function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Jerun JoseJerun Jose 

Checking profile access before transfer account ownership

Hi,

We have a requirement to update the account owner using apex.
After identifying the user who should be the new account owner, I need to verify if that user has a profile that has read access to the Account object.
Through the API, the system allows me to specify any user (even inactive users) as the account owner.
For custom objects however, when I specify an inappropriate user as the record owner, the system throws an exception.


Any help on how to validate the account owner's permission before assigning ownership would be appreciated.

Thanks,

Jerun Jose

Best Answer chosen by Admin (Salesforce Developers) 
abhishektandon2abhishektandon2

HI,

 

you can use this logic to check the Access on the record for the user

 

SELECT RecordId, HasReadAccess, HasTransferAccess, MaxAccessLevel
FROM UserRecordAccess
WHERE UserId = [single ID] // your user id
AND RecordId = [single ID] //or Record IN [list of IDs] // records of Account for which you wabt to chk the access.

 

 

 

for more details

 

http://www.salesforce.com/us/developer/docs/api/index_Left.htm#StartTopic=Content/sforce_api_objects_userrecordaccess.htm?SearchType=Stem

 

Please accept this as Solution, if you think this is useful for you

 

Abhishek tandon

All Answers

abhishektandon2abhishektandon2

are you using custom button to cange the Owner or you have any button on VF page to change the Owner?
Starz26Starz26

if the user doesn't have read access, then the object name won't appear in the describeGlobal results, and a call to describeSObject will return an error.

 

http://boards.developerforce.com/t5/General-Development/DescribeSObject-to-determine-access/m-p/124355/highlight/true#M28869
Jerun JoseJerun Jose

Hi,

 

The scenario is that we have a data integration solution between a legacy system and SFDC. The legacy system provides the owner's email address which I need to check against SFDC to obtain the user ID.

 

I have trigger on the staging object which does the processing of the raw data from the legacy system. As part of this processing, I will also need to validate the account owner's permissions before updating the account object with the fresh data.

 

Thanks,

 

Jerun Jose
abhishektandon2abhishektandon2

HI,

 

you can use this logic to check the Access on the record for the user

 

SELECT RecordId, HasReadAccess, HasTransferAccess, MaxAccessLevel
FROM UserRecordAccess
WHERE UserId = [single ID] // your user id
AND RecordId = [single ID] //or Record IN [list of IDs] // records of Account for which you wabt to chk the access.

 

 

 

for more details

 

http://www.salesforce.com/us/developer/docs/api/index_Left.htm#StartTopic=Content/sforce_api_objects_userrecordaccess.htm?SearchType=Stem

 

Please accept this as Solution, if you think this is useful for you

 

Abhishek tandon

This was selected as the best answer
Jerun JoseJerun Jose

Hi Abishek,

 

Although your response is a step in the right direction, this would fail if I have a new account owner - someone who has profile acces but does not parent any records currently.

 

Anyway, since your reply gets me to work in about 98% of cases, I am marking it as the solution. Just let me know if there is anything that can be done for the problem I have mentioned.

 

Thanks,

 

Jerun Jose