Milestones not deleting from Strategic Planning workspace CSTASK1330919DescriptionMilestones not deleting from Strategic Planning Workspace The MilestoneAPI.deleteMilestoneById() script include (scope: sn_milestones) used GlideRecordSecure to perform the delete operation. GlideRecordSecure strictly enforces all ACL rules, including data conditions, regardless of the calling user's admin status. The delete ACL on the sn_milestones_milestone table contains the following data condition: source_table != sn_align_core_projectThis condition prevents deletion of any milestone whose source_table field is set to sn_align_core_project. As GlideRecordSecure evaluates this condition for all callers, including admin-context system flows, the deletion silently fails. Steps to Reproduce Prerequisites: - A Strategic Planning Workspace instance with the Milestones (sn_milestones) and Alignment (sn_align_core) plugins installed - A project linked to an alignment project (so milestones are created with source_table = sn_align_core_project) - A non-admin user with milestone delete permissions Steps: 1. Log in as a non-admin user with access to the Strategic Planning Workspace. 2. Open a project that was created from or linked to an alignment project. 3. Navigate to the Milestones section of the workspace. 4. Attempt to delete a milestone associated with the alignment project or modify a milestone at execution record (uncheck key milestone checkbox). 5. Expected: Milestone is deleted successfully 6. Actual: Deletion silently fails, the milestone remains WorkaroundIn MilestoneAPI.deleteMilestoneById(), GlideRecordSecure was replaced with GlideRecord. GlideRecord honors admin overrides: when the operation runs in an admin context (e.g., the APW sync flow), ACLs including data conditions are bypassed, allowing the deletion to proceed. Non-admin callers remain subject to the ACL data condition as before. Script Include: MilestoneAPI (sys_id: 2d6a3fcf77272010e8f94a57d81061a3, scope: sn_milestones) Before: deleteMilestoneById: function(milestoneId) { var gr = new GlideRecordSecure(this.table); ... } After: deleteMilestoneById: function(milestoneId) { // GlideRecord used here to allow admin-context callers (e.g. APW sync flow) // to delete milestones where source_table=sn_align_core_project. // GlideRecordSecure blocks even admin due to the delete ACL data condition. var gr = new GlideRecord(this.table); ... } Related Problem: PRB2000557