[SalesForce] gets “System.QueryException: Insufficient permissions: secure query included inaccessible field” error

We have a query that is executed by an “experience site/community” user. The user has “Partner Community” license and “Partner Community User” profile. This user executes code containing the following query and gets “System.QueryException: Insufficient permissions: secure query included inaccessible field” error.

SELECT contentdocumentid, linkedentityid,
        contentdocument.description, contentdocument.fileextension,
        contentdocument.filetype, contentdocument.ownerid,
        contentdocument.contentsize, contentdocument.title
FROM ContentDocumentLink
WHERE LinkedEntityId IN :objectIds
WITH SECURITY_ENFORCED

We have

The “WITH SECURITY_ENFORCED” clause is supposed to check object and field level security. Since the object and field level security is not exposed for ContentDocument or ContentDocumentLink, I am thinking that there is some other setting which automatically enables the object and field level security.
If you know what that setting is, please let me know. If I can’t find the setting I am inclined to remove the “WITH SECURITY_ENFORCED” clause from the SOQL query and try.

Best Answer

So it looks like your issue is that you're trying to access fields on related objects, which is not something you can do when you specify WITH SECURITY_ENFORCED. From the documentation:

Traversing a polymorphic field’s relationship is not supported in queries using WITH SECURITY_ENFORCED. For example, you cannot use WITH SECURITY_ENFORCED in this query, which returns the Id and Owner names for User and Calendar entities: SELECT Id, What.Name FROM Event WHERE What.Type IN (’User’,’Calendar’)

Best Answer

Related Solutions

[SalesForce] Enforce Field-Level Security Permissions for SOQL Queries WITH SECURITY_ENFORCED (Confused )

WITH SECURITY_ENFORCED and Security.stripInaccessible in a single SOQL

Related Topic