function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
SFDC@ErrorSFDC@Error 

NSUFFICIENT_ACCESS_ON_CROSS_REFERENCE_ENTITY, insufficient access rights on cross-reference id: []

Hi All

I have written a trigger for Apex sharing rule based on some criteria.But its showing error when other user creating account ..

AccountShare: execution of AfterInsert caused by: System.DmlException: Insert failed. First exception on row 0; first error: INSUFFICIENT_ACCESS_ON_CROSS_REFERENCE_ENTITY, insufficient access rights on cross-reference id: [] Trigger.AccountShare: line 34, column 1 
trigger AccountShare on Account (after insert, after update) 
{
 if(checkRecursion.runOnce()){
    for(Account acc : Trigger.new){
        if(acc.Account_Manager__c!=null){   
            List<AccountShare> shares = new List<AccountShare>();
            Map<String,String> mParentID = New Map<String,String>();
            Map<String,String> UId = New Map<String, String>();
            system.debug('+++'+acc.Account_Manager__c);
            for(User usrmgr : [select id from user where id=:acc.Account_Manager__c]){
               AccountShare share1 = new AccountShare();
               share1.AccountId=acc.Id;
               share1.UserOrGroupId= usrmgr.id;
               share1.AccountAccessLevel='Edit';
               share1.OpportunityAccessLevel='Edit';
               share1.CaseAccessLevel='Edit';
               Insert share1;
               system.debug('+++'+share1.id);
            }
          
          for(User u :[Select UserRoleId from User  where id= :acc.Account_Manager__c])
          {
            for(UserRole ur : [Select ParentRoleId from UserRole where id=:u.UserRoleId]){
              mParentID.put(String.ValueOf(ur.get('ParentRoleId')),String.ValueOf(ur.get('ParentRoleId')));
              system.debug('+++1111');
            }
          }
           for(User u1 :[Select id from User u where u.UserRole.id in :mParentID.KeySet()]){
          
           //system.debug(mParentID);          
              for (Account rec : [SELECT Id FROM Account WHERE Id = :acc.id]) {  
               system.debug('+++2222');
               
                      AccountShare share2 = new AccountShare();
                     
                      share2.AccountId=rec.Id;
                      share2.UserOrGroupId=u1.id;
                      share2.AccountAccessLevel='Edit';
                      share2.OpportunityAccessLevel='Edit';
                      share2.CaseAccessLevel='Edit';
                      
                      Insert share2;  
                      
                      system.debug('+++'+share2.id);
                }                    
                    
            }
        }
    }
 }
}

 
Rahul KumarRahul Kumar (Salesforce Developers) 
Hi,

May I suggest you please refer the below link for reference. hope it helps.

Please mark it as best answer if the information is informative.so that question is removed from an unanswered question and appear as a proper solution.

Thanks
Rahul Kumar
PulaK_PrabhakaRPulaK_PrabhakaR
The error occurs when DML on the record is not permitted logically.
Please check that the respective User has the right to modify the Account Record.

Please mark the answer as best answer if the information is informative.so that question is removed from an unanswered question and appear as a proper solution.