How to delete the attachment with Validation?

Hi Team,

I would like to perform validation before deleting an attachment in the "Attachment and Notes" detail in the Opportunity Section.

Validation Requirement:

Step 1: A User (ex., Supervisor) is logging in and adding an attachment to the Opportunity record.


Step 2: On click of delete, there needs to be validation whether the user is in the same session on which the record is added, if he loggs out and logged in and tries to delete, it should not allow the user to delete, though the same user the session is different.




1.A user Logged in

2.A session ID is created for the user

3.User Adding an attachment to opportunity record

4.User tries to delete the record in same session (allows to delete)

5.Same User logs out and login, then tries to delete the attachment he added previously, now the attachment should not be deleted.

I Debugged to find out the below things,

Schema for Attachment & Notes : FileDetailV2

User & Session Table : SysUserSession

Delete method: onDeleted: function(record) in FileDetailV2 schema

please guide me to achieve the required validation



Bhoobalan P.

Like 0



Hi Bhoobalan,


The only possible way I see here is to create a database trigger that would be triggered upon each user session start that would delete all records related to the system user rights from the SysAccountFileRight table (record permissions for the AccountFile object should be enabled for this table to appear in the database) (only for records that were created in the past day so not to provoke high SQL-server CPU consumption). Also please note that theoretically you should also add denying access rights for the system user in the SysAccountFileRight table for all the attachments created in the past two or one day.


Best regards.


Oscar Dylan,

Thanks for the response.

Here, I would like to perform the delete operation only on the attachment record that I select which should be in the same session of a user when the attachment was added (not all records).

Also, I couldn't find the table SysAccountFileRight.

Note: Validation should be performed only with the click of delete.


Bhoobalan P

Bhoobalan Palanivelu,


Please double-check my previous reply: record permissions for the AccountFile object should be enabled for this table to appear in the database.


The database trigger will do the task you need, there is no need to develop some client logic (also it will be a very difficult task to check the user session, compare it to the file creation date and then pass this information to the validator using the client logic).


Best regards,


Bhoobalan Palanivelu,

Regarding the link between attachments & user sessions - 

I do not think there is a track between the Attachment record and the session it was created in. The closest you can get to it is use the CreatedOn timestamp from the Attachment table and read SysUserSession table for any sessions in that range.

Another thing to be kept in mind is that -  A user can create multiple sessions at a time and logging out only closes that specific session leaving the remaining sessions active. Additionally, physical act of logging out is different from user session expiry. Later can happen automatically as well without any user action.

So some kind of approximation/change in the logic you have mentioned will need to be done Eg 'No active user session exists with session start time < Attachment's createdOn time stamp' is possible to check. But there is no guarantee that the exact session used to add the attachment was closed - given a multi session scenario. 

Show all comments