The CREATE ACL for the contract_sla table unexpectedly evaluates to 'true' if the following is true:
- High Security plugin is NOT enabled (ACLs have a default allow rule)
- The property glide.security.granular.create is set to true (default setting in base system)

This can enable users to open a pre-existing SLA Definition record (through the Task SLA form) and click the Insert and Stay UI action.

Steps to Reproduce


  1. Open an instance that does not have the High Security plugin activated.
    Note that any user can create SLA Definition (for example, contract_sla) records. Only users with the admin role should be allowed to perform this operation.


Create a Create ACL on the [contract_sla] table that restricts creation to users with the admin role. 

Related Problem: PRB608911

Seen In

Eureka Patch 1 Hot Fix 2

Fixed In


Associated Community Threads

There is no data to report.

Article Information

Last Updated:2016-08-23 07:40:29