I am able to use a file upload to post a file to the Chatter Feed of a custom object record using the following code:
ConnectApi.FeedItemInput feedItemInput = new ConnectApi.FeedItemInput();
ConnectApi.MentionSegmentInput mentionSegmentInput = new ConnectApi.MentionSegmentInput();
ConnectApi.MessageBodyInput messageBodyInput = new ConnectApi.MessageBodyInput();
ConnectApi.TextSegmentInput textSegmentInput = new ConnectApi.TextSegmentInput();
//Add message text to post
messageBodyInput.messageSegments = new List<ConnectApi.MessageSegmentInput>();
textSegmentInput.text = 'New Document Posted by: ';
messageBodyInput.messageSegments.add(textSegmentInput);
mentionSegmentInput.id = UserInfo.getUserId();
messageBodyInput.messageSegments.add(mentionSegmentInput);
feedItemInput.body = messageBodyInput;
//Add attachment data from uploaded file
ConnectApi.NewFileAttachmentInput attachmentInput = new ConnectApi.NewFileAttachmentInput();
attachmentInput.description = 'Uploaded by: ' + UserInfo.getUserId();
attachmentInput.title = doc.name;
feedItemInput.attachment = attachmentInput;
//Set visibility of post
feedItemInput.visibility = ConnectApi.FeedItemVisibilityType.InternalUsers;
//Create binary from file upload
ConnectApi.BinaryInput binaryInput = new ConnectApi.BinaryInput(doc.Body, 'text/plain', doc.name);
ConnectApi.FeedItem originalFeedItem = ConnectApi.ChatterFeeds.postFeedItem(communityId, ConnectApi.FeedType.Record, SObjectId, feedItemInput, binaryInput);
//Redirect to order page
String orderUrl = ENV_SOBJECT_URL + sObjectId;
return new PageReference(orderUrl);
The file is displayed in the chatter feed and notes and attachments section on the custom object details page
QUESTION
I want to be able to change the File Sharing settings of the file such that only users in certain groups are able to view that file. So the owner of the Feed Item will be the record but only users in certain groups will be able to see the file.
I am currently using the Connect API to accomplish this but using SOQL would be fine as well.
Best Answer
Access to the file is based on access to the parent entity it is shared with. In your case, anyone who can see the custom object will have access to the file. If the org wide default sharing for the custom object is private, limited people would have access to the record, such as the record creator and administrators.
If the file is shared with a public group, then everyone would have access to the file because everyone has access to the group. To limit file access to only group members, you would need to share the file with private groups.
You can share files with groups through the Connect API by creating a FeedItem on the group. If the file is already uploaded into Salesforce, then while creating the FeedItem, you can specify the ContentVersion Id and it will share the file.
To share a file with a private group without creating a FeedItem (such as if you want to avoid the "noise" of doing many shares), you can use the SObject API and the ContentDocumentLink entity. This can create a share between the file and a parent entity (such as a group).
If your use requires the file to also be shared with the custom object, then I would suggest uploading it to the custom object as you are and having the custom object share settings be private. Then, either create a FeedItem or ContentDocumentLink share to PRIVATE groups.
If it is not required to be shared with the custom object, then you can do the initial upload (as a FeedItem) to a private group, and then share it to additional private groups through FeedItems or ContentDocumentLinks.