The issue is identified when migration from Knowledge v2 to v3. It can cause permission issues for non-admin users on some of the kb_knowledge fields depending on the field level ACLs on kb_knowledge. Here are two symptoms:
- Non-Admin user unable to see some fields in the knowledge list or form
- Non-admin user unable to make changes to knowledge record
This issue can potentially exist once an instance is upgraded to Fuji or above where articles already exist and custom ACLs are defined on the kb_knowledge and kb_feedback tables. This issue is more likely to manifest after the upgrade to KP12 and LP3 due to the change in the way scripted user criteria are cached.
Steps to Reproduce
1) Verify if the instance has any ACLs that satisfy the following filter condition:
- Navigate to https://<instance_name>/sys_security_acl_list.do (or Access control list from Navigator menu)
- Add the following filter condition for the list view:
- Name "starts with" "kb_"
- Description "contains" "ACL has been created by the Knowledge Management V3"
- Advanced "is" "true"
- If any record exists, verify if any ACL contains script in the following pattern:
- new KBKnowledge().canRead/canWrite/canCreate/canDelete (without answer = )
2) If any record exists, the instance may be impacted by this issue
3) Below are the manifestations of the issue:
- Login as "non-admin" user with contribute access to any knowledge base
- Navigate to kb_knowledge_list.do
- Verify if any column like short description, number shows blank values
- Try to update the kb_knowledge record
- Refresh the page and observe that the recently updated changes are not persisted
This problem is under review and targeted to be fixed in a future release. You can Subscribe to this article to receive notifications when more information will become available. Upgrade to a patch where the fix is available.
The workaround is to add "answer=" in front of the ACL script that does not contain "answer=" where new KBKnowledge().canRead/canWrite/canCreate/canDelete is invoked:
answer = new KBKnowledge().canRead(current);
Related Problem: PRB1323922