Using roles and user criteria

vyjayanth · ‎10-11-2016

If a Knowledge Base has a User Criteria and when we add Roles on the Knowledge Article, after publishing the article, the users that match the User Criteria seems to not have access. is this expected behavior

Found few links but could not find any update

Control Knowledge Access through User Criteria

Article Security and Filtering in Knowledge v3

Based on the ACL's found below

If it's a New Record (user has create access)
For Existing records below is are the read access order of conditions
1. User has 'knowledge_admin'
2. Is a Knowledge Base Owner(user) on the Knowledge record associated Knowledge Base (can read back end in any state front end only if published)
3. Is a Knowledge Base Manager(user) on the Knowledge record associated Knowledge Base (can read back end in any state front end only if published)
4. If the Knowledge article is Published, and has roles, user would need to have the roles to get access to read, back end and front end (can read back end in any state front end only if published)
5. If the Knowledge article is not Published, users who can contribute or have knowledge role can see it in the back end

ryanbalcom · ‎12-19-2017

To answer your question, yes, I believe this is expected behavior.

From the read-only ServiceNow global.KBKnowledgeSNC().canRead method in case 6 we can see that if roles are defined then the user must pass a gs.hasRole check.

Possible Use Case?

Consider the following scenario: a HR knowledge base contains some articles that are more "sensitive" than others. Using the roles field you could restrict select articles to the HR Manager.

Hope this answers your question.

P.S. Later this evening I found this during an unrelated search. This should confirm my belief that this is expected behavior.