SuiteQL Access Issue for Custom Record – Troubleshooting and Solution

Issue Summary: A user is unable to access the custom record customrecord_jj_intercompany_invoice via SuiteQL API, despite having the necessary permissions granted in their role. The user can access the record through the NetSuite UI, but SuiteQL returns no results. This article explores the potential causes and the solution for this issue.

Root Cause Analysis:

Upon investigation, the following findings were made:

1. Role Permissions:

• The role used for the API request has been assigned permissions to the custom record customrecord_jj_intercompany_invoice, including “View” or “Full” access to Custom Records. Additionally, the “Perform Search” permission under “Permissions > Lists” was confirmed as granted.

1. Subsidiary Restrictions:

• The role in question is assigned only to one subsidiary: ABL Group: Middle East: AB-KSA. Even though the user can view the record in the NetSuite UI, the SuiteQL query is failing because the query is filtered based on subsidiary restrictions.
• Subsidiary-based filtering applies even when the custom record permission setting is “No Permissions Required for Internal Roles.”

1. SuiteQL Query Results:

• The SuiteQL query run for a specific record (customrecord_jj_intercompany_invoice WHERE id = 18826) returned no results, despite having the correct record ID. This points to potential subsidiary filtering or access restrictions not immediately visible via the user interface.

Solution:

The solution involves ensuring the role can access records from all subsidiaries or allowing cross-subsidiary record viewing. Here’s a step-by-step guide to resolve the issue:

Enable “Allow Cross-Subsidiary Record Viewing” Permission:

If the user needs to access records across multiple subsidiaries, enabling the “Allow Cross-Subsidiary Record Viewing” permission in the role configuration is necessary. This will remove the subsidiary-based restrictions when querying SuiteQL and will allow the role to access records associated with subsidiaries outside of the assigned one.

Steps to Enable “Allow Cross-Subsidiary Record Viewing”:

1. Navigate to the Role Configuration: Go to Setup → Users/Roles → Manage Roles.
2. Edit the Role: Find the relevant role. Click Edit to modify the role settings.
3. Add the Permission: Under the Permissions tab, go to the Setup section. Add the permission “Allow Cross-Subsidiary Record Viewing”.
4. Save Changes: After adding the permission, click Save to update the role.
5. Log Out and Log Back In: To apply the changes, log out of the system and log back in using the updated role.
6. Re-run the SuiteQL Query: Once logged in with the updated permissions, re-run the SuiteQL query to check if the issue is resolved.