Security constraints prevent access to Report on Database View

Go to solution
andypollino
Mega Expert

‎07-19-2017 09:40 AM

Howdy folks,

I'm creating a report on a database view that I want to share with some ITIL users. The report looks great for me, but when I impersonate one of my users, I'm treated to the message "Security constraints prevent access to requested page."

I consulted this page:

http://wiki.servicenow.com/index.php?title=Database_Views#ACLs_and_Database_Views

and it was pretty uninformative since it didn't tell me which ACL I needed to create. I've now created a read ACL that allows ITIL users to read the following things:

1. sys_db_view

2. sys_db_view.*

3. task

4. task.*

5. cmdb_ci_server

6. cmdb_ci_server.*

7. sys_db_view_table

8. sys_db_view_table.*

9. sys_db_view_table_field

10. sys_db_view_table_field.*

My user still can't view the report (a db_view joining task and cmdb_ci_server, both of which he could already read). How do I fix this?

0 Helpfuls
  • 4,606 Views
1 ACCEPTED SOLUTION

Go to solution
neena_narayanan
ServiceNow Employee
ServiceNow Employee

‎07-19-2017 09:51 AM

Hi Andy,



Did you create a Read ACL for the database view itself? For example, if your database view is called "task_survey_detail", you will have to create a read ACL for task_survey_detail.


View solution in original post

3 REPLIES 3

Go to solution
neena_narayanan
ServiceNow Employee
ServiceNow Employee

‎07-19-2017 09:51 AM

Hi Andy,



Did you create a Read ACL for the database view itself? For example, if your database view is called "task_survey_detail", you will have to create a read ACL for task_survey_detail.


Go to solution
andypollino
Mega Expert
In response to neena_narayanan

‎07-19-2017 09:55 AM

Ahhhhh man. I didn't see my database view in the System Definition > Tables list, so I assumed it wasn't available for ACLs.



Thanks a bunch!!


0 Helpfuls

Go to solution
shruti_tyagi
ServiceNow Employee
ServiceNow Employee

‎07-19-2017 09:53 AM

Hi Andy,



Have you created ACL on the DB view itself?



Starting with Fuji, we are doing an additional tableLevelACLAllow() check when displaying a list. After upgrade, a non-admin user will not have access to database view records unless a read ACL is created directly on the database view (just like other tables).



ServiceNow KB: Database View records require read ACLs created for non-admin users after upgrade to ...



Thanks


Shruti


If the reply was informational, please like, mark as helpful or mark as correct!