Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Users with Custom Profile are not able to update the metadata whereas System Admin can #19

Open
surabhipriya29 opened this issue Aug 10, 2022 · 6 comments

Comments

@surabhipriya29
Copy link

Hello,

We have implemented the Custom Metadata Saver for Salesforce for the Manager profile in Salesforce. Users are not able to update the metadata record whereas only the system admin can do so.
Error -
An Apex error occurred: System.NoAccessException: Insufficient Privileges: You do not have the level of access necessary to perform the operation you requested. Please contact the owner of the record or your administrator if access is necessary.

I tried with 'Customise Application' on Profile but this even didnt work. Please help me.

@surabhipriya29
Copy link
Author

I forget to tag@jongpie - Please share details on the above question. Thanks

@surabhipriya29
Copy link
Author

@jongpie Any update please

@hwong103
Copy link

hwong103 commented Sep 15, 2022

@jongpie hoping you see this. I'm coming across this issue as well trying to build a nice wizard for standard users to create custom metadata.

They definitely already have necessary access to create them via the Setup UI but seem to hit this insufficient access error. Not sure what permission is missing exactly as I've already provided them with the following system settings in a permission set

  • Customize Application
  • Modify Metadata Through Metadata API Functions

Edit: Apologies, I think it was user error, I was testing in the wrong sandbox -.-

@surabhipriya29 double check your permissions include "Modify Metadata Through Metadata API Functions" and try again. Seems to work now for me

@jongpie
Copy link
Owner

jongpie commented Sep 21, 2022

@surabhipriya29 and @hwong103 apologies for the late response! I believe that @surabhipriya29 is correct, your profile will need the permissions "Customize Application" (source. I'm hoping to spend more time on this project next month, and I'll be exploring to see if there are any ways to get around this requirement, but for now, you'll need to provide access via profile or permission set.

@cadillacben
Copy link

My first solution attempt was to create a session based permission set, assign that, and activate/deactivate it inside the flow. However, there's a known issue causing that to not work currently.

Option 2 was to publish a platform event thinking it would run in system context, but it runs as the user who published the event.

@cadillacben
Copy link

I am now assigning a permission set with the below permissions to the user before deploying but setting an expiration date 15 minutes in the future. Seems to work well so far. Currently looking for a way to allow deletes.

Customize Application
Modify Metadata Through Metadata API Functions

@jongpie @surabhipriya29

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants