I am going through the “Development with the Force.com Platform” book and have run into an issue when implementing the sample application from the book.
The example is to demonstrate manual sharing:
- Two employees from the example organisation have separate roles: West and Central
- The employee with the West role has owner ship of a Resource record and creates a manual share with Read Only permissions so that anyone with the Central role can read the record.
- The employee with the Central role then has to create an Assignment record which involves using the shared Resource record and a Project record which he is the owner of.
Unfortunately when I try to do this (logged in as the Central user). I get the following message:
Insufficient Privileges. You do not have the level of access necessary to perform the operation you requested
What I have checked:
- That there is a manual sharing rule for that Resource which shares with Central role.
- That the when logged in as the Central user, I can read the record. Which I can.
- I have tried setting the Central users role to West (the same as the Resource owners’) and the Assignment can then be created OK.
- I have checked that the user is indeed set as having the Central role.
I really don’t see what else it could be. Does anyone have any suggestions?
Rather than just suggestions, though, is there a way that I can find out exactly which security settings are denying this operation? Some debugging perhaps?
Maybe try checking the Central user’s access to whatever record type your unable to create. Check at the profile and object level.
Also when you try to create a
share when the resource (object privacy) is already ‘public read only’ — the DML throws an
arbitrary exception – so also check the record is set to