If a user criteria is defined for a service catalog category for a specific role, it is not honored when an itil_admin user logs in.
In express itil_admin contains catalog_admin role. The property glide.sc.category.canview.override contains catalog_admin role, this means that whoever has catalog_admin role can view the category even though the user criteria restricts them to.
Steps to Reproduce
- Navigate to any OOTB Express instance
- Create a custom role and assign it to a non itil user
- Create a Service Catalog Category
- Add a Catalog Item to it
- Create a new user criteria in Available for with role as the custom role
- Add the Category on the Self Service Home page
- Impersonate itil user, and it works fine. The user is unable to view the category
- Impersonate itil_admin user. The user is able to view the category
There is no known workaround for this issue. If you are able to upgrade, review the Fixed In field to determine the versions that have a permanent fix to this issue.
You can subscribe to this known error article (click the Subscribe button at the top of the article) to receive notifications when more information is available about this issue.
Related Problem: PRB1245347