Apex Code Development You need to sign in to do that
Don't have an account?
Vidya D test class to test User Privileges doesn't work in sandbox
I have ControllerExtension for Account’s child Object. Obj1 Profile A User UA has permission to CRUD for Account and OBJ1. Profile B - User UB doesn’t have access to ControllerExtension as well as VF page. When I login as user UB in developer sandbox, and test through UI, I get insufficient privileges for page using ControllerExtension. This is as expected.
I have written test class to test this scenario. But it doesn’t give me this error.
But if I use Chatter Free profile to create runAs User , I get the exception in catch part.
Is there way to catch or debug insufficient privilages?
How to write test class to test User Privileges?
@isTest
public static void testUserAccess(){
// create test user
User runUsr = [select name, id, profileId from User where id = '005j000034BMsou' limit 1];
//TestExtension.createProfileBUser();
//As this doesn’t work, I am directly retrieving user who as profileB
System.debug(' runUsr ' + runUsr);
// This prints me correct user
System.runAs(runUsr){
user rrU = [select name, id, profileId from user
where id = :UserInfo.getUserId()];
System.debug('runUsr rru' + runUsr + ' ' + rrU);
System.assertEquals(runUsr,rrU) ;
//Both above users are matching
// Create Account
Account account = new Account(name='testAccount');
insert account;
// I expect error here but no error
// Create the controllerExtension and click cancel
ApexPages.StandardController std = new ApexPages.StandardController(account);
CCExtension ctrl;
PageReference page;
try{
ctrl = new CCExtension (std);
System.debug(' Created ctrl ' + ctrl );
System.AssertEquals(null,ctrl);
page = ctrl.save();
} catch(Exception e){
System.debug(' CTRL creation Exception e ' + e);
// No error message here too
}
System.assertEquals(null, page);
// this passes - is this the way to write the test?
if(ApexPages.hasMessages()){
System.debug('There are error messages');
for(ApexPages.Message msg:ApexPages.getMessages()){
System.assert(true, ' Error messages ' + msg );
}
}
}
I have written test class to test this scenario. But it doesn’t give me this error.
But if I use Chatter Free profile to create runAs User , I get the exception in catch part.
Is there way to catch or debug insufficient privilages?
How to write test class to test User Privileges?
@isTest
public static void testUserAccess(){
// create test user
User runUsr = [select name, id, profileId from User where id = '005j000034BMsou' limit 1];
//TestExtension.createProfileBUser();
//As this doesn’t work, I am directly retrieving user who as profileB
System.debug(' runUsr ' + runUsr);
// This prints me correct user
System.runAs(runUsr){
user rrU = [select name, id, profileId from user
where id = :UserInfo.getUserId()];
System.debug('runUsr rru' + runUsr + ' ' + rrU);
System.assertEquals(runUsr,rrU) ;
//Both above users are matching
// Create Account
Account account = new Account(name='testAccount');
insert account;
// I expect error here but no error
// Create the controllerExtension and click cancel
ApexPages.StandardController std = new ApexPages.StandardController(account);
CCExtension ctrl;
PageReference page;
try{
ctrl = new CCExtension (std);
System.debug(' Created ctrl ' + ctrl );
System.AssertEquals(null,ctrl);
page = ctrl.save();
} catch(Exception e){
System.debug(' CTRL creation Exception e ' + e);
// No error message here too
}
System.assertEquals(null, page);
// this passes - is this the way to write the test?
if(ApexPages.hasMessages()){
System.debug('There are error messages');
for(ApexPages.Message msg:ApexPages.getMessages()){
System.assert(true, ' Error messages ' + msg );
}
}
}
I think you want to test crud level permission. runAs method only restrict the accesiblity of records according to the users and does not check any crud level permissions.
you can use something like below
system.runAs(runUsr){
if(schema.sObjectType.account.isCreateable()){
Account a2 = new Account(name='Standard Account');
INSERT a2;
}
}
The above code will test whether the running user has the create permission on account object OR Not , if the user has d create permission on account object then only the account is inserted.
schema.sObjectType.account.isCreateable() returns a boolean value based on whether the running user has create premission OR not.
you can also use other methods of Schema.DescribeSObjectResult class according to your need.
The Chatter Free profile user is getting an error because the user is not supposed to be the owner of any record.
Hope this helps you! let me know if you need anything else.