function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
taPhiltaPhil 

Cannot change user profile

In some cases I need to change a user's profile programmatically.  Have an Apex method the tries to do this, but I get the following message (running as myself, sys admin role).

 

{faultcode:'soapenv:Client', faultstring:'System.DmlException: Update failed. First exception on row 0 with id 00580000001r5gRAAQ; first error: FIELD_INTEGRITY_EXCEPTION, This user is a portal administrator and must have a profile with the "Edit Self-Service Users" permission.: __MISSING_LABEL_FOR_common.udd.impl.UddInfoImpl@1d09706: [UserPermissions]

 

At first I was invoking the method that changes the profile from a VF page.  After reading the following in the Apex Dev Guide I switched it to a Webservice method and invoked from javascript, hoping it would somehow bypass whatever restriction I was running into.  It didn't help.

 

"Invoking a custom webService method always uses System context. Consequently, the current user's credentials are not used..."

 

&

 

"Apex class methods that are exposed through the API with the webService keyword do not observe object permissions, field-level security, or sharing rules for any records..."

 

Can anyone suggest a way to work around this limitation restriction?

 

Thanks.

 

sfdcfoxsfdcfox
While you're not bound to Sharing (which restricts Create/Read/Update/Delete operations on a record) and Profile Permissions (which restricts operations a user may perform) when invoking Apex Code Web Services, you are always bound by system constraints (i.e. you can never create an Opportunity without populating the Name, StageName, or CloseDate fields, no matter what you attempt to do to coerce the system). You have to actually resolve the condition that is causing the error message in order to make the attempted change. In this case, it appears that the user you are attempting to configure is a Portal Manager for a portal, and therefore can not have certain permissions revoked. You must first remove them as a Portal Manager for the portal, and then you may change the user's profile. Try changing the profile manually; the error message you receive on the screen should include a link to the relevant portal that you need to configure.
taPhiltaPhil

Thank you for the response.  In my haste to post this question, I didn't send the correct error.  I've been rerunning this different ways and had sent the message I get when running as myself (sys admin).  When I run as a typical end user with limited rights I get the following message, which is the one I'm having trouble with.

 

{faultcode:'soapenv:Client', faultstring:'System.DmlException: Update failed. First exception on row 0 with id 00580000002LxloAAC; first error: FIELD_INTEGRITY_EXCEPTION, This profile is used by a user who is a delegated admin and must have the view setup permission: Profile ID: [ProfileId]

 

I have no delegated admins setup in our org, so I'm confused by the message.  (Also turned on view setup perms, just to see, but made no diff.)

 

Thanks again. 

Message Edited by taPhil on 11-12-2009 06:25 AM