Loading...
Loading...
In Quebec, the Explicit Roles plugin was added as a dependency for the Walk-up Experience plugin. This was done so that the Walk Up User would explicitly be an external user and not have access to the internal APIs and records of the instance. Specifically, the Walk Up User was assigned the snc_external role and the sn_walkup.walkup_login role now contains the snc_external role. For upgrades on an existing Walk Up Experience instance that are adding the Explicit Roles plugin for the first time, the existing Walk Up User will be first assigned the snc_internal role as all existing users are implicitly internal. These security roles can not be changed by a scoped app script, so a Known Error occurs in which the Walk Up user will be unable to access the /walkup service portal pages. Steps to Reproduce 1 - Activate the walkup plugin on a pre-Quebec instance that does not already have the Explicit Roles plugin. 2 - Upgrade the instance to Quebec or pre-Rome Patch 6. This will upgrade the Walk Up Experience plugin, and add Explicit Roles plugin for the first time due to the dependency. 3 - Impersonate as Walkup User. 4 - Go to the /walkup portal. The security restraint is no longer visible and can not access walkup login portal.
This problem has been fixed. If you are able to upgrade, review the Fixed In section to determine the latest version with a permanent fix your instance can be upgraded to. The fix consisted in the hard dependency for the Explicit Roles plugin being removed. If an upgrade is not possible yet, the workaround is documented at: https://docs.servicenow.com/csh?topicname=explicit-roles.html&version=latest For the "Walk Up User" sys_user record: Remove the snc_internal role. Add the snc_external role. A background script can also be run in global scope. Here is an example: var walkup_user = 'd4528d31b31013002186a72256a8dc4e'; // sys_id of Walkup User user var snc_internal_role = '7fcaa702933002009c8579b4f47ffbde'; // sys_id of snc_internal role var snc_external_role = '940ba702933002009c8579b4f47ffbe2'; // sys_id of snc_external role var role_int = new GlideRecord('sys_user_has_role'); role_int.addQuery('user', walkup_user); role_int.addQuery('role', snc_internal_role); role_int.query(); if (role_int.next()) role_int.deleteRecord(); var role_ext = new GlideRecord('sys_user_has_role'); role_ext.addQuery('user', walkup_user); role_ext.addQuery('role', snc_external_role); role_ext.query(); if (!role_ext.next()) { role_ext.initialize(); role_ext.user = walkup_user; role_ext.role = snc_external_role; role_ext.insert(); }
PRB1444143
Click on a version to see all relevant bugs
ServiceNow Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.