https://netsuiteprofessionals.com logo
Join Slack
Powered by
<@UDDD0LEGN> For your externalid issue - We do th...
# general
d
@Chase For your externalid issue - We do this to expose the external ID value on our customer, vendor and employee records. Easiest way is to create a custom text field deployed to all of the entity types, uncheck save value, and use the default formula {externalid}, set the field disabled or inline text. This should work to load your external id values in the UI. Note - By design, you cannot directly EDIT externalid's in Netsuite UI, only via suiteTalk, CSV, script, etc.
c
Yes, this is exactly what I don't want. The feature is completely broken for me. scripts have to be run by an Admin in order to edit that for users with an Admin role. Yet, the admin can't connect via web services, thus leaving no good way to update this shit via API
painted into corners with broken glass and razor blades on the floor with no shoes yet again by Oracle.
d
You are correct, that is again, by design. users with Admin roles cannot be edited by anyone other than Admin roles. There are possible solutions, like... using a workflow, with a workflow action script on the custom field I described, since WF's can be set to run with administrator privileges a WF should be able to set the external ID. Let me know if you want assistance solving the problem, or maybe you're just complaining about Oracle 😉
Also, I'm not sure what you mean by "Admin's can't connect by web services". Can you explain?
c
The admin role can't use web services (restlets) and you can't alter the role to give it that permission
but yes, I'd be happy to know how to setup a workflow rule to set the value
d
The restlet governance is defined in the restlet deployment record. you should be able to enable it for the admin role.
Netsuite did make changes this year to more or less require Token Based Authentication for all web services. You would most likely wanting your restlet to authenticate via TBA for your admin role: https://system.netsuite.com/app/help/helpcenter.nl?fid=section_1530099787.html
c
yea, we only use TBA
k
@Chase You defo can give your restlet admin priviledges using TBA and OAuth.
c
I don't see a runas on a script deployment or script. There's no way to elevate what that runs as for a restlet. Can an admin user hit the restlet? That's where I don't see how it's possible as the admin role itself cannot login to web services nor can you add that ability
you can't alter the Administrator role (role ID 3)
When I create an access token for the user with the admin role and try to hit the restlet, I get a permission denied error because the admin role cannot use web services
k
Well i was using a restlet to create a customer record from a wordpress website no problem. and this was using TBA and OAuth tokens.
I was also able to get it working with postman
c
yes, I have restlets working to gather information from employees, departments, customers, projects, and tax tables. I can also update or insert into employees, departments, customers
however, since customers are "users" when they're given access and a role (some of which have the Administrator role), they cannot be updated in any way, shape, or form from the restlet at that point as record.load() will fail due to permissions difference
The API user has full access to the employee object, etc. yet because the API user isn't logging in with its Administrator role, it can't edit those users/employees.
When I try to use the user's access token for the Administrator role (it's in the Administrator role for this purpose) it can't login to the web service to hit the restlet
k
The only thing I would suggest is to not have as many administrators but as an administrator myself I would never have too many anyway it's quite a security risk personally
c
and we're back at my previous point of view to where Oracle is shit
when I grant full permissions to an object, I expect to be able to have full permissions to the object. what the hell kind of caveat BS is this?!?
d
Make sure the Administrator role is indicated in the RESTlet audience for your deployment.
2 Views
Open in Slack
PreviousNext
Powered by