I got this exception: "Support user does not have permission on this operation" when I try to give access to a record for a user. this is my code:
public void GrantAccess(Guid targetId, Guid principleId)
{
using (var service = new OrganizationService(_con))
{
var request = new GrantAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, targetId),
PrincipalAccess = new PrincipalAccess()
{
AccessMask = AccessRights.ReadAccess,
Principal = new EntityReference(principleId.ToString())
}
};
service.Execute(request);
}
}
and my Constr is like:
private static readonly string ConStr = "Url=http://crm.[ourdomain].com:90/Test; Domain=[ourdomain]; Username=[user]; Password=[password];";
I cand read the data, for example I get this method: RetrieveSharedPrincipalsAndAccessResponse even more I "RevokeAccess" by RevokeAccessRequest, but I couldn't Grant access or modify it.
Edit1 Full Stack Error:
System.ServiceModel.FaultException`1 was unhandled
Action=http://schemas.microsoft.com/xrm/2011/Contracts/Services/IOrganizationService/ExecuteOrganizationServiceFaultFault
HResult=-2146233087
Message=Support user does not have permission on this operation
Source=mscorlib
StackTrace:
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Xrm.Sdk.IOrganizationService.Execute(OrganizationRequest request)
at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.ExecuteCore(OrganizationRequest request)
at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.Execute(OrganizationRequest request)
at Microsoft.Xrm.Client.Services.OrganizationService.<>c__DisplayClass19.<Execute>b__18(IOrganizationService s)
at Microsoft.Xrm.Client.Services.OrganizationService.InnerOrganizationService.UsingService[TResult](Func`2 action)
at Microsoft.Xrm.Client.Services.OrganizationService.Execute(OrganizationRequest request)
at CRMConsole.Queries.GrantAccess(Guid targetId, Guid principleId) in D:\Projects\CRM\CRMPrivileges\CRMConsole\Queries.cs:line 142
at CRMConsole.Program.Main(String[] args) in D:\Projects\CRM\CRMPrivileges\CRMConsole\Program.cs:line 20
at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
InnerException:
I checked the user access to the Account entity, and he has the read access to it with User depth. Beside that I can share this entity in crm web page UI with current user that is in connection credential.
It's so ridiculous but the problem was in this line of code:
Principal = new EntityReference(principleId.ToString())
we must declare entity name just like this:
Principal = new EntityReference(SystemUser.EntityLogicalName,principleId)