function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
kurtz_wolfgangkurtz_wolfgang 

Apex Batch Job Managed Sharing

Hello All,

 

  I am having some problems with Apex Managed Sharing. Following is the scenario:

 

- Custom object call has org. wide setting to Private. All the records in it are owned by only the System admin. The records are imported using ETL. For profile of each of the users, Call object access is - NO Access. If I give the profile a read access for the object then they are able to see all the records which I do not want. 


- For a specific value in a field site, different set of users should get access. Apex managed sharing code in a trigger gives read access for new data coming in to SFDC. For old data, I have a batch apex job which does the same. 

 

- I see that the users have read access, checked the share object. But when I access that record with that users' creds, I get the error - Insufficient Privileges.

 

 

I would appreciate if anybody can point out what's wrong in the whole situation or what can be the possible solution.

 

I would be grateful for any pointers.

 

Thank you 

KB.

Best Answer chosen by Admin (Salesforce Developers) 
Starz26Starz26

If it is set to private they will not be able to see objects which they do not own (depending on grant heirachy as well if that is enabled)

 

You could always use apex sharing rule to limit access to specific records.

 

Is a site a specific record, or does a record contain multiple sites? If the latter then it is an issue with how you have the record defined.....

All Answers

Starz26Starz26

If I understand correctly,

 

Obj - No Access

A field named site on the object - Access granted based on managed sharing

 

If this is correct then the user will not be able to view the field as they have no access to the record itself and thus cannot see the field within the record
kurtz_wolfgangkurtz_wolfgang

But if I grant the Read access to the object for the users' profile, they see data of other sites as well. 
Starz26Starz26

If it is set to private they will not be able to see objects which they do not own (depending on grant heirachy as well if that is enabled)

 

You could always use apex sharing rule to limit access to specific records.

 

Is a site a specific record, or does a record contain multiple sites? If the latter then it is an issue with how you have the record defined.....

This was selected as the best answer
kurtz_wolfgangkurtz_wolfgang

Thanks Starz26,

 

  It worked.