surveying various user classes, that then going through the logs, I found the difference. It was nothing more than a missing READ ACL on a field (county) that had not been accounted for. After creating a a READ ACL for the proper role, things were good.

View solution in original post

Tony Chatfield1 · ‎06-21-2023

Hi, unfortunately without visibility of your instance, diagnostics for this type of issue are difficult.
I am assuming the 'County' field and dynamic filter are custom as I don't see a column label 'County' or the dynamic filter in an OOB PDI?

The error message seems to indicate an issue relating to the dynamic filter script, but this could be the result of the either script code or possibly data visibility (without details of the script we can only guess).

First have you run ACL debug, impersonated end user and then checked the debug logs to confirm that they have visibility of the reports data, specifically 'County' field and reference table (if one is involved), as this could result in script failure without the rows hidden by security constraints message.

Assuming visibility is correct then next step would be to review the dynamic filter

A simple first diagnostic step might be to replace the dynamic filter with a hard coded single (or list) of County's and see if this allows the user to see report results or the ACL removed by security warning.
If results show with hard coded value(s) then the issue would seem to relate to the dynamic filter.
If ACL\security warning show, then it is possibly visibility is causing the dynamic filter to fail.
Otherwise, the dynamic filter would be the area I would review first.

ericgilmore · ‎06-21-2023

Thank you @Tony Chatfield1,

I'm pretty sure the dynamic filter, for whatever reason, is the breakpoint. I'll need to identify which script is actually throwing the error and maybe see if there's a way to mitigate it. I'll also see if there's another solution as well for the current condition filter configuration.

ericgilmore · ‎06-22-2023

It turns out the error I was receiving was a red herring (misleading). After running debug, while surveying various user classes, that then going through the logs, I found the difference. It was nothing more than a missing READ ACL on a field (county) that had not been accounted for. After creating a a READ ACL for the proper role, things were good.