function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
DMTRDMTR 

Insufficient privilege on VF page

This is hard to debug and has been posted a couple of times, but this one came back to me:

 

Insufficient Privileges

 

You do not have the level of access necessary to perform the operation you requested. Please contact the owner of the record or your administrator if access is necessary.

 

 

Now, I created a VF Page that uses a custom controler, which brings back details of a Candidate record in the Sample Recruiting application.

 

I'm logging is as user Clark Kentman, a standard platform user. Clark has only R permissions on the Candidate object.

 

If I understand it well, from a VF page with custome controller CRUD object and fied level permissions should be ignored as Apex class runs in system mode. My custom controler is defined without sharing as well. So shouldn't I see any Candidate Object under those circumstances regardless of record sharing?

 

In the security for the page, I have added the profile (standard platform user) and then in that profile itself I have enabled both controller class and VF page.

 

(For some reason, logged on as Clark I never see any page enabled in standard user profile, I do see the classes; logged on as admin I can see the pages added in standard user profile. Is this due to another permission?)

 

 

 

 

Neha LundNeha Lund

Your Standard Platmorm User should have access to VF page and APex class, Manage -> Profiles-> Standard User ->Enabled APex Class and Visualforce page add your class and Page there
Yoganand GadekarYoganand Gadekar

Check if sufficient object  permission are given to the logged in profile.

 
DMTRDMTR

Doen that, but didn't fix the issue.
DMTRDMTR

Uer has R permission through profile, but as I going via a Custom Controller that runs in system mode, those permissions should not play, right?
themattythematty

Did you set the controller to be without sharing?  That's the way you get it in system mode.  In early API's I believe it defaulted to be without sharing, but now it's with sharing if you don't specify it.  If that still doesn't work, check out field level permissions.  It could be you are trying to write to a field they don't have access to, and in my experience, without sharing did not help.