function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
VenzVenz 

Guest Site User, EventRelation, Summer 20

Hello,

Does anybody know how to insert EventRelation records under Guest Site user after Summer 20 release?
I have the following code that is executed under "without sharing" permissions
List<Event> existingEvents = [SELECT WhatId, OwnerId, StartDateTime, EndDateTime, FROM Event WHERE Id = '00U1b000001fhBpEAI'];
existingEvents[0].StartDateTime = existingEvents[0].EndDateTime.addHours(-1);
update existingEvents[0];

insert new EventRelation(EventId = existingEvents[0].Id, RelationId = '00Q1b00000BsO5l', Status = 'New');
It gives me "Insert failed. First exception on row 0; first error: INSUFFICIENT_ACCESS_OR_READONLY, null: []"
 
03:38:15.0 (85981882)|SOQL_EXECUTE_BEGIN|[26]|Aggregations:0|SELECT WhatId, OwnerId, StartDateTime, EndDateTime FROM Event WHERE Id = '00U1b000001fhBpEAI'
03:38:15.0 (94621998)|SOQL_EXECUTE_END|[26]|Rows:1
03:38:15.0 (94854952)|VARIABLE_SCOPE_BEGIN|[26]|existingEvents|List<Event>|true|false
03:38:15.0 (94924847)|VARIABLE_ASSIGNMENT|[26]|existingEvents|[{"WhatId":"0061b000004eFxLAAU","OwnerId":"005360000017cKUAAY","StartDateTime":"2019-08-20T14:00:00.000Z","EndDateTime":"2019-08-20T14:30:00.000Z","Id":"00U1b000001fhBpEAI"}]|0x6b153f57
03:38:15.0 (94936602)|STATEMENT_EXECUTE|[27]
03:38:15.0 (95296873)|VARIABLE_ASSIGNMENT|[27]|this.StartDateTime|"2019-08-20T13:30:00.000Z"|0x4d3725de
03:38:15.0 (95306508)|STATEMENT_EXECUTE|[28]
03:38:15.0 (95372745)|DML_BEGIN|[28]|Op:Update|Type:Event|Rows:1
03:38:15.0 (95405572)|HEAP_ALLOCATE|[EXTERNAL]|Bytes:8
03:38:15.0 (687855591)|CODE_UNIT_STARTED|[EXTERNAL]|01q36000001Vtxg|Trigger_Event on Event trigger event AfterUpdate|__sfdc_trigger/Trigger_Event
......
03:38:15.0 (753602730)|VARIABLE_ASSIGNMENT|[29]|this.EventId|"00U1b000001fhBpEAI"|0x60e6adb4
03:38:15.0 (753684136)|VARIABLE_ASSIGNMENT|[29]|this.RelationId|"00Q1b00000BsO5lEAF"|0x60e6adb4
03:38:15.0 (753723876)|VARIABLE_ASSIGNMENT|[29]|this.Status|"New"|0x60e6adb4
03:38:15.0 (753798790)|DML_BEGIN|[29]|Op:Insert|Type:EventRelation|Rows:1
03:38:15.0 (804681249)|DML_END|[29]
03:38:15.0 (804839936)|EXCEPTION_THROWN|[29]|System.DmlException: Insert failed. First exception on row 0; first error: INSUFFICIENT_ACCESS_OR_READONLY, null: []


 
ShirishaShirisha (Salesforce Developers) 
Hi Venz,

Greetings!

EventRelation is nothing but the related attendees which can be Contacts or Leads on the event.As per the debug logs,I can see that the relationId as "00Q1b00000BsO5lEAF" in the below line:


03:38:15.0 (753684136)|VARIABLE_ASSIGNMENT|[29]|this.RelationId|"00Q1b00000BsO5lEAF"|0x60e6adb4

Which indicates the Lead Object.So,I would suggest you to check,if the guest user has required permission(Read/write) on Lead Object to allow them to create new Lead record related to the Event.

Kindly mark it as best answer if it helps so that it can help others in the future.

Warm Regards,
Shirisha Pathuri
shilpa smithshilpa smith
While transfer and download figures are significant, the genuine trial of the nature of your hookup is your 'ping' rate. At times known as 'inertness' or 'slack', ping is the millisecond estimation it takes for a little bit of information to go from your PC, arrive at its area and afterward go back to you. The lower the ping number, maxis speed test (https://tmspeed.com/maxis-speed-test)the quicker your connection is. While a low ping number isn't fundamental for general everyday web surfing, in the event that you appreciate playing internet games, at that point it is significant.
 
VenzVenz
Thanks Shirisha,

Your suggestion will not work because of two points:
1. I mentioned that this code is executed in a class with keywords "without sharing" so any restrictions around sharing rules are ignored;
2. In Summer 20 (probably in previous releases as well), there is not way I can give a guest user Edit / Delete permissions for Lead object. AFAIK, these permissions are ignored in Apex code.
ShirishaShirisha (Salesforce Developers) 
Hi Venz,

Greetings!

I agree,but because of the permission called "Secure Guest User record access" permission on OWD settings the external access for all the Objects has become Private.

If you would like to allow them to access the record then you can simply create the sharing rule on guest user which can allow you to give "Read Only".But,if you would like to allow them to create the new records/edit records then you would need to change the permission on External Acces.

Also,since you are using the "without sharing" keyword so the sharing rules created for users are not enforced.So,we need to give the Access on the Object to allow them to create the record.

Reference:https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_keywords_sharing.htm

Thank you!
VenzVenz
Even though I have read and create access, it is not required. From the url you suggested "Apex code runs in system context. In system context, Apex code has access to all objects and fields— object permissions, field-level security, sharing rules aren’t applied for the current user."
User-added image
VenzVenz
I think I found a workaround:
The idea is to somehow switch a user context under which the code is executed.
This can be done using Platform Events feature.
The code where we had Event + EventRelation logic will now insert platform events and platform event triggers will execute the logic in different transaction and under "Automated Process" user.
I works for the abowe example, lets see how it will work in production solution.