Issue
Determining if permissions are impacting the layout
Symptoms
- No variables appearing on the form.
- Variable has incorrect layout.
Resolution
The variables may not appear correctly, even after
- they have been ordered correctly
- placed inside the correct containers
- the layouts have been set up properly
If this occurs, read permissions may be blocking the variables from appearing correctly.
To view permissions for the variables, the easiest way is to add the Read roles column to the Variables related list on the relevant catalog item:
Using Read Roles
If a variable is set up with read roles, it does not appear to users without those roles.
For example, this item has the itil read role associated with the Provide Date/Time variable:
Users with the itil role see the Provide Date/Time variable:
Users without the itil role do not see the Provide Date/Time variable:
In this example, the variable layout also alters because the Provide Date/Time variable is not displayed and moves positions. The Provide Date/Time variable fails to appear and changes position because the variable before it is not available for the logged in user. Be aware that this can cause layouts to appear inconsistently.
Roles on Container Records
Setting roles on container records can have a confusing impact. If a container is set up for a role that the logged-in user does not have, all the variables within the container are hidden. For example:
In this example, a user without itil does not see any variables:
Also see KB0539982: Determining if you are using the correct container variable.
Create Roles and Visibility
Create roles do not impact the visibility of the whole variable. If the variable you are restricted from writing to has a default value, you can see, but not edit, the value. If that variable has no default value, you can only see the variable name, not the inputs of the variable at all.
The following example shows all variables that are restricted by create roles to itil only: