My question is similar to this one except that I need the files for a group of records, making the solution of querying ContentDocumentLink unworkable, because it requires a single Id for the where clause.
Currently I am querying the Object__Feed for all content posts, but now that files can be posted as comments this solution is incomplete. I also need to get the files that were posted as comments.
Is there any way to do this? I've tried querying the ContentVersion directly using the relatedRecordId on the chatter comment, but there is a security restriction that the file is not returned if it is privately shared, even though it's visible on the chatter feed of the record.
Edit The exact use case is for a controller displaying all the chatter files for a list of objects. The controller is a without sharing class, and when run as a system administrator the ContentVersion records are returned and displayed on the page. When run as anyone other than a System Admin the same page returns no records. Why isn't without sharing working?
Attribution to: Daniel Blackhall
Possible Suggestion/Solution #1
I think this might be solved by simply using the without sharing access keywords in your class.
public without sharing class MyChatterSearchClass{...}
Without sharing will ignore all sharing rules and allow your apex code to query as system. Otherwise, if you are using "with sharing" you are querying as user context, and any record access restrictions placed upon the user will apply to your code.
To provide a bit more color, without sharing is used often when you want to perform an action on behalf of a user that they wouldn't be able to normally. For instance, aggregating data to rollup to a record, where they might not normally have access to the records that are the basis for the aggregation.
Certainly there are security risks and you want to be extremely careful writing code as without sharing, but there are times when it is absolutely necessary. I can't speak to the use case that this request comes from, since I have no details as to that use case, but you need to be the one who decides whether what you are trying to do is a legitimate use case for without sharing.
Attribution to: pchittum
Possible Suggestion/Solution #2
The part of the project I was working on was put on hold until a solution could be found to this problem (hence the very late answer).
So after a lengthy discussion with Salesforce support; The answer is that there is no way to query ContentVersion records that have not been explicitly shared with a user, this is still enforced even if the apex controller is a without sharing class.
According to the Content Document team this is not a bug, because it has been documented here. Needless to say I disagree completely, what is the point of without sharing if it has restrictions?
A summary of the restrictions was provided to me and is as follows; A record will only be returned if it is shared with one or more of the following locations:
- shared with libraries (workspaces) you are a member of
- shared with Chatter groups you can see (private / public)
- shared with you directly as a user (private sharing)
- shared with the whole company.
- And if you're the document owner, it'll list file regardless of where it's shared.
Attribution to: Daniel Blackhall
This content is remixed from stackoverflow or stackexchange. Please visit https://salesforce.stackexchange.com/questions/3490