Hi everyone,
I am building a report that is accessed by a Super Admin (business user). The purpose of the report is to display which users belong to which groups.
To retrieve the group information, I am using the a!groupsForUser() function. However, when the report runs under the business user context, I receive the following error:
a!groupsForUser()
Expression evaluation error in rule at function a!groupsForUser [line 6]: The user does not have sufficient privileges to get groups for user. [User Context: ...] does not have sufficient privileges to perform the requested action.
a!groupsForUser
It appears that this happens because some users belong to restricted groups (for example Developer groups or Health Report groups) that the business user running the report does not have permission to view.
Because of this, the entire report fails instead of simply ignoring those restricted groups.
My question:
Is there a way to:
Retrieve only the groups that the logged-in user has permission to see, without the expression failing, or
Skip/ignore restricted groups when using a!groupsForUser() so the report can still run successfully?
Any suggestions or best practices for handling this scenario would be greatly appreciated.
Discussion posts and replies are publicly visible
Another option would be to make use of the objectdetailsbyidentifier() function in the Appian Solutions Plugin. If the current user does not have access to the given group objectdetailsbyidentifier() will be null. Some variation of the code below should get you what you're looking for.
reject( a!isNullOrEmpty(_), a!forEach( items: getallgroups(-1, 1), expression: a!localVariables( local!objectDetails: objectdetailsbyidentifier( objectId: fv!item, objectUuid: null, typeId: 5 ), if( a!isNotNullOrEmpty(local!objectDetails), group(fv!item, "groupName"), null ) ) ) )