System Entity Restrictions

System Entity Restrictions

In Version 8 we were able to consume system entities such as "Espace", "Entity", etc.  However, now that we have upgraded to 9, we aren't able to consume these entities in new modules.  I'm getting the messsage: "You are not allowed to use the entity 'Espace'".  Is there a setting somewhere where I can turn on the ability to have read access to the system entities?
Hi Rebecca,

Those entities are still public in Platform 9 just as they were in the past.
Are you using Lifetime? If yes, what permissions do you have on the environment?
Also can you try to publish the module with a user that has the Administrator role?

I'm not sure how reference permissions to system entities work with the Lifetime roles (since the roles are granted to Applications, and the System does not show in Lifetime). I'll ask around tomorrow.

João Rosado

it seems a bit strange. you can use/reference them in your service studio, but once deploying via lifetime the errors will popup :(

Hi again,

As promissed, I asked around and was told that the user making the stagings/publishes need to have "Open & Reuse" permisson on the "All Applications" for that environment.

Does that make sense with your permissions?

João Rosado

The environment that I'm publishing to is set to "Change & Deploy".  No environments with "No Access".  I also tried with the administrator role with no luck.
Hi Rebecca - Did you eventually get this sorted?  I'd be really interested to know how if you did, having a similar issue with system entity 'Roles'.

hi i had the similar issue with referencing "Group" and "Group_user" entites.

I am not able to reference saying permission error.

any steps would be appreciated.

Hi Kiran,

You need the "Change & Deploy" permission for "all applications" in order to reference the "Group" and "Group_User" entities. As an administrator from your environment you should be able to do it.

If you are having security errors has an administrator?

Hi, We have the same issue.
I downloaded a solution from forge, and tried to make 1-click publish, and I have got huge amount of errors like that: Required Permission You are not allowed to use the Entity '....'.

Can outsystems fix it asap?
Please check my answer to this topic in this thread

In short, it's a security feature that is being reconsidered as it was causing a lot of surprise and misunderstanding.
Hi Ricardo,

Not judging the merit of the security feature, let me suggest that this was not transparent to the user, hence, it caused confusion.

To anyone that is having this error. Can you tell me the exact version you are using from ServiceCenter and lifetime?

We have platform. How to I check lifetime version?  We might have had support send us an update but I can't remember.
Hi Rebecca,

I know you can look for LifeTime by going to Service Center and checking in Factory | Solutions.
By the way, why not having these important versions information easily accessible in one single place?
In the solution it just says version ... same as the server.  I assume it was only updated with the platform upgrade.  As for maintaining versions I usually rely on versioning in lifetime since we are supporting 10+ applications and are quickly adding more.  I usually only check platform version and service studio version.

This was a design decison made some time back, and the rationale behind it was that system tables usually contain more sensitive information. As such, in order to prevent misusage of that data, one would require very high privileges (Administrator) over the environment (and, as a side effect, over all applications) in order to first publish a module referencing system entities.

We have reviewed and changed this behaviour so that, in order to first publish a module referencing a system entity, the user only requires "Change & Deploy" on the environment.

This change will be available in GA for 8.0.1.x and in RC for 9.0.1.x. These versions will both be available in the beginning of July 2015.

If you are an Administrator over the environment and this is still not working, you might actually have another problem, one related with synchronization. In that case, I would kindly ask you to contact support, so that they can help you trobleshoot the problem.