With the Winter 20 Salesforce update, your org now has the ability to control the record access that site guest users have. Salesforce will enable this setting (Secure guest user record access) as a critical update. In Spring 20, Salesforce will also set external Org-Wide Defaults for managed package objects to Private.
These two changes will affect Formstack Salesforce App NativeCloud and Community users and prevent access to forms.
Step 1. You can maintain access for your NativeCloud site guest users and public/guest community guest users by creating Sharing Rules on Formstack objects.
Step 2. You can maintain access for your logged-in Community users by changing the external OWD to Public or by creating Sharing Rules on Formstack objects.
Recommended Method: Create sharing rules in-app
We have automated the creation of sharing rules through an in-app mechanism.
Step 1: Fix Access for Site Guest Users
If your org is detected to be missing sharing rules for site guest users or requires that sharing rules be recalculated for them, then a notification is displayed in-app.
Rules can be setup through the Admin Settings panel.
Step 2: Fix Access for Community Portal Users
You can maintain access for your logged-in Community users by changing the external OWD on Formstack objects to Public or by creating Sharing Rules on Formstack objects.
Method 1: Update Org-Wide Defaults
1. Navigate to Setup > Security > Sharing Settings
2. Set the following objects to Public Read-Only
- Form Pages
- Form Style
- Submission Draft
- Template
- Platform Account
Method 2: Add Sharing Rules for Portal Users
Alternate Method: Manually Add Sharing Settings
It is possible that the in-app mechanism does not work or that your use case is more unique. This would prevent our forms from being accessible and would require sharing rules be manually added.
To configure Sharing Rules you can navigate to Setup > Security Controls > Sharing Settings.
For NativeCloud customers or Community Form external guest users, the Site Guest User needs to have Sharing Rules created for the following Formstack objects.
In addition, to provide access to logged-in portal users (if external Org Wide Defaults are forced to Private) you will need to add sharing rules for your portal user groups.
- Form Pages
- Form Style
- Submission Draft
- Template
- Platform Account
For each Formstack object, a new Sharing Rule needs to be created.
- Give your rule a label, name, and description (optional)
- Select the 'Guest user access, based on criteria' radial
- Create criteria that will apply for all records within the object
- For example, Owner not equal to 0
- Platform Account should be more limited: ProviderType EQUALS GoogleCaptchaV3
- Choose the site guest user profile you will be using for your NativeCloud site or Community (or Portal user group)
- Ensure that Access Level is set to at least read only
Note: After a sharing rule is created it will recalculate object settings and depending on the amount of data in question, the process could take a while to complete. This can be invoked manually by following these instructions.
Comments
Article is closed for comments.