Security restricted: Create operation against 'sys_trigger' from scope... has been refused due to the table's cross-scope access policy

georgimavrodiev
Mega Guru

Hello all,



I am experiencing a problem with the Cross — Scope privileges in a scoped application of mine.
I created a custom app and I would like its resources to be usable to applications of the Global scope, to say so.
Whenever I am executing a server script I got the following error message:
Security restricted: Create operation against 'sys_trigger' from scope 'x_27229_xxx' has been refused due to the table's cross-scope access policy
I find this strange, as I already went to System Applications > Applications -> and created 'create' Cross — Scoped Privileges:
12.png

Could you please share with me what could be the reason for the message to appear?


P.S: the specific custom table of mine is configured to be accessible from all application scopes ('read' access). Yet, I would like not to use the radical, to call it so, solution and to check the create / write / configure checkbox of the Application Access item. That's why, I used the Application Cross — Scope Access module at first place.


Regards, Georgi

2 REPLIES 2

sergiu_panaite
ServiceNow Employee
ServiceNow Employee

Georgi,



If you're using a script to add data into sys_trigger, then operation should probably be 'Execute API' rather than 'Create'. When you tried to add data to sys_trigger with a script from your scoped app, wasn't there a rule added automatically to Cross-Scope access?


Hello Sergiu,





Thank you for your reply here and please apologize me for the significant delay with my response!




I solved the issue 2 or 3 days after submitting this thread.
Anyway, I noticed that on my instance I have only Read, Write, Create and Delete as Operations for Cross scope privileges.
Thus, I simply made the sys_trigger table "opened" for all scopes. This solved the issue of mine, even though I did not want to use it.




Regards, Georgi