ACLs on Archived Tables are not getting evaluated when accessing Archived Records but ACLs on original table are evaluated - Support and Troubleshooting

ACLs on Archived Tables are not getting evaluated when accessing Archived Records but ACLs on original table are evaluated Issue When you debug the ACLs, you see that the ACL created on table 'ar_incident' is not evaluated but the ACLs on the table 'incident' are evaluated and the access is provided accordingly.

However, this evaluation only happens when you have an explicit Read ACL on the archived table. Once you have an ACL on the archived table (ar_incident), the ACLs on the table from which it is archived (incident) will get evaluated.

Cause This is the expected behavior of the platform.

Resolution The solution in this scenario would be to create an explicit ACL on the archived table (ar_incident). This will cause the ACLs on the base table (incident) also to get executed.

If the requirement is to allow only specific users to have access to archived tables, system administrators can make use of a before query business rule to achieve the same.

Related Links You can follow the below steps to see this behaviour

- Login into any OOTB instance - Activate the archive rule 'Incident - Inactive and closed over 6 months' - Run the rule using 'Run Archive now' under related links - A new table "ar_incident " will be created - Create a new role 'testArchive' - Create a Read ACL on Table 'ar_incident' with requires role 'testArchive' (Note that it shows that it is masking the Read ACLs on 'incident' table) - Do not assign the role to any user - Impersonate Beth Anglin (or any user who has read access to 'incident') - Access the table 'ar_incident'