Why isn't the visible_to "everyone" field honored on an indicator

qprinsloo · ‎07-14-2023

We have run into an issue where indicators visible to users on a dashboard via widget does not allow them to view the indicator when clicking into the widget to open on analytics hub. They receive an error that they do not have access to the indicator. Both the "display on analytics hub" is checked and the indicator is also set to be "visible to" "everyone". The only way we were able to resolve was to additionally share with specific roles. Once shared with a role, the error goes away. Am I sharing this incorrectly and my assumption of the purpose of "visible to" 'everyone' is incorrect? What does the "visible to" field control then on an indicator? The interesting part is that these users are able to view the indicator in the widget setup on a responsive dashboard. It is only when attempting to click into it and view on Analytics hub that the error is encountered.

AndersBGS · ‎07-14-2023

Hi @qprinsloo ,

have been unable to find any documentation for “visible to” but have only found some documentation for “visible by all roles”.: https://docs.servicenow.com/en-US/bundle/utah-now-intelligence/page/use/performance-analytics/task/t...

have you tried select “visible to all roles” and remove the defined role you have selected? Will this not resolve the issue?

if my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.

Best regards

Anders

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

qprinsloo · ‎07-14-2023

@AndersBGS, yes, I did check and test that scenario as well. If the "visible by all roles" is checked then they are able to view the indicator on analytics hub. However, that then still doesn't answer what the purpose of the "Visible to" field with a value of "Everyone" does. Why is the 2nd "visible by all roles" required to be checked. It seems redundant to have both options if the first doesn't do anything.

kim-lindgren · ‎07-02-2025

@qprinsloo I have a guess for how this works, although I haven't been able to find any documentation on the field "Visible to" on an indicator. What I have found is that:

If "Visible to" is set to "Everyone" but "Visible by all roles" is false, everyone indeed does not have access. E.g. Beth Anglin does not have access in my PDI.
If "Visible to" is set to "Everyone" and "Visible by all roles" is true, Beth Anglin will have access and I assume everyone who has a role will have access as well.

Presumably "Visible to Everyone" means something like "Visible to everyone, given that the ACL conditions are met." If I create a test user and give it the pa_contributor role, it has access under condition 1). Beth Anglin does not have any PA role and therefore does not have access.

It then makes some sense that you have to choose between either "Visible to Everyone/Groups and users", and only if you specify "Everyone" will you be able to choose additional roles to be added to the "everyone" (i.e. PA users). If, on the other hand, you go for "Groups and users", you are saying that "Not everyone with ACL access should be able to view this indicator"; you are overriding role-based access to instead set conditions for groups and users.

I realize this was some time ago but I had to look it up myself because I was studying for my CIS-PA exam. Hope it will help someone!

Regards,

Kim

Karen44 · 2 weeks ago

I was just researching this issue, and I believe you are correct. The options to select seem to vary if you choose visible to "everyone" vs. "groups and users", so that dropdown seems to just determine which options you can use to configure and not the configuration itself.

Everyone:

Groups and users: