locked
RetrievePrincipalAccessRequest lacks privilige. Is impersonation required? RRS feed

  • Question

  • I have a custom entity that displays the parent in a lookup.  If the user does not have read privilige on the parent an error is thrown when the hyperlink is clicked.  I added a soap message to retrieve the access priviliges to see if the user has read access.  If there is no read access I will blank out the lookup value.  I executed the code with the system administator role and it executed successfully.  I executed the code as sales rep and the message failed with an AccessCheckEx error.  Apparently there is not enough privilige to check for read privilige.  Arrrrgh!!!

    Any help as to what privilige I need to bump up in the security role.  Business requirements prevent some of the priviliges from being increased.
    Is this a case where impersonation may be required??
    • Edited by KCJodi Monday, July 13, 2009 3:31 PM
    Monday, July 13, 2009 3:30 PM

Answers

All replies

  • Hi,

    I guess one option could be to catch this exception( if raised) and accordingly blank out the lookup value !!



    Regards,
    Nishant Rana


    http://nishantrana.wordpress.com
    Monday, July 13, 2009 3:43 PM
  • I think you are correct.  If an error is raised, then clearly the user does not have read access. 

    I'll go with that for now.  Security roles are not intuitive.
    Monday, July 13, 2009 3:46 PM