File upload/download permissions issue
Issue
Starting with v.12.0.4, users may encounter the following error when trying to upload or download files (e.g., attachments in Self Service Portal service approvals, Service Desk incidents, tasks, etc.):
You do not have permission to execute web service operation. Please contact your administrator for more details. Failed to upload the file
The error typically states that the user does not have the appropriate rights, even if they seem to be correctly assigned:
Reasons
As of version 12.0.4, file operations are controlled by the same security framework used in the UUX for object visibility.
The file is always related to an object, and an object belongs to some Configuration Item, so the system checks that at least one Data Query is allowed for the user for any Data Definition included in the Configuration Item.
Access is granted only if:
-
The user has "Read" CI permissions for the object.
-
Either:
-
No Data Query is configured for the CI, or
-
A Data Query exists with an Audience that includes the user
-
This affects both file uploads and downloads.
See also, Important or Breaking Changes: File/Attachment Security and SolutionBuilder Architecture: Data Access pages.
Resolution Steps
To resolve the issue:
-
Check Configuration Item Permissions:
Ensure the user has "Read" CI permissions for the object in question.
See also: CRUD Security Management in UX -
Go to the Administration application → Schema → Data Definitions and check for related Data Definitions that have the
classbase
in the name (except of SPSCommonClassBase) and cardinality equals mandatory:Name like '%ClassBase' and Name <> 'SPSCommonClassBase' and Cardinality = Mandatory
-
Verify Data Query:
-
Confirm that at least one Data Query based on the found Data Definition exists for the CI.
-
Check that the Data Query has an Audience that includes the user.
See also: How to Set Audience in SolutionBuilder
-
-
Adjust Access If Needed:
-
Update the User Role permissions if "Read" access for the Configuration Item is missing.
See also: CRUD Security Management in UX -
Add the user to the Data Query Audience, or create a new Data Query if necessary.
See also: Creating and Editing Data Query
-