+ Start a Discussion
gurumikegurumike 

page / controller requires "View all data" administrative security setting?!

I've recently deployed a new VF page and controller which are exhibiting very odd behavior.  The page and controller make use of other components and classes, which all work in other contexts (hooray for code re-use).  However, when my users load this new page, they get an "Insufficient privileges" error.  In an attempt to figure out what was missing, I went through every single security setting in the profiles, and I have determined that the "View all data" admin privilege is required for my new page and controller to not give the security error.  I determined this by granting all permissions to every object in my whole org - CRUD, view all, and modify all - to the affected users' profile.  That didn't work.  Adding the "View all data" permission does work, even after taking away all the permissions I'd expect not to need.  So, in essence, my page & controller really do need "View all data" for some inexplicable reason.

 

Having looked through all the code, I'm only querying standard & custom objects - I can't imagine why "view all data" is required, especially since most of the code is shared and works properly in other contexts.  The only DML done during construction is select statements.  I added a try/catch in the page controller's constructor around all the code there, in an attempt to catch the security exception and display it, but that didn't change the error at all.  I got my user to give my login permission, but in order to view the system log (and thus figure out what's going on), I need to have the "view all data" permission... so when logged in as the user, I can't both reproduce the problem and debug it.  Argh!

 

As a short-term work-around I've changed to using "without sharing" on all of the related classes.  That seems to have worked, but isn't viable in the long-term.  Has anyone else run into this before?  Is there anything in the schema that could possibly require "view all data" to query?

 

I'm hoping one of the salesforce developers will read this - if so, my case # is 04306977.

 

aalbertaalbert

Sounds like a good one! I am assuming the apex controller is working fine since its only executing a SOQL query, correct? Therefore, "with sharing" or "without sharing" should only limit the query results but not cause an "insufficient" error. I am wondering if the error is that the Visualforce Page is trying to display a object or field that the logged in user doesn't have Field Level Security to at least read. Is that possible? 

 

In terms of debugging, would it be possible to create a very simple VF page that doesn't show any data - but instead just has a button or equivalent to call the underlying controller? That would at least verify the apex/soql queries are not the root cause and that the issue is in the Vf page. 

 

 

gurumikegurumike

Interestingly, the "without sharing" keyword makes everything work. That leads me to believe you might be on to something with the field-level security idea.  We don't really use field-level security in my org, but in the past, I've had new custom fields deploy from the sandbox to production without having any permissions set, so maybe something like that happened.  I'll investigate both of your ideas and post results when I have them.

 

gurumikegurumike

So in an attempt to work on this in the sandbox, and not disrupt my users while I figure out these security settings, I managed to break salesforce :smileytongue: - I got an "Internal server error" with the following error code:   1729502240-7775 (-478823733)

 

I've opened a separate case for this (number 04317094), but its puts a damper on my plans to test out your ideas.  Nonetheless, I'll go look through the field-level security settings to try to spot anything that might be causing the issue.

 

gurumikegurumike

So, I took your suggestion, and created a VisualForce page strictly for testing. I've changed my controller code back to using "with sharing" so that I can track down any problems, and the System Log works great in the sandbox, even when logged in as another user without the "View All Data" permission.

 

What I found is an error related to this query:

 

select AccountToId from Partner
where AccountFromId = :h.support_case.AccountId
and Role = 'VAR'
order by IsPrimary desc nulls last, CreatedDate desc nulls last
limit 1

After a bit of fiddling with the VisualForce page, I managed to get an error to display:

 

No such column 'AccountToId' on entity 'Partner'. If you are attempting to use a custom field, be sure to append the '__c' after the custom field name. Please reference your WSDL or the describe call for the appropriate names.

 

So, I must conclude that this is the wrong way to query partners.  Any suggestions on what the right way should be, to avoid requiring the "View All Data" privilege?

 

craigmhcraigmh

Running into the same issue. I tried querying OpportunityPartner instead, with no luck. Using the Force.com Explorer, I can see both the Partner and OpportunityPartner sObjects, but none of the fields with the limited Profile.