Hi,

I have permission set created lets say the ID of it XXXX. So I can see that permission set information via http://<salesforce_url>/XXXX. 
When I query permission set data from PermissionSetAssignment via API. The PermissionSetAssignment.PermissionSet.ID have a different value for the same permission set. 
For example that id value is similer to XXXXGAO. Anyhow I can access permission set via http://<salesforce_url>/XXXXGAO.

So what is the relationship between XXXXGAO and XXXX? If I have XXXXGAO how can I retrieve XXXX and vice versa? 

Thanks!

Hi,

I want to get information about the users and groups who can read shared objects via Salesforce API. For an example if I have a public group called group1 (with users in it) and if I have shared PublicGroup1 with role "Western Sales Team" can I get this information with API?



I tried with UserShare table and as a result of query,
"SELECT Id, UserOrGroupId, UserId, User.Name, User.Id FROM UserShare"

I can see two entries and those are releted to the two members of PublicGroup1 (record.UserId). The record.UserOrGroupId is also present but I can't identify what is it. i.e value of it 00Gi0000002Sp21EAC and when I ask to retrieve,
http://<salesforce_url>/00Gi0000002Sp21EAC it gives me unsufficient permission error.

So here how can I get 'Western sales team' information (role id) as users/groups/role who can read information about PublicGroup1?

Regards.

Hi,

This is somewhat related to the question I asked in,
https://success.salesforce.com/answers?id=90630000000hzmDAAQ

I am planning to get read access for object with following query,

queryResults = connection.query("SELECT Assignee.Id, Assignee.Name" +
          " FROM PermissionSetAssignment" +
          " WHERE PermissionSetId" +
          " IN (SELECT ParentId" +
          " FROM ObjectPermissions" +
          " WHERE SObjectType = GivenObjectType AND" +
          " PermissionsRead = true)");

This is working for most of the salesforce objects. But for security related objects such as Users, Groups, Profiles this is not working.  (i.,e when I want to check users who can see user information, I should be able to pass GivenObjectType="User" and get all the users who can see other user's information.

Is there a way that I can achieve this?

Note: I identified following object types that doesn't have support in ObjectPermissions.SObjectType
User, Group, Partner, Profile

Thanks!

Get permission related information for security related objects
With the combination of PermissionSetAssignment and ObjectPermissions tables we can get permission information for objects (information such as users who can read account object information). But ObjectPermissions.SObjectType not support for all objects. i.e it doesn’t support for objects such as User, Group, Partner, Profile, Task etc …
So from where can I get security related information for those objects?

Hi,

I have permission set created lets say the ID of it XXXX. So I can see that permission set information via http://<salesforce_url>/XXXX. 
When I query permission set data from PermissionSetAssignment via API. The PermissionSetAssignment.PermissionSet.ID have a different value for the same permission set. 
For example that id value is similer to XXXXGAO. Anyhow I can access permission set via http://<salesforce_url>/XXXXGAO.

So what is the relationship between XXXXGAO and XXXX? If I have XXXXGAO how can I retrieve XXXX and vice versa? 

Thanks!

Hi,

This is somewhat related to the question I asked in,
https://success.salesforce.com/answers?id=90630000000hzmDAAQ

I am planning to get read access for object with following query,

queryResults = connection.query("SELECT Assignee.Id, Assignee.Name" +
          " FROM PermissionSetAssignment" +
          " WHERE PermissionSetId" +
          " IN (SELECT ParentId" +
          " FROM ObjectPermissions" +
          " WHERE SObjectType = GivenObjectType AND" +
          " PermissionsRead = true)");

This is working for most of the salesforce objects. But for security related objects such as Users, Groups, Profiles this is not working.  (i.,e when I want to check users who can see user information, I should be able to pass GivenObjectType="User" and get all the users who can see other user's information.

Is there a way that I can achieve this?

Note: I identified following object types that doesn't have support in ObjectPermissions.SObjectType
User, Group, Partner, Profile

Thanks!

Get permission related information for security related objects
With the combination of PermissionSetAssignment and ObjectPermissions tables we can get permission information for objects (information such as users who can read account object information). But ObjectPermissions.SObjectType not support for all objects. i.e it doesn’t support for objects such as User, Group, Partner, Profile, Task etc …
So from where can I get security related information for those objects?

We can set sharing settings for objects through Setup --> security control --> sharing rules in Salesforce.
After that we can get those security information through API’s object share table. i.e If I change sharing settings for Account object then I can access them via AccountShare table.
But there are few objects those have share tables. i.e. Contract, Document, Group, Idea, Task etc ..
How can I get sharing information for those objects?

The permissionSet ID returns from API is different than the display one
I have permission set with ID XXXX (I can see that permission set information via http://<salesforce_url>/XXXX ).
When I query permission set data from PermissionSetAssignment via API. The PermissionSetAssignment.PermissionSet.ID have a different value for the same permission set.
For example that id value is similar to XXXXGAO. Anyhow I can access permission set via http://<salesforce_url>/XXXXGAO too.
So what is the relationship between these two ids? If I have one id (i.e XXXXGAO) how can I retrieve other one and vice versa?