User cannot assign group on reference field

Samuel Moya cam · ‎02-04-2025

When trying to assign a group with a specific user this user cannot assign any group, and reciving the next message
"Part of the query on sys_user_group has been ignored because of insufficient access for 'query_match' operation on sys_user_group.active"

Check the access, the user can see the sys_user_group, but not the active field and don´t know what role to give or what ACL to check

Samuel Moya cam · ‎02-05-2025

I found the problem, a team created some ACLs for an specific role to an integration and therefore without the role the user could not see anything.

View solution in original post

ZacharyKenyon · ‎02-04-2025

It sounds like there are two things going on here:

The user in question does not have read access to the "active" field on the sys_user_group table
You have a reference qualifier on the "Assignment group" field on the task table to only allow groups where active=true

I replicated those conditions on my developer instance and was able to duplicate the problem you're seeing. You should be able to fix this by granting "read" access to the sys_user_group.active field. Out-of-the-box, the default "read" access to sys_user_group allows all users with roles to read the "active" field, so something on your instance has been changed to disallow that.

Samuel Moya cam · ‎02-05-2025

I found the problem, a team created some ACLs for an specific role to an integration and therefore without the role the user could not see anything.