Approvers unable to view approval record after it has been approved

Go to solution
neil_b
Tera Guru

‎09-06-2023 07:51 AM - edited ‎09-06-2023 07:55 AM

Hello! Our users are running into issues where they are unable to see the approval record after it has been approved. 

 

I tried making modifications to ACLs but was still unable to get it working. I've attached a screen capture of what our users see, when trying to view the approval record for something they have already approved. 

Record Not Found.png

They should still be able to see records they have approved; it shouldn't only be unrestricted when the STATE = REQUESTED. Even if STATE = APPROVED the approver should still have access to view the approval but I haven't found a way to accomplish this.

 

Any help is appreciated!

 

Preview file
21 KB
0 Helpfuls
  • 2,605 Views
1 ACCEPTED SOLUTION

Go to solution
Community Alums
Not applicable
In response to neil_b

‎09-06-2023 10:54 AM

Hi @neil_b ,

 

Please follow the steps:

 

1: As an admin, open the approval record form (which was approved and not visible to end user in portal). Table=sysapproval_approver

2: Keep it open in one of the browser tab.

3: In another tab, open the instance and impersonate with the user facing issue. As you said, end users don't use native/desktop UI, so I am guessing they will be redirected to the portal.

4: Reload the browser tab (step 2:) which have approval record form is open.

5: If the record is still visible, it means there is no problem with ACL and before query business rules, which means widget script is causing a problem. If the record is not visible then there can be only two possibilities ACL and before query business rule. If you get the message "Security constraints", it means its ACL is causing a problem. If you get no record found message then before query business rule is causing the problem.

 

I hope this is helpful.

 

Thank you,

Santosh Poudel

View solution in original post

9 REPLIES 9

Go to solution
Community Alums
Not applicable

‎09-06-2023 07:57 AM

Hi Neil,

 

There could be multiple reasons.

1: ACL

2: Before query business rule

3: Widget script

 

Can you please check if the user can see the approval record(which was approved) in sysapproval_approver table. If the user can see it in native/desktop view but not in the portal, its most likely because of widget script. 

 

Thank you,

Santosh Poudel

Go to solution
neil_b
Tera Guru
In response to Community Alums

‎09-06-2023 08:03 AM - edited ‎09-06-2023 08:03 AM

@Community Alums , thank you for the reply! I will research all 3 possibilities and report back as soon as I can!

0 Helpfuls

Go to solution
neil_b
Tera Guru
In response to Community Alums

‎09-06-2023 08:39 AM

@Community Alums I don't think it's the widget script. Our users never use the native/desktop view as they only use the Portal view. They don't have access to the backend. 

As an Admin, I am able to see all approval records regardless of the STATE, which leads me to believe it is ACL related but I could be wrong because I've tried looking at this ACL: sysapproval_approver and it shows

if (gs.getProperty("glide.approvals.restrict_by_record", "false") == "true")
	answer = gs.hasRole('approval_admin') || gs.hasRole('itil') || gs.hasRole('catalog') || ((new ApprovalDelegationUtil().isMyApproval(current)) && hasAccessToDocument(current));
else
	answer = gs.hasRole('approval_admin') || gs.hasRole('itil') || gs.hasRole('catalog') || (new ApprovalDelegationUtil().isMyApproval(current)) || hasAccessToDocument(current);

and I tried giving users Approval_Admin roles, or Catalog roles and they still couldn't access the record on the Approval Record widget. 

0 Helpfuls

Go to solution
Community Alums
Not applicable
In response to neil_b

‎09-06-2023 10:54 AM

Hi @neil_b ,

 

Please follow the steps:

 

1: As an admin, open the approval record form (which was approved and not visible to end user in portal). Table=sysapproval_approver

2: Keep it open in one of the browser tab.

3: In another tab, open the instance and impersonate with the user facing issue. As you said, end users don't use native/desktop UI, so I am guessing they will be redirected to the portal.

4: Reload the browser tab (step 2:) which have approval record form is open.

5: If the record is still visible, it means there is no problem with ACL and before query business rules, which means widget script is causing a problem. If the record is not visible then there can be only two possibilities ACL and before query business rule. If you get the message "Security constraints", it means its ACL is causing a problem. If you get no record found message then before query business rule is causing the problem.

 

I hope this is helpful.

 

Thank you,

Santosh Poudel