Apex Code Development You need to sign in to do that
Don't have an account?
Lov Sharma Solution to Custom Button on Standard page not following the security model of salesforce
Hi ,
I have posted this to provide solution on custom buttons which actually does not follow the security model in Apex code developement.
I created a utility class which could be referenced on custom button to make sure whether the user who is edititng or accessing the particualr object is authorized to do or not. The code is posted below;
global class RoleWisePermissionCheck {
webService static Boolean checkUserPermissions (Id userId, Id oppownerid, Id oppid) {
Set<ID> usersRolesHierachy = new Set<ID>();
Boolean checkUserperm = false;
usersRolesHierachy = getRoleSubordinateUsers(userId);
List<User> lstUsers = new List<User>();
List<Profile> lstProfiles = new List<Profile>();
List<OpportunityTeamMember> lstOppTeamMembers = new List<OpportunityTeamMember>();
lstUsers = [SELECT profileid from user WHERE id = :userId];
if(lstUsers.size()>0)
lstProfiles = [SELECT name from profile WHERE id = :lstUsers[0].profileid ];
if(lstProfiles.size()>0) {
if(lstProfiles[0].name == 'System Administrator' || userId == oppownerid) {
checkUserperm = true;
return checkUserperm;
}
}
lstOppTeamMembers = [select id, Userid,OpportunityAccessLevel from OpportunityTeamMember where Opportunityid = :oppid];
for(OpportunityTeamMember o :lstOppTeamMembers) {
if(o.Userid!=null && userId!=null){
if(o.Userid == userId && o.OpportunityAccessLevel == 'Edit') {
checkUserperm = true;
return checkUserperm;
}
}
}
System.debug('hiiiiiii'+usersRolesHierachy);
if(usersRolesHierachy!=null && usersRolesHierachy.size()>0){
For(ID ids : usersRolesHierachy){
if(ids == oppownerid)
checkUserperm = true;
}
}
return checkUserperm;
}
public static Set<ID> getRoleSubordinateUsers(Id userId) {
Id roleId = null;
List<User> lstuserswdrole = new List<User> ();
Map<Id,User> users = new Map<Id,User>();
if(userId!=null) {
lstuserswdrole = [select UserRoleId from User where Id = :userId];
if(lstuserswdrole.size()>0)
roleId = lstuserswdrole[0].UserRoleId;
if(roleId!=null) {
// get all of the roles underneath the user
Set<Id> allSubRoleIds = getAllSubRoleIds(new Set<ID>{roleId});
// get all of the ids for the users in those roles
users = new Map<Id, User>([Select Id, Name From User where
UserRoleId IN :allSubRoleIds]);
// return the ids as a set so you can do what you want with them
}
}
System.debug('hiiiiiii'+users);
if(users.size()>0)
return users.keySet();
else
return null;
}
public static Set<ID> getAllSubRoleIds(Set<ID> roleIds) {
Set<ID> currentRoleIds = new Set<ID>();
// get all of the roles underneath the passed roles
for(UserRole userRole :[select Id from UserRole where ParentRoleId
IN :roleIds AND ParentRoleID != null])
currentRoleIds.add(userRole.Id);
// go fetch some more rolls!
if(currentRoleIds.size() > 0)
currentRoleIds.addAll(getAllSubRoleIds(currentRoleIds));
return currentRoleIds;
}
}
I have posted this to provide solution on custom buttons which actually does not follow the security model in Apex code developement.
I created a utility class which could be referenced on custom button to make sure whether the user who is edititng or accessing the particualr object is authorized to do or not. The code is posted below;
global class RoleWisePermissionCheck {
webService static Boolean checkUserPermissions (Id userId, Id oppownerid, Id oppid) {
Set<ID> usersRolesHierachy = new Set<ID>();
Boolean checkUserperm = false;
usersRolesHierachy = getRoleSubordinateUsers(userId);
List<User> lstUsers = new List<User>();
List<Profile> lstProfiles = new List<Profile>();
List<OpportunityTeamMember> lstOppTeamMembers = new List<OpportunityTeamMember>();
lstUsers = [SELECT profileid from user WHERE id = :userId];
if(lstUsers.size()>0)
lstProfiles = [SELECT name from profile WHERE id = :lstUsers[0].profileid ];
if(lstProfiles.size()>0) {
if(lstProfiles[0].name == 'System Administrator' || userId == oppownerid) {
checkUserperm = true;
return checkUserperm;
}
}
lstOppTeamMembers = [select id, Userid,OpportunityAccessLevel from OpportunityTeamMember where Opportunityid = :oppid];
for(OpportunityTeamMember o :lstOppTeamMembers) {
if(o.Userid!=null && userId!=null){
if(o.Userid == userId && o.OpportunityAccessLevel == 'Edit') {
checkUserperm = true;
return checkUserperm;
}
}
}
System.debug('hiiiiiii'+usersRolesHierachy);
if(usersRolesHierachy!=null && usersRolesHierachy.size()>0){
For(ID ids : usersRolesHierachy){
if(ids == oppownerid)
checkUserperm = true;
}
}
return checkUserperm;
}
public static Set<ID> getRoleSubordinateUsers(Id userId) {
Id roleId = null;
List<User> lstuserswdrole = new List<User> ();
Map<Id,User> users = new Map<Id,User>();
if(userId!=null) {
lstuserswdrole = [select UserRoleId from User where Id = :userId];
if(lstuserswdrole.size()>0)
roleId = lstuserswdrole[0].UserRoleId;
if(roleId!=null) {
// get all of the roles underneath the user
Set<Id> allSubRoleIds = getAllSubRoleIds(new Set<ID>{roleId});
// get all of the ids for the users in those roles
users = new Map<Id, User>([Select Id, Name From User where
UserRoleId IN :allSubRoleIds]);
// return the ids as a set so you can do what you want with them
}
}
System.debug('hiiiiiii'+users);
if(users.size()>0)
return users.keySet();
else
return null;
}
public static Set<ID> getAllSubRoleIds(Set<ID> roleIds) {
Set<ID> currentRoleIds = new Set<ID>();
// get all of the roles underneath the passed roles
for(UserRole userRole :[select Id from UserRole where ParentRoleId
IN :roleIds AND ParentRoleID != null])
currentRoleIds.add(userRole.Id);
// go fetch some more rolls!
if(currentRoleIds.size() > 0)
currentRoleIds.addAll(getAllSubRoleIds(currentRoleIds));
return currentRoleIds;
}
}
Can you elaborate on what is the problem you are facing?