Fix: Remove userId/username injection from screen render params

The username parameter was being injected into screen render params, which conflicted with FindCustomer's 'username' search field. This caused the screen to filter results to only show customers with username matching the current user (john.sales*), returning 0 results. User context is already available via ec.user for authorization purposes, so injecting these params was redundant and harmful.

Fix: Remove userId/username injection from screen render params
The username parameter was being injected into screen render params, which conflicted with FindCustomer's 'username' search field. This caused the screen to filter results to only show customers with username matching the current user (john.sales*), returning 0 results. User context is already available via ec.user for authorization purposes, so injecting these params was redundant and harmful.
Ean Schuessler
Showing 1 changed file with 3 additions and 2 deletions
service/McpServices.xml
--- a/service/McpServices.xml
View file @c36293a
+++ b/service/McpServices.xml
View file @c36293a
@@ -1418,8 +1418,9 @@ def wikiInstructions = getWikiInstructions(inputScreenPath)
                .auth(ec.user.username)

            def renderParams = parameters ?: [:]
-            renderParams.userId = ec.user.userId
-            renderParams.username = ec.user.username
+            // Note: Don't inject userId/username into renderParams as they may conflict with
+            // screen search fields (e.g., FindCustomer has a 'username' search field).
+            // User context is already available via ec.user for authorization purposes.

            // Build the screen path - append action/transition if specified
            // This lets the framework handle transition execution properly (inheritance, pre/post actions, etc.)