Users with snc_internal or snc_external roles do not have access to VariableQueryParser and ATFQueryParseAjax script includes, preventing the "Set Variable Values" test step from working in ATF.

Steps to Reproduce

  1. Activate Explicit Roles plugin
    2. Confirm user Abel Tuter only has snc_internal role
    3. Create an ATF test
    4. Add Test Step: Impersonate Abel Tutor
    5. Add Test Step: Search for a Catalog Item:
    - search term: Laptop
    - confirm the search returns 'Developer Laptop (Map)' item
    6. Add Test Step: Open a Catalog Item
    - Developer Laptop (Mac)
    7. Add Test Step: Set Variable Values
    - Adobe Acrobat = true
    - Additional Software requirements = false
    8. Run the test and ensure Client Test Runner screenshot mode is 'enable for all steps'
    Expected: on the catalog item form, Adobe Acrobat is checked and Eclipse IDE is unchecked
    Actual: on the catalog item form, Adobe Acrobat is not checked and Eclipse IDE is checked (Set Variable Values silently passes without setting any variables)
    (Can see this in the screenshot attached to the test result form as well)
    There is the following warning in the logs when executing the Set Variable Values step: Security restrictions on script include: VariableQueryParser


The workaround is to update the sys_security_acl record with sys ID f401d105cb602300edc0fcd5634c9c58 to properly grant access to the required script includes. For convenience, the properly configured sys_security_acl record has been attached to this article as an XML file. Follow these steps to apply the workaround using this XML file:

  1. Download this file: sys_security_acl_f401d105cb602300edc0fcd5634c9c58.xml
  2. Log in to your instance
  3. Elevate to the security_admin role
  4. Import the XML file via the "Import XML" UI action in the context menu of any list

If, for some reason, you cannot import the attached XML file, you can apply the workaround manually using these steps:

  1. Log in to your instance, and elevate to the security_admin role
  2. Navigate to this URL: /
  3. Change the value of the Name field from "VariableQueryParser" to "ATFQueryParseAjax"
  4. In the Script field, change the function call from "canAccessCCSI" to "isExternalUserInATFContext"
  5. Save the record

Related Problem: PRB1334120

Seen In

New York
SR - Security - Integration Framework - Madrid 2019 Q2
SR - Security - Support Common - Madrid 2019 Q2
SR - Security - Support Orchestration - Madrid 2019 Q2
SR - SIR - Security Incident Response - Madrid 2019 Q2
SR - SIR - Store SecOps Setup Assistant - Madrid 2019 Q2
SR - SIR - Store Threat Core - Madrid 2019 Q2
SR - SIR - Store Trusted Security Circles Client - New York 2019 Q3
SR - VR - Qualys - New York 2019 Q3
SR - VR - Vulnerability Response - New York 2019 Q3

Fixed In

Madrid Patch 4
New York

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2020-06-29 07:50:12