Loading...
Loading...
A display business rule accessing a script include with caller tracking in the condition field, will generate new RCA (sys_restricted_caller_access) record on form load. This happens because the script include is accessed via the condition field, and the source is identified as a UI Page (Source Table: sys_ui_page) rather than a Business Rule. Steps to Reproduce 1. Create 2 applications (example: Source App & Target App) 2. Create a script include on the Target App: - Name: TargetScriptInclude - Accessible from: All application scopes - Caller Access: Caller Tracking 3. Create a table within Source App. No need to create any columns. 4. Create a business rule within Source App: - Table: <table created in step 3> - Advanced: true - When: display - Condition: new sn_target_scope.TargetScriptInclude() 5. Open the form for the table created in step 3, and just save the record. 6. Note that an RCA (sys_restricted_caller_access) record is created when viewing the form. A new RCA record will be created for each record that exists on the table from step 3, as long as the form is loaded for each record. So if 5 records exist, and you open each one and view the form, the display BR condition will execute for each one, and a new RCA record is created. Source Type will be UI Page and Source field will look empty on the form, however it contains the sys_id of the record the BR executed on. Shows empty because it is expecting a sys_id of a UI Page.
Wrap the code in the script field in an if block containing the code that was in the condition field. This will cause the RCA (sys_restricted_caller_access) record to be created only 1 time, with the Source set to the business rule. Example: Condition: new sn_target_app.TestConditionScriptInclude() Script: (function executeRule(current, previous /*null when async*/) { var foo = new Foo(); foo.bar(); })(current, previous); Change to: Condition: empty Script: (function executeRule(current, previous /*null when async*/) { if (new sn_target_app.TestConditionScriptInclude()){ var foo = new Foo(); foo.bar(); } })(current, previous); Note: A cleanup of invalid sys_restricted_caller_access records may be needed to prevent the retrieval of large resultset from transactions that checks for cross scope access of scripts. If you need assistance with the identification of the records to be cleaned up, please create a case at NowSupport.
PRB1832992
Click on a version to see all relevant bugs
ServiceNow Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.