šŸ§Ŗ Experimental KB ā€” Official knowledge hub: community.kaptio.com

ā† Back to KB
configuration

How to resolve Builder FLS permission errors after Kaptio package upgrade

Users cannot access the Itinerary Builder screen after a Kaptio package upgrade. Some users receive a Field Level Security (FLS) error when trying to open itineraries in the Builder tab, while other u

permissions FLS builder package-upgrade permission-sets

Problem

Users cannot access the Itinerary Builder screen after a Kaptio package upgrade. Some users receive a Field Level Security (FLS) error when trying to open itineraries in the Builder tab, while other users with different permission sets work fine.

What We Found

After Kaptio package upgrades, new fields and objects are added to the managed package. The SOQL queries in Builder use WITH SECURITY_ENFORCED, which throws an error if the user lacks Read access to ANY field or object being queried. Different permission set groups were missing access to different new objects and fields.

Solution

  1. Identify the userā€™s permission set group (e.g., ā€˜Standard Group w/ SSO Back Officeā€™, ā€˜Sales Access Groupā€™)
  2. Add Read access to the permission set ā€˜(Kaptio) Build Trips & Itinerariesā€™ for the missing objects and fields
  3. For ā€˜Standard Group w/ SSO Back Officeā€™ - add access to: KaptioTravel__RailItinerary__c object
  4. For ā€˜Sales Access Groupā€™ - add access to: KaptioTravel__ConnectFlightGateway__c object, KaptioTravel__TourDeparture__c object, and KaptioTravel__IsActive__c field on KaptioTravel__Addon__c
  5. Common fields to check after upgrades: KaptioTravel__IsPredefinedManualRail__c and KaptioTravel__TourDeparture__c on Itinerary_Item__c, KaptioTravel__PhysicalInventorySelection__c on Package__c, KaptioTravel__AllowChangePackageDepartureDate__c on PackageDeparture__c, KaptioTravel__CumulativePricing__c on Price_Category__c
  6. Have the user log out and log back in, then test opening the Builder

Notes

  • This is a recurring pattern after Kaptio package upgrades - new fields/objects require manual permission set updates
  • Different user groups may encounter different missing permissions depending on their permission set group assignments
  • The WITH SECURITY_ENFORCED clause in Apex causes the error - even one missing field permission will block the entire query
  • Document all permission changes needed for production go-live handover documents
  • The SOQL query log before the FLS error can help identify which objects/fields are being queried

Warnings

āš ļø Cannot predict all users who will have issues - must react as reports come in from different permission set groups āš ļø Adding permissions to one permission set may not fix all users if they have different permission set groups āš ļø Always verify the userā€™s specific permission set group before making changes

Source: KHELP-12361

Was this article helpful?