You need to sign in to do that
Don't have an account?
Checking user access to an object – Through Code
There are numerous ways to setup security in Sales Force. It seems that all the various security settings boil down to one place: Sharing. Specifically I mean the sharing button on any private object.
Our opportunities are private, so I see this sharing button. When I click it I get a list of those users or groups that can view or edit this opportunity. There is another button called: Expand List.
Using that list I can view every single user that can view the opportunity.
My question: How do I determine if a user can view an object? Say I have a Sales Force UserID and a Sales Force Opportunity ID.
Is there anyway I can plug that into something and get out a “Yes they can see this” or “No they cannot see this”
Or even better, the read/write status?
Here is my current thought... I don't like it but...
(This is VB.NET)
Dim IsValid As Boolean = False
Dim ObjectID As String = "Obj ID"
Dim UserID As String = "UserID"
Dim Domain As String = "cs3.salesforce.com" 'needs to change for your org
Dim BaseEntityWhyListURL As String = "setup/own/entitywhylist.jsp?id={0}&uid={1}"
Dim EntityWhyListURL As String = String.Format(BaseEntityWhyListURL, ObjectID, UserID)Dim FinalURL As String = String.Format("https://{0}/{1}", Domain, EntityWhyListURL)
Dim request As System.Net.HttpWebRequest = CType(System.Net.HttpWebRequest.Create(FinalURL), Net.HttpWebRequest)request.CookieContainer = New System.Net.CookieContainer()request.CookieContainer.Add(
New System.Net.Cookie("sid", "my current session ID", "", Domain))Dim html As String = String.Empty
Using reader As New System.IO.StreamReader(response.GetResponseStream)html = reader.ReadToEnd.ToLower
End Using
If html.Contains("listrow") Then
html = System.Text.RegularExpressions.Regex.Replace(html, "[" & vbCrLf & "]", "")html = System.Text.RegularExpressions.Regex.Match(html, "listrow.+?end listelement", Text.RegularExpressions.RegexOptions.IgnoreCase).Value
If Not html.Contains("private") Then
IsValid = True
End If
End IfMsgBox(String.Format("User can see object: {0}", IsValid))
I'd start investigating the possibility of using the OpportunityShare object. Look at the Apex manual, page 150. I'm not sure where you're going with this, but maybe a VF page inserted to a section on your layout would do.
Sorry if I'm missing it & way off base...