can view bar graph but cannot view list

Don Tanner · ‎04-05-2017

While an ITIL user is viewing a bar graph report, of Incident SLA [incident_sla], she wants to drill down to the detail but cannot. She also cannot change from Bar to List. Both actions get the error "Security constraints prevent access to requested page"

I am sure there is an ACL somewhere, I just don't know where to look.

Thanx in advance!!

Don

johnolivermendo · ‎04-06-2017

Hey Don,

Thank you for providing the screen shots. They were very helpful in seeing your issue. In this case it appears that your ITIL user is getting a security constraint message due to the simple fact that they don't have read access to the incident_sla table. If you check your ACL table (sys_security_acl) you will see that there is no acl for the incident_sla and so your users get a default deny when trying to access that list view in the report.

The fix would be to create a new read ACL for the incident_sla table and add itil role to it.

Let me know if that works for you and mark this comment accordingly if it was helpful.

Thank you

View solution in original post

johnolivermendo · ‎04-05-2017

Hey Don,

Who is the owner of the bar graph report? Here are the following conditions we check to see if a user has access to make changes to a report:

1. Is the report marked as 'global'?

2. Do I own the report?

3. Do I have the report_admin role?

4. Am I part of the group that owns the report? (Or is the report shared with a group that I'm a part of?)

One of these conditions need to be true for the user to make changes to the report. In your case, you would either have to make that specific report global or share it to a new group and then add your itil user to that group. If you don't want to make any of those changes then you can change the actual ACL for reports (sys_report.[none] write ACL) although that should be the last thing you do.

Let me know if this is helpful and mark it correct so that other users can see this.

Thank you!

Don Tanner · ‎04-06-2017

The report is "owned" by me, as I created it. It is shared with everyone. The ITIL user can change the parameters of the report, for example which assignment group is included in the report. She can select every kind of graph. She just cannot select List as a report type.

johnolivermendo · ‎04-06-2017

Hey Don,

It appears that your report is a global report, but your ITIL user cannot make changes to the global report unless they have the 'report_global' role. So you can assign your itil user that role or if you don't want to give your users that much power you can assign your report to a group and have your itil users part of that group.

Let me know if that helps you and mark this comment accordingly.

Thanks!

Don Tanner · ‎04-06-2017

I shared it to a group that I know the user belongs to like this.

Just to be sure I ran the report as a list and I get these results:

I then impersonated the ITIL user and ran the report.

If the report is a Bar graph it works.

Switch it to list and this happens.

Don Tanner

Barrick Gold NA

Please contact your local IT Service Desk at 844-266-6753 or Click here<https://barrickgold.service-now.com/ess/> to open a Service Desk Incident, if you require IT assistance.

(844) 266-6753 HELP DESK AND AFTER HOURS EMERGENCY SUPPORT

Click here<https://barrickgold.service-now.com/sys_attachment.do?sys_id=4865b9220f7ef100cbdb6798b1050ed7> for a Quick Reference Guide to the Barrick Self Service Helpdesk Portal.