When an external user (snc_external role) views the Report widget which is displaying a published report they get "Security constraints prevent access to requested page" instead of the report.
The user does not have access to the report_viewer ui_page which we use to display the report in the widget. Also it needs to have read access to the sys_report table and review_view access to the table where the data in the report comes from
Here are the steps to add the new ACL for the report_viewer ui_page so snc_external users can see reports in the report widget.
1) Navigate to System Security > Access Controls (ACL).
2) Click the New button.
3) Set the Type to ui_page, the Operation to read, and the Name to report_viewer
4) Add the snc_internal and snc_external roles.
5) Save the ACL.
6) Repeat step 1 & 2, then set the Type to 'record', the Operation to 'read', and the Name to 'sys_report'
7) Add the snc_external role and save the ACL
8) Repeat step 1 & 2, then set the Type to 'record', the Operation to 'report_view', and the Name to the table where the data in the report comes from. For example, if the report is for Incident, then put the name on incident
9) Add the snc_external role and save the ACL.
*Note: please also add other roles that need to access corresponding reports to this ACL e.g. itil or snc_internal, depends on your actual requirement. Otherwise, users without the snc_external role will not be able to access those reports after adding the ACL. This behavior is working as how the report_view ACL designed*