Application module visbility

AlouAlassane
Tera Contributor

I'm trying to understand the logic behind an issue related to Application module visibility rules. A specific role previously had access to the Software Models module. I was asked to remove this role from the list of roles permitted to view the module via the Application Navigator.

However, I noticed that for some users who had previously added the module to their Favorites, the module remains visible, even though their role no longer grants access. It appears that visibility rule changes are not enforced on Favorites.

 

Question:

How can I ensure that module visibility rules are correctly enforced, including for modules saved as Favorites?

1 ACCEPTED SOLUTION

@AlouAlassane 

I am referring you should have valid table level READ ACL on the table being shown in that module and not on the module itself.

Let the module be visible but the ACL will block them the access

Also as a workaround to fix this permanently you can delete those favorites from the table I mentioned "sys_ui_bookmark " so that this issue doesn't occur in future.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

4 REPLIES 4

Ankur Bawiskar
Tera Patron
Tera Patron

@AlouAlassane 

If that's happening it's a platform bug.

Did you inform the users to logout and login and then check?

2 approaches

1) workaround is to remove the favorites for those users

Run a scheduled job and "sys_ui_bookmark " use this table and delete those favorites/bookmark

AnkurBawiskar_0-1747905783004.png

2) Use table level ACL to control the visibility so that the ACL blocks the read access

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Thanks for your quick response.
Is it possible to use ACLs to control modules visibility?

Which type should it be?

I set a read ACL on the table. Users cannot read records but the module still remains available.

@AlouAlassane 

I am referring you should have valid table level READ ACL on the table being shown in that module and not on the module itself.

Let the module be visible but the ACL will block them the access

Also as a workaround to fix this permanently you can delete those favorites from the table I mentioned "sys_ui_bookmark " so that this issue doesn't occur in future.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Yes the read ACL is already applying correctly. I will use the workaround to clean bookmark table for related module. Thanks