- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2017 09:40 AM
Howdy folks,
I'm creating a report on a database view that I want to share with some ITIL users. The report looks great for me, but when I impersonate one of my users, I'm treated to the message "Security constraints prevent access to requested page."
I consulted this page:
http://wiki.servicenow.com/index.php?title=Database_Views#ACLs_and_Database_Views
and it was pretty uninformative since it didn't tell me which ACL I needed to create. I've now created a read ACL that allows ITIL users to read the following things:
1. sys_db_view
2. sys_db_view.*
3. task
4. task.*
5. cmdb_ci_server
6. cmdb_ci_server.*
7. sys_db_view_table
8. sys_db_view_table.*
9. sys_db_view_table_field
10. sys_db_view_table_field.*
My user still can't view the report (a db_view joining task and cmdb_ci_server, both of which he could already read). How do I fix this?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2017 09:51 AM
Hi Andy,
Did you create a Read ACL for the database view itself? For example, if your database view is called "task_survey_detail", you will have to create a read ACL for task_survey_detail.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2017 09:51 AM
Hi Andy,
Did you create a Read ACL for the database view itself? For example, if your database view is called "task_survey_detail", you will have to create a read ACL for task_survey_detail.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2017 09:55 AM
Ahhhhh man. I didn't see my database view in the System Definition > Tables list, so I assumed it wasn't available for ACLs.
Thanks a bunch!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2017 09:53 AM
Hi Andy,
Have you created ACL on the DB view itself?
Starting with Fuji, we are doing an additional tableLevelACLAllow() check when displaying a list. After upgrade, a non-admin user will not have access to database view records unless a read ACL is created directly on the database view (just like other tables).
Thanks
Shruti
If the reply was informational, please like, mark as helpful or mark as correct!