Reasons
- You are assigning a record owner to the guest user.
- Existing records owned by guest users are being updated.
- You are trying to share the records with the guest user.
- Sharing a record to the guest user.
- You have not explicitly mentioned the Owner of the record while creating the record from the site/community. The explicitly mentioned owner must not be a guest user.
- There is some automation that is creating or updating a record in the guest user context, without specifying an explicit owner.
Possible Solutions
- Assing explicit owner of the record if you are creating a record in the guest user context.
- Change the owner of existing records owned by the guest user to an internal/external active user.
- Update the automation and add owner id while creating records.
What changed?
In the summer 20 release, salesforce has changed the policies for the guest user access. The public site securities are being enforced to all Salesforce or so that the guest user has only read, create access(In case of a custom object) on records.
I am listing down some of the things that are not supported to guest users.
- Guest users can not be the owner of newly created records.
- Guest users can not be an owner of existing records.
- Guest users can not have more than read access to data.
- Guest users can’t access records via manual sharing.
- Guest users can’t be members of public groups or queues.
- Guest users can only get access to records through guest user sharing rules, a special type of criteria-based sharing rule. The maximum access granted to guest users via sharing rules is read.
- Guest users can no longer update or delete the records (Can do so in system mode).
- Guest users will not be able to complete the forms with flows.
- Guest users may lose visibility to other users of the public site.
- Guest users can not upload files.
-
Standard input field components like
lightning-input-field
orapex:inputField
will not work on custom VF or lightning components in the guest user's context.
Conclusion
The guest users are the users who are accessing the Salesforce Sites publically without any authentication, we must put limits on what data and how it is accessible to those users. So the conclusion is your data is more secure as there is a platform limit on the data shared with the guest users.
No comments :
Post a Comment
Hi there, comments on this site are moderated, you might need to wait until your comment is published. Spam and promotions will be deleted. Sorry for the inconvenience but we have moderated the comments for the safety of this website users. If you have any concern, or if you are not able to comment for some reason, email us at rahul@forcetrails.com