You need to sign in to do that
Don't have an account?
Save error: DML not allowed on PermissionSetAssignment
Salesforce announced PermissionSet feature in its recent release, and I'm loving it.
The Winter ‘12 Salesforce release has introduced Permission Sets as a new way to manage security within the application. Each user continues to have a Profile, but Permission Sets can now be given to individual users to extend their permissions beyond what is described in their Profile. One of the current limitations is that there is no way to manage assignments of Permission Sets for more than one user at a time, which makes administration tedious.
So I'm trying to build visualforce page for a System Administrator to manage (assign and remove) Permission Sets for more than one user at a time i.e., Develop a tool to assign or remove one or more permission sets to or from one or more users.
However, I'm caught with error "Save error: DML not allowed on PermissionSetAssignment" when trying to make INSERT DML call on PermissionSetAssignment object. API version of my apex class is 23.0 and Docs too says that this object is Createable.
What is that I'm missing or is it something not released yet?
Below code is resulting in error:
Hi Chirag
I was also experiencing this issue and asked my SF partner contact about it and he says DML on PermissionSetAssignment is not supported.
They understand they need to add support for APEX DML in the future but for the time being, any DML operations should be performed by an alternative language that can use the API such as AJAX or JAVA.
Regards
Stuart
Stuart is right on. I'm the product manager for Permission Sets. I know how important it is to add support for developers to create killer administrative apps and integrations.
We are actively working on adding enhancements to the API and APEX. With the Winter '12 release, we support APEX SOQL only (not DML) across the assignment and permission set object which includes User Permisions.
Over the course of the next several releases, we will be adding support for more access controls including Object Permissions, Field Permissions, and Apex Page and Class access as well as support for APEX DML.
In the meantime, I recommend taking advantage of the AJAX toolkit for DML or using Java on Heroku to handle any DML including permission set assignments. We'll get there; stay tuned.
Here's the docs on the AJAX Toolkit: http://www.salesforce.com/us/developer/docs/ajax/apex_ajax.pdf
That's a set back for my application (permission set mgmt tool). -:(((
Now I need to make use of ajax toolkit to do the insert.
Thanks Adam & Matt for prompt response.
Just wanted to post an update, that it looks like this is now functional. I was able to run the following code and successfuly apply a permission set to all the users in my ORG.
I'm trying to DELETE a PermissionSetAssignment on an Uninstall class (which implements UninstallHandler). Here is the code:
When I try to uninstall the package (which is a managed package) it throws an error:
Developer script exception (...). : Uninstall : DML operation DELETE not allowed on PermissionSetAssignment
Anyone can help us on it ? The PermissionSet is in the same package we trying to uninstall. Any suggestion to delete the permissionSetAssignment on another event than Uninstall ? (with the same purpose). Thanks !