function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
csorrowscsorrows 

Sharing rules preventing portal users from editing Assets?

I'm having a heck of a time trying to get Customer Portal users to be able to edit their Accounts' Assets.

 

I've done all the following, but it hasn't helped:

 

  • Given my custom customer portal profile Edit access to the Asset object.
  • Profile is marked as portal super use, and has delegated privileges.
  • All portal users are in the "executive" role (not manager or user).

 

Here's my use case...I'm trying to allow customer portal users to edit some install addresses (custom fields) on the their Assets.  Naturally, I only want them to be able to modify their own Accounts' assets, and not any other assets.

 

Everything else regarding sharing rules seems to work okay.  They can only view their own accounts.  They can only view/create/edit contacts in their own accounts.  They can only view/create/edit cases in their own accounts.  And, when creating/editing cases, they can only pick contacts and assets from their own accounts.

 

BUT...even though I gave the Asset object Edit permission in the portal profile, when a portal user tries to Edit an asset, they get the dreaded "Insufficient Privileges" error.  And I'm not savvy enough with how sharing rules work to figure it out.

 

I might have to make my own customer controller without sharing, just to get around this, but I'd rather not do that if I can help it.

 

Is there something else with sharing I'm missing?  Thanks!

Jeff MayJeff May

You mentioned Sharing rules, so take a look over there (Admin Setup->Security Controls->Sharing Settings.  Look at the setting at the top for Accounts, Contacts, Asset.  If it is Private, then scroll down to the "Account Sharing Rules' section and look at the sharing Rules for Account.  In each Account Sharing Rule is a setting for how Assets should be handled.
csorrowscsorrows

Thanks for the reply.  I had a feeling it relates to sharing rules, but sharing rules is one of the things in Salesforce I don't fully comprehend yet.  I need to work with them more to fully understand what's going on.

 

I ended up opening a ticket with Salesforce, and they're trying to reproduce.

 

When we first activated our portal, we did go back and make several objects Private, per the portal implementation guide.  Then, we opened up internal access with new sharing rules.  But I'm unsure what an Account sharing rule would need to look like for what we're trying to do, which is...

 

A customer portal user should be able to edit assets for the account their ID belongs to (but ONLY their account), regardless of who "owns" that account, or how it was created.  For example, not all our accounts are created by a human being, some are created via automation.