ACL error on list filter - "Part of the query on incident has been ignored because of read security rules"SummaryThis article details on the newly surfacing issue scenario observed with the list query on platform list, list report and lookup lists, which is actually related to latest ACL behaviour change. Background: Earlier, we allowed the users to build queries on tables with fields, even though the user didn't have access to those fields in the filter. For example, consider a filter on incident.list as below, that is, Caller.User ID = alex.rayNow, lets consider the user "Beth.Anglin" accessing the above list with the filter "Caller.User ID = Alex.Ray".Lets consider, "Beth.Anglin" have access to the sys_user table but do not have access to the "sys_user.User ID" field, still the system will render the result as below, as it enforce ACLs only the output of the query result, not on the fields in the query, Root cause: This posses a security risk, as user who do not have access to the field can try to filter with those fields in the list to exploit more information for which he do not have access to. To address has been addressed as part of PRB1716537 was fixed in Washington release and backported to Utah/Vancouver latest patches.As a result of this, when customer upgrades to Washington/Xanadu release, or when move on to latest Vancouver Patches, the same list query which worked earlier, will break as shown below with error "Part of the query on incident has been ignored because of read security rules on incident.caller_id.user_name", Solution: To mitigate this issue, customer has to create new query_range/query_exact type of ACLs with the respective table and field. query_exact → Enables users to submit match queries("is", "is not", "is empty", etc).query_range → Enables users to submit range queries("starts with", "ends with", "contains", etc) and sorting is unrestricted.For more details, please refer below documents, ACL rule types - Create ACL rulesQuery ACLs - granular access control Additionally, this error message can be hidden by creating and setting the below property to false: Name : glide.db.encoded_query.field_acl_error_msg Type : true | false Value: false