Salesforce：如果当前用户有权更新当前记录，如何仅呈现顶点。创纪录的安全级别

发布于 2024-11-15 13:38:26 字数 1924 浏览 5 评论 0原文

我正在尝试修复为此问题发布的代码 VisualForce：将长文本字段中的回车符转换为 html 换行符

正如您在该帖子中看到的，有一个自定义Visualforce 页面的控制器，该页面具有案例的选项卡式内容。列出 CaseComments 的唯一方法是使用自定义 Apex。控制器执行一个简单的查询来检索当前案例的所有 CaseComments。

如果当前用户有权编辑特定案例评论的实例，我只想显示“编辑”链接。

我在这里找到了一个关于基于对象级安全性动态渲染组件的好博客： http://forcearchitects.deliveredinnovation.com/2011/02/05/render-visualforce-components-dynamically-based-on-object-level-security/

根据该帖子，我尝试使用

$ObjectType.CaseComment.updateable

As 不幸的是

<apex:repeat value="{!comments}" var="c">
    <tr>
    <td class="commentsActionColumn">
    <!-- open the case comment for edit -->
    <apex:outputLink title=""
        rendered="{!$ObjectType.CaseComment.updateable}" 
    value="/{!c.id}/e?parent_id={!c.parentId}&retURL=/apex/{!$CurrentPage.Name}%3Fid={!case.id}" style="font-weight:bold">Edit</apex:outputLink> 
    </td>
    <td>
    <!-- display the case comment formatted using the apex outputField -->
    <div class="commentTdClass">
    <apex:outputField value="{!c.commentbody}"></apex:outputField>
    </div>
    </td>
    </tr>
</apex:repeat>

，可更新的测试是在对象级别上进行的，因此如果当前用户有权编辑任何 CaseComment，则所有 CaseComment 都会返回 true。

我需要记录级别验证，以便仅在当前用户可以修改特定行时才显示编辑操作。

有什么想法吗？

更新当我重新阅读我的问题时，我发现它并不像应有的那么清晰。

当我迭代 CaseComments 集时，对于给定的 Case，我需要知道当前用户是否可以安全地编辑特定的 CaseComment，而不会看到“您没有权限页面”。此测试必须基于 CaseComment by CaseComment 记录级别，因为任何给定的 Case 都会有许多 CaseComment，全部由不同的用户贡献

原文

I'm trying to fix my code posted for this question VisualForce: convert carriage returns to html line-breaks in a long text field

As you can see in that posting there is a custom controller for a Visualforce page that has tabbed content for Case. The only way to list CaseComments is with custom Apex. The controller performs a simple query to retrieve all the CaseComments for the current case.

I want to only show an "Edit" link if the current user has permission to edit the instance of a particular case comment.

I found a good blog about rendering components dynamically based on object level security here:
http://forcearchitects.deliveredinnovation.com/2011/02/05/render-visualforce-components-dynamically-based-on-object-level-security/

Based on that posting I tried using

$ObjectType.CaseComment.updateable

As in the following:

<apex:repeat value="{!comments}" var="c">
    <tr>
    <td class="commentsActionColumn">
    <!-- open the case comment for edit -->
    <apex:outputLink title=""
        rendered="{!$ObjectType.CaseComment.updateable}" 
    value="/{!c.id}/e?parent_id={!c.parentId}&retURL=/apex/{!$CurrentPage.Name}%3Fid={!case.id}" style="font-weight:bold">Edit</apex:outputLink> 
    </td>
    <td>
    <!-- display the case comment formatted using the apex outputField -->
    <div class="commentTdClass">
    <apex:outputField value="{!c.commentbody}"></apex:outputField>
    </div>
    </td>
    </tr>
</apex:repeat>

Unfortunately, the test for updateable is on the Object level so it returns true on all CaseComments if the current user has permission to edit any CaseComment.

I need record level validation to only show the Edit action if the particular row can be modified by the current user.

Any ideas?

Update
As I reread my question I see that it wasn't as clear as it should be.

As I iterate over the set of CaseComments, for a given Case, I need to know if the current user can safely edit a particular CaseComment without seeing the "you don't have permission page". This test must be on a CaseComment by CaseComment record level basis because any given Case will have many CaseComments all contributed by different Users

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

孤独岁月 2024-11-22 13:38:26

你可以通过几种方式做到这一点（我认为）。

如果您想走纯粹的编程路线，那么查看此处讨论使用共享对象来允许与特定用户或组共享记录。

否则，如果可能的话，您可以使用角色和层次结构管理来组织此记录，以便只有特定级别或更高级别的特定角色中的人员才能查看并访问记录？

保罗

更新：

根据您下面的评论，我认为您想使用顶点共享。如果您查看这个有用的developerforce wiki，您会发现您应该访问共享对象检查用户在此对象中是否有记录以查看特定记录实例。比如：

MyObject__Share share1 = [Select ParentId, UserOrGroupId, AccessLevel from MyObject__Share where ParentId = :myrecordId And UserOrGroupId = :UserId];
if(share1 != null)
{ code to allow the record to be viewed}
else
{code to deny access}

我还没有测试或尝试过，所以你会想要调整它，但这应该是总体想法。

保罗

You can do this in a couple of ways (I think).

If you want to go down a purely programmatic route then look here which discusses using the sharing object to allow record sharing with particular users or groups.

Otherwise, if possible you could use Roles and Hierarchy management to organise this in a way so that only people within a particular role of a particular level or above can see a record and access it?

Paul

Update:

Based upon your comment below I think you want to use apex sharing. If you look at this useful developerforce wiki you can see that you should access the sharing object to check whether or not the user has a record in this object to view the particular record instance. Something like:

MyObject__Share share1 = [Select ParentId, UserOrGroupId, AccessLevel from MyObject__Share where ParentId = :myrecordId And UserOrGroupId = :UserId];
if(share1 != null)
{ code to allow the record to be viewed}
else
{code to deny access}

I haven't tested or tried that so you will want to tweak it but that should be the general idea.

Paul

回复收藏 0 原文

高速公鹿 2024-11-22 13:38:26

看看下面的网址。

https://developer.salesforce.com/forums/?id=906F00000008w0gIAA

就像我们可以使用如下所示的东西。不过我还没有测试过。

SELECT RecordId, [HasReadAccess, HasEditAccess, HasAllAccess, MaxAccessLevel] FROM UserRecordAccess
WHERE UserId = [single ID]
AND RecordId = [single ID] 
//or Record IN [list of IDs]

Have a look at the below URL.

https://developer.salesforce.com/forums/?id=906F00000008w0gIAA

Looks like we can use something like below. however ihaven't tested yet.

SELECT RecordId, [HasReadAccess, HasEditAccess, HasAllAccess, MaxAccessLevel] FROM UserRecordAccess
WHERE UserId = [single ID]
AND RecordId = [single ID] 
//or Record IN [list of IDs]

回复收藏 0 原文

~没有更多了~