When logged in as a standard user, an attempt to update a Salesforce field fails with the following:
HTTP response error code 400 (Bad Request).
The body of the response has:
{"message"=>"insufficient access rights on cross-reference id", "errorCode"=>"INSUFFICIENT_ACCESS"}
Attempting the update with Admin privileges succeeds. So, are standard users not allowed to update records? Is there a role definition that allows update on records that the user has access to in the Salesforce application?
Thanks,
standard users can update records that have edit rights to, check their profile settings, and make sure they have access to both the record you're trying to edit, and the record they are trying to reference.
Related
I am trying to integrate Salesforce API's.
I have created a Permission Set and assigned a salesforce license. When I call API(GET) url/PermissionSet/{id}. It gives me list of permissions that are either true or false. Now There are few permissions that I want to update like PermissionsIsContactCenterSupervisor or PermissionsIsotopeCToCUser These permissions are not updating when I hit patch call from http client.
While I call desribe against PermissionSet I can see that there are few properties against each sObject that tells us whether that sObject is updateable or not but against above mention permissions updateable is true. So It means I can update it but it gives me The user license doesn't allow the permission on Patch call
So my question is Do we have any API or SOQL that let us know that which permissions in a PermissionSet that you can't update it against a specific license?
Thanks
I am using force.com sites with VF page and apex controller. In class I am doing update dml operation based on Field Level Security check on fields using [objectName].fields.getMap().get([fieldApiName]).getDescribe().isUpdateable(). This statement is returning false always even though guest user profile has Edit access on fields.
Removing this if check is a option for now although I am wondering if there is any existing limitation to use this check. Any insights are appreciated.
Thank you
Salesforce removed the update permission from Guest users a while ago.
Documentation
Guest users can’t have more than read access to data
Guest users can’t have the update or delete permissions on objects. Guest users can only update or delete records in System Mode.
If Guest user profile has create permission on object and edit permission on field, isCreateable() will return true, but since the profile lacks the update permission isUpdateable() will return false
I'm using Esignature Salesforce with Docusign, and I when I tried to add a new user to the Docusign by the Salesforce, I'm receiving the follow error:
could not be activated - [USER_AUTHENTICATION_FAILED] One or both of Username and Password are invalid.
This error occurs to some users only.
I saw in the Slaesforce and Docusign log and there is no error appearing on the log.
Is someone know what is happening?
this typically means the Salesforce username/email combination already exists as an active user on the account server they're trying to add them to. They can either a) have those other users on the other accounts closed, or b) In versions 7.2.1+ resolve it with this workaround:
User Authentication Failed Workaround
Add the user directly in DocuSign > Admin > Users
Have the user complete the activation steps.
Go to the Object Manager
Go to Users
Go to Page Layouts and edit the User Details Page Layout
Add the DocuSign Username Field (might be labeled DSProSFUsername), to the layout
Login directly to DocuSign
Go to Admin
Go to Users
Click on the affected User and copy their API Username
Go back to Salesforce and Edit the User Record
Paste in the API Username into that DocuSign Username field.
Add the DocuSign User or DocuSign Administrator Permission Set Assignment Manually
Go to the Apex Troubleshooting page here: https://support.docusign.com/articles/How-do-I-troubleshoot-issues-with-DocuSign-for-Salesforce-configurations-settings
Run a Force User Sync.
I'm creating an application in with angular and nodejs and I need to be able to read another user's list of events. Right now I am attempting to use "https://graph.microsoft.com/v1.0/users/otherusername#companyurl.com/events" this gives me the 403 "Access is denied. Check credentials and try again.". However, if I use "https://graph.microsoft.com/v1.0/users/myusername#companyurl.com/events" it works(as most would expect). My question is, why is it when I use outlook I can use scheduling assistant to see the events for "otherusername#companyurl.com" without being an admin but in my application I cannot see their events due to credentials?
The library I'm using to connect to microsoft graph api is https://github.com/AzureAD/azure-activedirectory-library-for-js
The delegated permissions I have set in azure are
View users' email address
Sign users in
Read user contacts
Have full access to user calendars
Read user calendars
Send mail as a user
Read directory data
Read all users' basic profiles
Sign in and read user profile
Application permissions (I understand these require admin)
Read calendars in all mailboxes
Graph api permission scopes
Any help is appreciated, thankyou.
Fugal - This is by design. You can use FindMeetingTimes API to schedule meetings with other users. This can be accomplished with just Calendar.Read permission. See http://graph.microsoft.io/en-us/docs/api-reference/beta/api/user_findmeetingtimes for more info.
For you to view another user's calendar using /events endpoint, you need a special permission (something like Calendar.Read.Shared) that we are still in the process of adding. Once we add that, you will be able to use /Events to access any calendar that another user has explicitly shared with you. But if you want to just schedule meetings, FindMeetingTimes should be sufficient.
On the Profile page in Salesforce, there's an permission checkbox for Mass Email. How can I query this value using Apex?
The Profile object has a bunch of fields named like PermissionXXX that indicate whether a profile has a certain permission. I just checked, and in my org, I don't see a permission field for mass emailing. So either my org doesn't have this feature (I dont' think this is the case), or more likely, salesforce chose not to expose this permission on the Permission object. If the latter is true, there may not be a way to check, other than try/catch, which you could treat as a permission check.
http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_gov_limits.htm
There is a section email limts in the above page and it specifies all your mits for mass email and individual email.