Query match ACL Error

Community Alums · ‎01-20-2025

Hi

Few of the non admin users are experiencing errors related to a table

Error is

part of the query on rm_enhancement has been ignored because of insufficient access for query match operation on rm_ enhancement.active

Where there is no type of operation in Xanadu release patch 4

Please suggest a solution

sumersingh · ‎01-20-2025

you need to check read acl on "rm_ enhancement.active" which is returning false value that's why it is giving you error.

OR you can put the query ACL on "rm_enhancement" so that by default that will run.

NOTE

Query ACLs (both query_match and query_range) default to a star.star ACL that delegates to read access. This means, where ACLs are enforced on queries, if no query ACL was created then read access to the column is evaluated ; if query ACLs are defined then they override the default behavior.

Community Alums · ‎01-21-2025

There is no read ACL on "rm_enhancement.active." I have created a new ACL for the query_match operation, but the issue persists

sumersingh · ‎01-22-2025

if there is no read acl on "rm_enhancement.active." that means you have read acl on table level.

by default there is query_match acl on *.* you can disable it.

but that you need to well tested.

these query_match and query_range acl servicenow introduce so that if user has read access on those field only then they can include those fields in the query.

like refernce qualifier we put some filter condition. if user does not have access to those fields which are include in the filter query then it will throw an error

Maisie Kocher · ‎03-14-2025

Ultimately I had to set the *.* query_match and query_range ACLs to false. I would love to hear if anyone finds a better solution!