In Salesforce, if a user creates a dashboard, he gets edit access. But if the admin created the dashboard and gave it to a user but he does not get edit access, is there any solution?
Someone with administrative privileges would need to change the share settings of the dashboard to give the user edit access. Depending on the circumstances, another option could be to clone the dashboard.
Note: You will likely still need access to, maybe edit access to, underlying reports as well.
If this doesn't help, will you provide more details about your circumstance?
Related
I need to disable EDIT access of system admin and only want to provide READ access. I have tried it from pagelayout but still system admin can edit the field.
I can't use the validation rule because this field gets populated/updated from another field value.
Please tell me any solution for it.
Thanks in advance.
We have the angularjs application where we have different roles associated to the users. For ex: the two roles are Admin and Local. Based on the role, we show some menu items for the Admin and adds more features/screen to the Admin .
The userInfo with the Admin Property is returned from the login response and based on what we decide which all menu and screens to be rendered .
But if we user the developer tool, and the set the break point where the admin property is used, and set the admin property as true the user even he is a local user would be able to access admin privileges .
In short who has some idea about the javascript code can get the admin privileges . Is there any idea other than minification of the code to prevent this kind of security threats
Thanks
As the front-end of your application will run on the client machine there is actually no way to stop a user from debugging or modifying the code. Thus it's impossible to prevent someone from tricking their local instance of the application to think it's signed in as an administrator.
If you simply want to hide the admin interface, one possibility is to have separate (or additional) templates for administrators and restrict access to these based on the user's privilege. If there is anything to be gained from this is up to you. You will still need to validate the rights to execute any privileged action on the server anyway. Obtaining administrative privileges on the client must never be the same as obtaining them on the server side.
I want to do a role based access for the pages in AngularJS.
Based on the role pages should be shown to the user.
Can any give me an example? Which should be a best solution.
To access the page based on the role is very easy.
Suppose if the web/dashboard have three roles like admin, support, employee.
assign the field as userrole to the users.
Now assign the roles for those pages as ng-if="userrole=='admin'" or vice versa
now based on the roles the pages are accessible
I'd suggest you take a look at (in the following steps):
Decide on an approach for accessing the current users role.
Look into ui-router, specifically it's Resolve method.
Run some third function inside the Resolve method to see if the user is of the correct role, and handle your cases in what way you will.
Something I worked on a while back had an Authenticate method running in the Resolve method, you may want to have a look at that for reference. This was not role based however, but it may give you a nudge in the right direction.
Routes:
https://github.com/kasperlewau/metalmarket/blob/master/app/assets/javascripts/config/routes.js
Auth Service: https://github.com/kasperlewau/metalmarket/blob/master/app/assets/javascripts/app/services/auth.js
If anyone has a better idea for role based / logged-in based authentication, I'm all ears.
I am trying to edit site.com site in my org, Through i am system administrator it gives me access level error shown below:
'you do not have the level of access necessary to perform the operation you requested. Please contact the owner of the record or your administrator if access is necessary.'
Any suggestion??
Check the security tips from https://salesforce.stackexchange.com/questions/5598/permission-problem-in-sales-forece and http://boards.developerforce.com/t5/Force-com-Sites-Site-com/page-is-showing-insufficient-privilege/td-p/233797
If you're sure the security of the Site is fine - try to debug the site https://salesforce.stackexchange.com/questions/1149/how-can-i-get-a-debug-log-for-the-sites-guest-user-public-profile (because you might be getting an Apex error that's not being displayed on your VF page).
Did the site used to work or is it new? If it's new I'm betting on permissions (first 2 links), Guest User profile should be examined if he has access to the objects you're using...
Last but not least: there's a bug they've fixed 5 days ago: http://success.salesforce.com/issues_view?id=a1p30000000RivgAAC Maybe you need to use this workaround, maybe you simply can clone the site and it'll work fine...
you have to check your profile, and i guess that there is someone who have created the profile for you and delegate you to be an administrator, if this is not your problem, you have to go to your personnal informations and click edit and you may find a checkbox which concerns "Site Publisher" you have to check it to be able to create and publish your site :)
In DotNetNuke, Administrator only can add new user. I want to allow other user with custom role as well to Add New User. Is it possible with DotNetNuke ?
It used to be possible, though I haven't tried this in quite a while.
Basically what you can try a couple of options.
1) You can assign PAGE permissions on the User Accounts page in DNN to users of a specific role. Then you will need to provide those users a LINK to the page, as they won't see the admin menu and won't have access to the link via the Admin menu.
2) You can actually (used to be able to) place the User account module on a page that other roles have access to, the problem is that the User Accounts and Security roles modules are "premium" meaning that you have to specifically (as a superuser) allow them for use in a portal before they can be placed on a page. You do this from the host/extensions page and click on the edit pencil next to the module, find the premium section then assign it to the specific portal. Then you will add the module(s) to a page, you'll find that more than just the User Account module gets added, so you will want to remove the extra ones by deleting them from the page.
Hopefully one of those two options will work for you.