Users seeing read only fields and cannot create records in Custom App

Go to solution
Daniel O_Connor
Kilo Guru

‎11-20-2018 03:38 AM

Hi all,

Having some issues with some new Custom Apps that I've created on the platform. Up until now, the apps I have created have been for various IT departments and teams. As these users are already licensed ITIL users, there has been really no issues regards permissions.

However this week I have created two new applications for business users. From my understanding of how custom applications were explained to me on purchase, it was mentioned it was effectively unlimited in it's licensing, as each custom app had it's own permissions and roles.

In one example, I've created a simple custom app for a Finance team to manage TASKS that were previously done in Excel. But when the user attempts to create a record (though the list view, clicking the new button) she is presented with all read only grey fields, bar the ones I had created specifically for the requirements.

The table was an extension of TASK. The new fields I added into the table are working fine and as expected, but the fields inherited from the source TASK table, cannot be used.

Am I misunderstanding how extensions of tables and custom apps works? I was under the impression if I extend a table it effectively copies the source table into a new one, where we can remove or add new columns. Is this not the case? 

How do I go about providing the end users in question the ability to write to the current read only fields? I created a role group which is in the global scope, which contains the role for the custom app, but this doesn't seem to be working. 

 

Appreciate the help, this is really frustrating me 🙂 

0 Helpfuls
  • 2,460 Views
1 ACCEPTED SOLUTION

Go to solution
Rajesh Mushke
Mega Sage
Mega Sage
In response to Daniel O_Connor

‎11-20-2018 11:51 AM

Yes you are correct, you need to create new ACLs to override system created ACLs, that will works for you. Please Log a Hi Ticket to provide Security_admin, they will provide you the security_admin role. I Hope your query is been answered,please close this thread then only this will be helpful for other community user's. Let me know if you need more details. Thanks, Rajashekhar Mushke Community Leader - 18


Thanks,
Rajashekhar Mushke
Rising star : 2022 - 2024
Community Leader -2018
Connect me on LinkedIn : Rajashekhar Mushke

View solution in original post

9 REPLIES 9

Go to solution
Rajesh Mushke
Mega Sage
Mega Sage

‎11-20-2018 04:17 AM

Hey Daniel O'Connor,

 
Have you checked the application scope access?
 

Application Access

Application Access is set at the table level and allows developers to:

  • Grant read, create, update, and delete privileges
  • Grant access to the table through web services
  • Allow application files from other application scopes to add new fields to the table
  • Permit other application scopes to create application files for the table:
  • UI actions
  • Client Scripts

Application Access grants privileges either to This application scope only or All Application scopes. The default settings are:

 

Default app access

 

 

In the default case, the Application Access settings grant read access.

 
 

Define access to or from an application scope:

 

To set access for the entire application, or to pre-approve or deny future requests from a cross-scope script or application, you can create a record in the Restricted Caller Access Privileges [sys_restricted_caller_access] table.

Before you begin

Role required: admin or application admin

If application administration is enabled, only application administrators of the target application can set access to an application. If application administration is not enabled, an admin user can set access to an application.

Procedure

  1. Navigate to System Applications > Application Restricted Caller Access.
    The Restricted Caller Access Privileges [sys_restricted_caller_access] table opens.
  2. Complete the form.

    To allow access between two application scopes, set the Source Type and Target Type to Scope and select the appropriate Source Scope and Target Scope.

    Restricted Caller Access fields
    FieldDescription
    OperationOperation on the target resource.
    • Read
    • Write
    • Create
    • Delete
    • Execute API
    SourceRecord of the calling script.
    Source ScopeScope of the calling application.
    Source TableTable that contains the Source record.
    Source TypeType of record calling the application resource.
    • Scope
    • Business Rule
    • UI Action
    • Script Include
    • Scheduled Script
    • Workflow Activity
    • Service Portal Widget
    • UI Macro
    • Orchestration RunScript Activity
    • Document Title
    • GlideScopedEvaluator
    • ACL

    To allow access from an entire application, select Scope.

    StatusStatus of the access request.
    • Requested
    • Denied
    • Allowed
    • Invalidated
    Note: If a calling resource changes, the restricted caller access record status changes to Invalidated. If application administration is enabled, only application administrators of the target application can update the status of a request.
    TargetRecord of the requested resource.
    Target ScopeThe scope of the requested resource.
    Target TableTable that contains the Target record.
    Target TypeType of requested resource.
    • Scope
    • Table
    • Script Include

    To allow access to an entire application, select Scope.

 

 

Please Refer:

Application Access

Define access to or from an application scope

 

 

Let me know if you need more details.

 

Thanks,

Rajashekhar Mushke

Community Leader - 18 



Thanks,
Rajashekhar Mushke
Rising star : 2022 - 2024
Community Leader -2018
Connect me on LinkedIn : Rajashekhar Mushke

Go to solution
Daniel O_Connor
Kilo Guru
In response to Rajesh Mushke

‎11-20-2018 05:01 AM

Hi Rajashekhar,

Doesn't seem to be working. The application access is as you have in that screenshot for the default. 

I went into creating some new restricted caller access rules (called Application cross scope access now?) 

Examples are below, maybe I didn't make them correctly? 

The issue being experienced on the form

find_real_file.png

 

Cross scope access rules

find_real_file.png

 

Preview file
33 KB
Preview file
62 KB
0 Helpfuls

Go to solution
Rajesh Mushke
Mega Sage
Mega Sage

‎11-20-2018 05:16 AM

Then have you created any ACL to provide access to those specific role users?

 

Let me know if you need more details.

 

Thanks,

Rajashekhar Mushke

Community Leader - 18 



Thanks,
Rajashekhar Mushke
Rising star : 2022 - 2024
Community Leader -2018
Connect me on LinkedIn : Rajashekhar Mushke
0 Helpfuls

Go to solution
Daniel O_Connor
Kilo Guru
In response to Rajesh Mushke

‎11-20-2018 05:38 AM

When I build the custom app, the system generated four ACL's for me. 

 find_real_file.png

Read/Write/Create/Delete

And the role the system created is declared in it

Preview file
23 KB
0 Helpfuls