I'm currently working through trying to grant more roles the ability to view the SLA Timeline UI Page. ServiceNow Docs say itil, sla_admin, and sla_manager are the roles required for viewing it, however we want to add a different role to it, say sn_customerservice_agent. IE: If they can see the SLA Timeline button, why not allow them to click it?
Anyway - I figured simple enough, I find the ACL to open up the permissions to it, no biggie.
Seems like this should be enough, now however when I go to the UI Page, I get this message instead of the typically ACL message.
Of course this to me looks like a Business Rule, Data Policy, or some sort of Script abort to UI Message for "User Not Authorized." I ran the trusty ol session debugger to see what may be causing this, and get largely a non-answer from the debugger. The best I get out of debugger is this line about the REST API Processor returning the "User Not Authorized"
Running the debugger logs side by side for a user that has access vs one that doesn't, outside of this and some additional processing after this step, there isn't much different that I can see.
I don't feel like it should be that complicated to get access to a UI Page for other users that can see all the relevant information on the report being displayed.
I feel like I'm missing something incredibly simple. Any thoughts?
Found the answer - The UI Page executes a GET API action on the /api/now/sla (internal SLA API) not table based.
So for future individuals - Will need to also add the role into the ACL here for SLA timeline specifically.
Thanks @Rajesh Chopade1 for the tip on the web dev tools, they helped point me in the direction on which API was failing ACL auth, but it does not show up in session debugger.
Yes - got the 403 on this:
