Report on table change_task : access to this content denied based on report_view ACLs

Go to solution
WA1
Kilo Sage

‎07-17-2023 05:01 AM

Hello, 

I have a user who cannot see a report on table "change_task", the following error message is displayed: Access to this content is denied based on report_view ACLs.

I have checked the report_view ACLs, I have only 2 ACLs the first one requires "itil" role and the other one requires "snc_internal" and my user has both roles. 

I checked also the business rules and I don't have any on-query business rules.

 

For information when I added the role "project_user" to my user, he had access to the report but I don't know where is this restriction to have the role "project_user" to be able to see the report..

 

Thank you in advance

0 Helpfuls
  • 1,592 Views
1 ACCEPTED SOLUTION

Go to solution
WA1
Kilo Sage
In response to Ahmmed Ali

‎07-17-2023 07:17 AM

The group by is on the active field so it won't cause a problem.

I found that the report's type is multi-level pivot table and it requires 2 fields (column and row) that are in another table which has an ACL report_view with the role "project_user" inherited from another table.

To resolve this, I've created a new ACL report view on the table containing the 2 fields. 

 

Thank you for your help 🙂 

View solution in original post

0 Helpfuls
5 REPLIES 5

Go to solution
Ahmmed Ali
Mega Sage

‎07-17-2023 05:19 AM

Hello @WA1 

 

Is there any script configured on the ACLs? you can verify same by viewing XML of both ACLs (Open each ACL in form view, right click on header and click show XML).

 

Even if advanced is not selected and the script has any value, then system will evaluate the script and access is granted based on script output.

 

Thank you,

Ali

 

If I could help you with your Query then, please hit the Thumb Icon and mark my answer as Correct!!

Thank you,
Ali
0 Helpfuls

Go to solution
WA1
Kilo Sage
In response to Ahmmed Ali

‎07-17-2023 05:49 AM

Hello Ali, 

 

I checked and there is no script for both of the ACLs, I even deactivated them and the access is still denied. 

 

I found a report_view ACL on table "planned_task" that has the role "project_user", when it's deactivated the user has access to the report, but I don't know how this table is related to the table "change_task".. 

 

Thank you

0 Helpfuls

Go to solution
Ahmmed Ali
Mega Sage
In response to WA1

‎07-17-2023 06:08 AM

Hello @WA1 

 

Can you try running simple report on change_task table without any group by, just add number column to the report and run.

 

In recent upgrade, ServiceNow has updated security of reports. Now imagine if you have report view access on incident table. but not on user table. You can create report on incident table as long as you are not showing any dot walked field of user table in group by etc.

 

If you create report and add group by user's location, then it will give you the ACL error.

 

Thank you,

Ali

 

If I could help you with your Query then, please hit the Thumb Icon and mark my answer as Correct!!

Thank you,
Ali

Go to solution
WA1
Kilo Sage
In response to Ahmmed Ali

‎07-17-2023 07:17 AM

The group by is on the active field so it won't cause a problem.

I found that the report's type is multi-level pivot table and it requires 2 fields (column and row) that are in another table which has an ACL report_view with the role "project_user" inherited from another table.

To resolve this, I've created a new ACL report view on the table containing the 2 fields. 

 

Thank you for your help 🙂 

0 Helpfuls