Apex Code Development You need to sign in to do that
Don't have an account?
RichardC.ax220 "Insufficient privileges" trying to invoke one S-Control from another since Winter '07
I have a couple of S-Controls that invoke other S-Controls. Since Winter '07, the invocation fails with "Insufficient privileges." One S-Control submits a form after setting the S-Control and entity IDs
Code:
Code:
checklistScontrol = new Scontrol(checklistScontrolName);
if (checklistScontrol.id != null)
{
document.importForm.lid.value = checklistScontrol.id;
document.importForm.eid.value = "{!Custom_Object_ID}";
...
}
...
<form action="/servlet/servlet.Integration" id="importForm" name="importForm" method="get" onsubmit="handlePersonQuery()"> <!-- target="_top" -->
<input type="hidden" name="ic" value="1">
<input type="hidden" name="lid" value="Unknown">
<input type="hidden" name="eid" value="Unknown">
...
This worked fine before Winter '07. What has changed to cause this problem, and how do I get around it?
A number of things have changed in scontrols in Winter '07 and also the Ajax Toolkit included as part of this release is a new animal. I noticed that you are using the ic=1 query param which has only been a part of scontrol urls since Winter '07 and this is definitely something that would not have made sense prior to the latest release. ic=1 turns on some additional behavior (more than just providing auto session id wireup between the scontrol and ajax toolkit layers) that may be causing this.
Development is looking into this now and expects to provide an answer/solution asap.
Have you logged a case with Salesforce support on this already?
Thanks,
Doug
Message Edited by Doug Chasman on 01-10-2007 09:56 AM
Thanks for the quick reply. I get the same symptom with or without the ic=1 parameter. I added it hoping that it would fix the problem.
I will log a case with support. In the meantime, if you or anyone else comes up with a way to work around this problem, I would appreciate it.
- if you use the target scontrol inlined in a detail page do you also get the Insufficient Privs error?
- do you have any hard coded object ids in your target scontrol?
what does the code inside of your Scontrol javascript class look like (using the api to lookup the scontrol id based on the scontrol name???)
The target scontrol has no hard coded object ids (I want to avoid them)
The Scontrol class is very simple:
function Scontrol(scontrolName) { this.queryResult = sforceClient.Query("Select Id from Scontrol Where Name = '" + scontrolName + "'"); if (this.queryResult.className == "QueryResult") { if (this.queryResult.size == 1) { this.id = this.queryResult.records[0].get("Id"); } else { handle exceptions...I have verified that this is returning a valid scontrol id.I also tried setting up a custom link from the detail page to the target scontrol, but the link excludes the extra parameters needed by the scontrol.
Thanks for your attention on this. Let me know if I can provide additional information.
I noticed the code in my last post used the beta Ajax toolkit. I created a simple test case using the Winter '07 Ajax toolkit, and the problem still happens. I included the test case source below. To use it, replace "ActevaRSVP About" in initPage with the name of one of your S-controls. Make sure you get the name right, as I didn't include exception handling. This demonstrates the problem in my instance, even with a simple target - "ActevaRSVP About" is all HTML. Thanks again.
Code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <script language="javascript" src="/soap/ajax/8.0/connection.js"></script> <script id="clientEventHandlersJS" language="javascript"> <!-- function initPage() { testScontrol = new Scontrol("ActevaRSVP About"); if (testScontrol.id != null) { var newURL = "/servlet/servlet.Integration—lid=" + testScontrol.id; alert("Heading to " + newURL); location.href = newURL; } /* sforceClient.registerInitCallback(setup); sforceClient.setLoginUrl("https://www.salesforce.com/services/Soap/u/7.0"); sforceClient.init("{!API_Session_ID}", "{!API_Partner_Server_URL_70}", true); */ } function Scontrol(scontrolName) { this.queryResult = sforce.connection.query("Select Id from Scontrol Where Name = '" + scontrolName + "'"); var records = this.queryResult.getArray("records"); this.id = records[0].get("Id"); } //--> </script> </head> <body onload="initPage()"> <p>If you see this without or after an alert, the test most likely failed.</p> </body> </html>Richard,
I took your code for a spin... and from my experimentation, it seems that the function returns the complete 18 character ID. The url for the s-control only seems to work with the 15 character (upper and lower, obviously) ID.
Shave off the last three characters of the ID before you create the url and I think it ill work.
One thing I would suggest is to change your SOQL query to use the new scontrol field DeveloperName instead of Name - DeveloperName is the programatic name for the scontrol and Name maps to the scontrol's label which can be localized and would then break your code.
As Doug said, you nailed this. Using only the first 15 characters of the returned ID fixed it.
Thanks!
Thanks for following through with this, and for the tip on using the developer name.
Glad I could help!
Doug, maybe you can make sure I am included in any Apex beta programs or early adoption programs. :smileywink: :smileywink:
You can in most cases isolate yourself from all this url generation and name to id lookup monkey-business altogether, eliminate a round trip to the server for the name to id SOQL query, get point and click support in the scontrol editor, shield your code from internal details like ic=1, etc. Using something like:
will produce (specific object id will vary of course):
The situation where this might not be enough is rare (metadata driven system built on top of salesforce.com perhaps).
Message Edited by Doug Chasman on 01-11-2007 08:32 AM
http://www.salesforce.com/landing/register.jsp?id=70130000000CoHH
Otherwise, stay tuned to adn for details.