December 28, 2012

Insufficient access rights on cross-reference id error

INSUFFICIENT_ACCESS_ON_CROSS_REFERENCE_ENTITY, insufficient access rights on cross-reference id:[] is a common issue when you try to update or create data with insufficient access on a record.

Kindly check the user profile and check whether the user has access to insert/update that record. Even if the user has access, kindly check whether the user has access to update fields like record types, lookup field, master-detail field, etc.

Troubleshooting steps:
1. Make sure whether the user have access to record ids of the lookup fields and/or master-detail fields in the record.
2. Check the user Profile(CRUD Permissions).
3. Profile need to have access for the record types.
4. Record's OwnerId automatically gets share record when the record is inserted. If the apex code try to create the same(Share record for the owner) explicitly. This error occurs. 
Sample Code for this error:
Id usrId = UserInfo.getUserId();
Account objAccount = new Account( Name = 'Testing', OwnerId = usrId );
insert objAccount;
AccountShare objAccountShare = new AccountShare();
objAccountShare.AccountAccessLevel = 'Edit';
objAccountShare.AccountId = objAccount.Id;
objAccountShare.RowCause = 'Manual';
objAccountShare.UserOrGroupId = usrId;
objAccountShare.OpportunityAccessLevel = 'Read';
insert objAccountShare;

5. Check whether the apex code is trying to create share records to the record which the current user doesn't have access to it.
6. Check whether there are any hard-coded ids are miss matching the environments.
Even though trigger runs in System Mode, Sharing Settings will be checked. Only CRUD and FLS will not be checked against the user.

No comments:

Post a Comment