function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Pere Martí RuizPere Martí Ruiz 

Is it possible to grant delete permissions using apex managed sharing?

Hello, 

 

I have Custom_Object__c with:

  1. Org-Wide Default Settings as: Private
  2. Object Permissions in the user Profile: Create, Read, Edit, Delete.

I have a small development in Apex that is creating some apex managed sharing rules, to give certain users access to records they don't own. So far I only needed to give the users either "Read" or "Edit" permissions. So all worked ok.

However, now I need to grant users delete permissions for records they don't own. Without touching profile nor org-wide default settings. This would mean creating the apex managed sharing rules with accessLevel = 'All'.

I looked into the documentation, it seems to say that it's not possible to do that. (http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_bulk_sharing_understanding.htm)

All: This access level can only be granted with Force.com managed sharing.

Does anybody know a workaround to give the user delete permissions for records they don't own using apex managed sharing?

 

Thanks in advance.

Best Answer chosen by Admin (Salesforce Developers) 
Vinita_SFDCVinita_SFDC

Yes, the All access level can only be used by Force.com managed sharing.

 

Refer: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_bulk_sharing_creating_with_apex.htm

 

All Answers

Vinita_SFDCVinita_SFDC

Hello,

 

It is not possible unless we provide delete access at object level, that is in profile. After having delete permisson at object level, you would be able to  grant delete access on selected records.
Pere Martí RuizPere Martí Ruiz

Hello,

 

Thanks for your answer,

 

Unfortunately as I mention in point 2, my Custom_Object__c already has delete permissions in the user's profile. Still I am unable to grant delete access for records the user doesn't own, via Apex Managed Sharing (apex code). It seems that I am not allowed to set the sharing rule field accesLevel = 'All' in the code.

 

Any workarounds ?

 

 

 
Vinita_SFDCVinita_SFDC

Yes, the All access level can only be used by Force.com managed sharing.

 

Refer: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_bulk_sharing_creating_with_apex.htm

 

This was selected as the best answer
Sure@DreamSure@Dream
Hi Vinita/Pere Martí Ruiz,

Were you able to create a share a record using apex, with AccessLevel as "All"?.
I have created a Sharing reason in custom object. But I am unable to share a record with AccessLevel as All, from apex.
Its giving me the following error:
"System.DmlException: Insert failed. First exception on row 0; first error: INVALID_ACCESS_LEVEL"

Thanks,