Users with snc_internal or snc_external roles do not have access to VariableQueryParser and ATFQueryParseAjax script includes, preventing the "Set Variable Values" test step from working in ATF.
Steps to Reproduce
- Activate Explicit Roles plugin
2. Confirm user Abel Tuter only has snc_internal role
3. Create an ATF test
4. Add Test Step: Impersonate Abel Tutor
5. Add Test Step: Search for a Catalog Item:
- search term: Laptop
- confirm the search returns 'Developer Laptop (Map)' item
6. Add Test Step: Open a Catalog Item
- Developer Laptop (Mac)
7. Add Test Step: Set Variable Values
- Adobe Acrobat = true
- Additional Software requirements = false
8. Run the test and ensure Client Test Runner screenshot mode is 'enable for all steps'
Expected: on the catalog item form, Adobe Acrobat is checked and Eclipse IDE is unchecked
Actual: on the catalog item form, Adobe Acrobat is not checked and Eclipse IDE is checked (Set Variable Values silently passes without setting any variables)
(Can see this in the screenshot attached to the test result form as well)
There is the following warning in the logs when executing the Set Variable Values step: Security restrictions on script include: VariableQueryParser
The workaround is to update the sys_security_acl record with sys ID f401d105cb602300edc0fcd5634c9c58 to properly grant access to the required script includes. For convenience, the properly configured sys_security_acl record has been attached to this article as an XML file. Follow these steps to apply the workaround using this XML file:
- Download this file: sys_security_acl_f401d105cb602300edc0fcd5634c9c58.xml
- Log in to your instance
- Elevate to the security_admin role
- Import the XML file via the "Import XML" UI action in the context menu of any list
If, for some reason, you cannot import the attached XML file, you can apply the workaround manually using these steps:
- Log in to your instance, and elevate to the security_admin role
- Navigate to this URL: /sys_security_acl.do?sys_id=f401d105cb602300edc0fcd5634c9c58
- Change the value of the Name field from "VariableQueryParser" to "ATFQueryParseAjax"
- In the Script field, change the function call from "canAccessCCSI" to "isExternalUserInATFContext"
- Save the record
Related Problem: PRB1334120