ACL not being evaluated for a Database view. - Support and Troubleshooting

ACL not being evaluated for a Database view. Issue A read ACL was created for one of the tables joined through the database view. However, when following the steps in KB0535471 (looking at the ACLs which are being evaluated as part of the database view by Configure > Security Rules from the database view record itself), we noticed the read ACL wasn't part of the list of ACLs being evaluated.

Cause The system property glide.security.expander.view.legacy doesn't exist in the instance, since this isn't a new instance.

In the docs ( ACLs and database views" href="https://docs.servicenow.com/csh?topicname=c_DatabaseViews.html&version=latest#d86355e72">Database views > ACLs and database views) it is mentioned: " For upgraded instances, add this property to the system, and set it to true for the same legacy behavior in pre-Istanbul releases, or set to false to use the new behavior. " But the fact that for upgraded instances this property does not exist at all, can be easily overlooked. Regardless the value, it requires explicit creation.

Resolution To correct this, you need to create the system property and give it a value of false:

1. Navigate to sys_properties.list 2. Click on New and complete with the following values: -Name: glide.security.expander.view.legacy -Type: true | false -Value: false 3. Submit