Notifications

3861 views

Description

 

Symptoms


Prior to Fuji, if a database view was defined, but you had ACL rights to see the data in the underlying tables, you could view the results returned by the database view. This was incorrect behaviour.


Release


Fuji, Geneva, Helsinki, Istanbul, Jakarta and Kingston.

 

Cause


Starting with Fuji, an additional tableLevelACLAllow() check is performed when displaying a list. After upgrade, a non-admin user will not have access to database view records unless a read ACL is created directly on the database view (just like other tables).

 

Resolution


Create a read ACL directly on the database view table to allow non-admin users to view database view records:
  1. Type Access Control in the navigation filter. 
  2. Select the Access Control (ACL) module.
  3. Select the New action at the top of the list.
  4. Under Operation, select Read, and under Name, select the name of the database view i.e. Incident SLA
  5. Add the required roles needed to access the database view and click Submit.  

Article Information

Last Updated:2019-08-02 21:27:42
Published:2019-01-24