• atorman
  • 55 Points
  • Member since 2008
  • Director, Product Management
  • Salesforce

  • Chatter
  • 1
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
  • 38

A completely beserk thing has happened on my instance of the DE of Salesforce.


The permissions for both new tabs and objects has completely stopped working for Standard Platform users profile. Current tabs and objects are working fine.


I have around 8 custom tabs and under 20 objects on my app.


I may need more custom tabs at some point but my main focus is to get SOQL queries to work on an object which chooses not to.


The permissions are correctly setup as always.

The tab permissions have been fiddled around.

I've deleted and redone entire objects and they still don't work.


As a System Administrator, all this works absolutely fine for me and the permissions are set correctly. This is not a code problem but a general salesforce development issue.


Anyone have any ideas?

I am trying to configure the Trailhead Tracker app in Salesforce, but I can't get the Apex job to run. It keeps saying it was aborted. I need help figuring out how to get it to run so I can start using the Trailhead Tracker app. 

Thank you for your help!

Hi, I have a question in regards to Salesforce integration with WSDl and it is frustrating. Lemme know if you have any answers. I have a lead object and by default "Name" & company field is required by Salesforce. When I expose the PARTNER WSDL, I do not want the API user to edit these 2 fields. But since it is a required field, Salesforce will not allow me to remove from page layout or from the field leave security of Lead page. I was wondering what is the solution to this? Am I doing something wrong. ...

We have a Java utility that uses Metadata API to remove “Default” radio button for our custom application for System Administrator profile, so we can remove this custom application later. Here is a piece of the code that we use:


            Profile profile = new Profile();


            // System Administrator profile



            ProfileApplicationVisibility appVisibility = new ProfileApplicationVisibility();

            appVisibility.setApplication(“Our custom application”);




            UpdateMetadata updateMetadata = new UpdateMetadata();




This worked fine for a long period of time, but recently it stopped working (I suspect after org update to the version #25). After that when we run this util the “visibility” checkbox is unchecked for our custom app, but it remains default. I tried different ways to make this working, including setting default SalesForce apps (i.e. Sales for Site.com) as default or using other appVisibility’s methods, but had no luck. Do someone knows whether I miss something or some other ways how default radio button can be unset?


Thanks in advance!

We are seeing what appears to be an undocumented change in Summer '12 regarding the default field visibility for fields included in managed packages.


In Spring '12 and earlier, when you installed a package for System Administrators only, all internal users had visibility to fields included in the package. I agree this is odd, but it made setup easier on the installer.


In Summer '12, only System Administrators have field visibility (security) when installing for System Administrators only.


We are seeing this new behavior with 3 different packages we have.


I agree that the new behavior is logical, but partners will need to update their setup instructions quick.


Anyone have any info on this?



We are facing weird issue in custom mass edit functionality which we have developed by using standard list controller


VF page:-----

<apex:page standardController="Opportunity" recordSetVar="opportunities" extensions="selectedSizeWorkaround" tabStyle="Opportunity" sidebar="true" id="muopp">

    <apex:form id="muform">
        <apex:pageBlock title="Opportunity Mass-edit" mode="edit" id="mub1">
            <apex:pageMessages />
            <apex:pageBlockButtons >
               <apex:commandButton value="Save" action="{!save}"/>
                <apex:commandButton value="Cancel" action="{!Cancel}"/>
            <apex:pageBlockTable value="{!selected}" var="opp" id="muform">
                <apex:column value="{!opp.Id}"/>
                <apex:column value="{!opp.name}"/>
                <apex:column value="{!opp.AccountId}"/>
                <apex:column value="{!opp.Application_Number__c}"/>
                <apex:column value="{!opp.Application_Date__c}"/>
                <apex:column value="{!opp.Amount}"/>
                <apex:column value="{!opp.StageName}"/>                              
                <apex:column headerValue="Probability">
                     <apex:inputField value="{!opp.Probability}" id="stagename">
                    <apex:actionSupport event="onchange" rerender="muselectedlist"/>

Controller extension:----------------------------------

public class selectedSizeWorkaround {

    ApexPages.StandardSetController setCon;

    public selectedSizeWorkaround(ApexPages.StandardSetController controller) {
        setCon = controller;

    public integer getMySelectedSize() {
        return setCon.getSelected().size();
    public integer getMyRecordsSize() {
        return setCon.getRecords().size();

Eventhough this code works and successfully edit the probability value of selected records provided the create permission on Opportunity object to the user (i.e. user's profile).
If the user doesnot have create permission on Opportunity and only have read and create permission on Opportunity,then he can not edit that.
As per our setup we can't give the create permision on opportunity (though those users have edit and read permission on Opportunity)to the users who wants to use mass edit custom functionlity

This is something wierd issue i am facing,if somebody faced this issue please let me know and if any workaround.
we can not use mass edit app exchange as well as we want to show only probability for edit to the users and not all fields.





Can anybody suggest some way of comparing profiles aprat from Enhanced Profile management, which has its limits.




I need help finding a good way to compare Profiles to each other. I want to be able to see and extract the diff between two Profiles to determine what Object-level, Field-level and Permissions exist in one but not in the other. The goal is to build Permissions Sets that contain the differences, and then to reduce the number of Profiles we have. We will add the Permissions Sets to Users who need access to more fields or permissions (e.g. Send Mass Email).


I have done text comparisons between the .profile XML files generated by the IDE, but there's not an easy way to copy just the differences that I know of. Additionally, the XML would have to be converted to spreadsheet (or other user friendly format) that I can give to Premier Support & Admin so that they can build the Permissions Sets.
A difficulty with the .profile XML files is that they do not contain the App & System Permissions (userPermissions tags such as Send Mass Email), although the new Permissions Sets XML files do! This leads me to believe that the userPermissions metadata is somehow accessible for the .profiles and that the IDE has not been updated to include it yet.
I've queried the Profiles through Apex and all you get is the Permissions but not the Field-level or Object-level security. I recognize that a query would have to join so many objects to derive the complete list of all permissions that the .profile XML files shows that it's unlikely to be possible.
Because we have to do this for 4 orgs with 20-30 profiles in each, I'm trying to find the most efficient way to generate the diffs (we don't have to do every possible combination but possibly as many as 100).
So, to summarize:
Is there a way to build a custom .profile XML?
What's an efficient way to extract a diff to a friendly format?



I have a few reports created. I want these reports to be viewed by a particular profile. They should not be able to edit it. How can i set these ?




  • November 22, 2011
  • Like
  • 0

Salesforce announced PermissionSet feature in its recent release, and I'm loving it. 


The Winter ‘12 Salesforce release has introduced Permission Sets as a new way to manage security within the application. Each user continues to have a Profile, but Permission Sets can now be given to individual users to extend their permissions beyond what is described in their Profile. One of the current limitations is that there is no way to manage assignments of Permission Sets for more than one user at a time, which makes administration tedious.


So I'm trying to build visualforce page for a System Administrator to manage (assign and remove) Permission Sets for more than one user at a time i.e., Develop a tool  to assign or remove one or more permission sets to or from one or more users.


However, I'm caught with error "Save error: DML not allowed on PermissionSetAssignment" when trying to make INSERT DML call on PermissionSetAssignment object. API version of my apex class is 23.0 and Docs too says that this object is Createable. 


What is that I'm missing or is it something not released yet?

Hello All,


   Our scenario is as such: There are two sub-organizations within the same salesforce instance. Each organization's leads/contacts/accounts are not visible to the other. We have created user specifically for integration purpose who has access to all of the data of only org. A and no access to org. B. However there is a lead generation application which we have bought license of, which uses this user to login into salesforce and sync up the leads/contacts/accounts and it is able to view the email addresses of the newly created leads/contacts/accounts of org. B as well. The weird thing is, when i login with that user cred. into salesforce I am not able to find the same data of org. B.


  Been scratching my head over this. Can you provide any insight into this? It's kind of urgent and any help will be greatly appreciated.



Ketan B.

In Apex class can we differentiate a custom profile with standard profile.

We have requirement to show the list of custom profiles only.

Please let me know how this can be achieved?





I have an application that I went to edit and set "Assign to Profiles" as Visible and Default for the "High Volume Customer Portal" profile.


I now want to delete this app. I can't because it is default for this profile. So I go in to edit this profile, and unlike the others (e.g. System Admin) it does not contain the "Custom App Settings" section. This means it looks like I cannot set this as not the default profile for this user profile.


How can I get out of this deadlock? I need to delete this app, please help!


Thanks in advance.



Is there any object in SFDC, where object access permission related information for each profile is stored? For example, if I want to query which profiles have write access to Account object, where can I get this information stored?





In our Development ORG, we have licenses for Salesforce Platform  users.

when I create a new user and assign the User License to Salesforce Platform, the ONLY allowed profile is Standard Platform User which does not have any permissions to our custom objects.

According to SF documentation, a platform user license is allowed access to custom apps. 


I would appreciate it, if any one can show me how to change the profile for a Salesforce Platform license; or edit the Standard Platform Profile to provide access to custom objects.



  • May 22, 2010
  • Like
  • 0

I am trying to migrate profiles from one salesforce org to the other through eclipse. I have included all possible components in the project from the source org and when I deploy the profile to the target development org using the 'deploy to server wizard' of eclipse. It deploys on the profile on the target org but there are certain mismatches in the deployed profile. These mismatches are related to tabviibilities, standard object permissions and general user permissions. 

Is there a bug here in the metadata deployment of profiles or am I missing something here ?

Thanks in advance.