snc_internal / snc_external roles in ACLs and Application menus

Go to solution
M_iA
Kilo Sage

‎08-26-2022 04:20 AM

Hello!

We are using the roles snc_internal and snc_external roles in quite a lot of our ACLs and application menus.

Internal staff have the snc_internal role and our customers who have access to one of our portals have the snc_external role. None will have both.

However, i am seeing list views and application menus that have the snc_internal role defined, but allowing a snc_external user to view.

How can this be?

Labels:
0 Helpfuls
  • 4,031 Views
1 ACCEPTED SOLUTION

Go to solution
Aman Kumar S
Kilo Patron

‎08-26-2022 05:40 AM

Hi @M.iA 

Can you check if following property is true in your instance:

glide.security.use_explicit_roles 

It looks like a peculiar case, did you check with HI, what they have to say about this?

 

Best Regards
Aman Kumar

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Mark Manders
Mega Patron

‎08-26-2022 04:26 AM

That means they just are available for all users with that role. ACL's say what you can't see, available for fields have you grant access to the roles selected. That you can't have both roles is something the system takes care of, but you can show something to both.

If my answer helped you in any way, please then mark it as helpful. If it resolved the issue, please mark it as correct. This way others will find it in the solved queue and helps them on similar queries.

Mark


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Go to solution
M_iA
Kilo Sage
In response to Mark Manders

‎08-26-2022 04:57 AM

Hi Mark, please see my reply below to Yousaf that gives some further context to the issue im seeing.

Many thanks

0 Helpfuls

Go to solution
Yousaf
Giga Sage

‎08-26-2022 04:33 AM

Hi M. iA

Please go through this document you will find some valuable information about Explicit roles.

Explicit Roles

 

Mark Correct or Helpful if it helps.


***Mark Correct or Helpful if it helps.***

Go to solution
M_iA
Kilo Sage
In response to Yousaf

‎08-26-2022 04:46 AM

Hi Yousaf,

So, to put the issue into context, I have the following ACL, believe its OOB:
find_real_file.png

I would be expecting that only the users with sn.grc.user role or the snc_internal role would be able to view the table. However, the snc_external users can view.

Another example is the application menu:

find_real_file.png

The application has the role snc_internal role. So it should only allow users with the snc_internal role to view the application menu.

However, someone with the snc_external role is able to see and use this menu.

Something doesnt quite feel right to me as if I change the roles in the ACL to more defined role.....like itil or sn_customerservice_agent, the ACL and application menu work as expected

Preview file
61 KB
Preview file
99 KB
0 Helpfuls