Salesforce Sharing Rules

With the Winter 20 Salesforce update, your org now has the ability to control the record access that site guest users have. Salesforce will enable this setting (Secure guest user record access) as a critical update. In Spring 20, Salesforce will also set external Org-Wide Defaults for managed package objects to Private

 

These two changes will affect Formstack Salesforce App NativeCloud and Community users and prevent access to forms. 

Step 1. You can maintain access for your NativeCloud site guest users and public/guest community guest users by creating Sharing Rules on Formstack objects.

Step 2. You can maintain access for your logged-in Community users by changing the external OWD to Public or by creating Sharing Rules on Formstack objects. 

 

 

 

 

Recommended Method: Create sharing rules in-app

We have automated the creation of sharing rules through an in-app mechanism.

Step 1: Fix Access for Site Guest Users

If your org is detected to be missing sharing rules for site guest users or requires that sharing rules be recalculated for them, then a notification is displayed in-app. 

sharing_rules_banner.png

Rules can be setup through the Admin Settings panel. 

sharing_rules_site_guest_user.png

 

Step 2: Fix Access for Community Portal Users

You can maintain access for your logged-in Community users by changing the external OWD on Formstack objects to Public or by creating Sharing Rules on Formstack objects. 

Method 1: Update Org-Wide Defaults

1. Navigate to Setup > Security > Sharing Settings
2. Set the following objects to Public Read-Only

  • Form Pages
  • Form Style
  • Submission Draft
  • Template
  • Platform Account

Method 2: Add Sharing Rules for Portal Users

sharing_rules_portal_user.png

 

Alternate Method: Manually Add Sharing Settings

It is possible that the in-app mechanism does not work or that your use case is more unique. This would prevent our forms from being accessible and would require sharing rules be manually added. 

To configure Sharing Rules you can navigate to Setup > Security Controls > Sharing Settings.

For NativeCloud customers or Community Form external guest users, the Site Guest User needs to have Sharing Rules created for the following Formstack objects. 

In addition, to provide access to logged-in portal users (if external Org Wide Defaults are forced to Private) you will need to add sharing rules for your portal user groups.

  • Form Pages
  • Form Style
  • Submission Draft
  • Template
  • Platform Account

For each Formstack object, a new Sharing Rule needs to be created.  

  1. Give your rule a label, name, and description (optional)
  2. Select the 'Guest user access, based on criteria' radial
  3. Create criteria that will apply for all records within the object
    1. For example, Owner not equal to 0
    2. Platform Account should be more limited: ProviderType EQUALS GoogleCaptchaV3
  4. Choose the site guest user profile you will be using for your NativeCloud site or Community (or Portal user group)
  5. Ensure that Access Level is set to at least read only

Note: After a sharing rule is created it will recalculate object settings and depending on the amount of data in question, the process could take a while to complete. This can be invoked manually by following these instructions

Sharing_rule_criteria.png 

Form_Page_sharing_rules.png

Form_Style_sharing_rules.png

Submission_Draft_Sharing_Rules.png

Template_Sharing_Rules.png

Platform_Account_Sharing_Rules.png

 

Was this article helpful?
4 out of 5 found this helpful

Comments

0 comments

Article is closed for comments.