Is there a way to add "Account Access" option under the "Opportunity Access" option (like it is shown in Account sharing) without creating a custom VF page and just by playing around with the sharing settings on the individual Opportunity sharing page?
Related
I have setup a site but when i am opening this site i am getting this
type error, Authorization Required
You must first log in or register before accessing this page. If you
have forgotten your password, click Forgot Password to reset it.
click and check image
You need to make sure that the visualforce page which you created has access to Guest user profile. To navigate to Guest user, do as below:
Go to Setup -> Develop -> Sites -> Click Site name -> Public Access Settings
The sites under Digital Experiences / All sites are called Experience Cloud sites.
The sites under Sites and Domains > Sites are called Salesforce sites.
These are different categories of sites and they come with different behaviors.
Based on the screenshot you shared with me, (the url has force.com included), it looks like your site is in the second category, please be aware of that:
Users from the Salesforce sites can only see their own data. If your program is trying to access data recreated by other, you will get the Authorization Required error.
As a way to test this, try to comment out the SOQL statements, the error message may go away.
also check out the following link:
https://help.salesforce.com/s/articleView?id=release-notes.rn_networks_guest_user.htm&type=5&release=228
The Secure guest user record access setting was enabled in Summer ’20, but could still be disabled during that release. To safeguard your Salesforce org’s data, in Winter ’21, this setting is enabled in all orgs with communities or sites and can't be disabled. The Secure guest user record access setting enforces private org-wide defaults for guest users and requires that you use guest user sharing rules to open up record access. You also can't add guest users to groups or queues or grant guest users record access through manual sharing or Apex managed sharing.
I understand Wagtail is a CMS. Per my test so far, only the admin has permission to publish an article/content. I checked out "puput" and a few others as listed here. I wonder is there a way to allow normal user registration, login, publishing? Something similar to Medium, where the normal user, or say the community, can contribute to the content generation.
I thought there might be a toggle or switch to enable this. But I didn't find it. I'm looking for a way that is either a package or a plugin or similar. Not coding from scratch. Ideally within Wagtail CMS, but other frameworks based on Django should also be fine.
Thanks.
Wagtail provides two user groups:
Editors: user within this group can create page and submit it to moderation
Moderators: user within this group can publish pages that have been submitted to moderation.
To update groups for a given user, go the the django admin interface with admin credentails, usually the url is your-domain/admin
Then go to Users under Authentication and Authorization category
Then get into the user you want to allow posting pages,
Scroll down until Permissions category and moove groups Editors and Moderators from Available groups to Chosen groups as follow:
Then save new settings.
I'm planning to create a website, and the pages contents will be created by both Admin and normal(logged in) users.
Is wagtail admin page supposed to be only for the admin users to create page contents ?
Is it a bad idea to give normal users the admin access with limited permissions to allow them to create their page contents?
If it is a bad idea, is it still possible to use the awesome admin page editor interface for the normal user?
I'm wondering how other people handles the page creation by the normal users in wagtail..
It depends how you're defining "admin user". By the most literal definition, as soon as you give a user access to the Wagtail admin, they're an admin user...
Wagtail is designed to support multiple user roles - through features like the permission system and the "submit for moderation" option, so that you can give people access to edit pages without giving them total control over the site. For example, the Royal College of Art - the site that Wagtail was originally built for - gives students limited-permission accounts on Wagtail so that they can create and submit pages about their work in the RCA Now section, without giving them edit access to the rest of the site.
If you want to give normal user to wagatil admin access than you have to give below permission as mentioned in photo.
You can see this in
wagtail admin > settings > groups > other permissions > check "can access wagtail admin"
And might be clear that you have'nt given Admin Access Role.
I'd like to create visualforce page that inserts a record into salesforce account object. However, I expect some of the page users won't have salesforce accounts. Can they still access it? If not, what are the alternatives that can be used to visualforce page in this case? (Please don't consider Web to Lead Forms).
Thanks,
Yes, it's possible. Go read about Salesforce Sites. For a start:
http://wiki.developerforce.com/page/Websites
http://wiki.developerforce.com/page/An_Introduction_to_Force.com_Sites
(of course it's also possible to write that page in say Java/.NET/PHP and use integration via SOAP or REST to talk to Salesforce... but these 2 main links will keep the whole solution within SF so no need to need to learn new language, have extra maintenance effort etc)
Sites are VF pages that expose a bit of your company's data without need to log in. You can use them to input data too, just remember that in theory anybody could learn the link and spam you (not too different from web2lead, inbound email handlers etc). You specify security in a way similar to Profiles, the records will have "Created By = {site name} Guest User".
I don't think there's anything out of the box to restrict visibility, they're open to whole world. So if you would want something similar to login IP ranges (so only sales reps from your office's network can enter data) - you might have to write some logic in the controller.
I have a custom field in the Salesforce User object. I am trying to work out permissions. I only want the User's manager and System Admins to be able to see this field.
Looking at the field-level security options, I see: Contract Manager. I worry that if I check this, ALL contract managers will be able to see this field. Is that the case?
Is there an easy way to accomplish this security policy and test it in a sandbox where I am not allowed to have many users?
You are correct, if you allow the Contract Manager profile to view that field via Field-Level Security, then ALL users assigned to that profile will be able to see the field, regardless of whether or not the user actually rolls up to them.
You should be able to show/hide this field based on some more advanced logic by embedding a small VF page into the User page layout. This will still require you to make the field visible via Field-Level Security, however, and will not allow you to hide it from other managers if they have access to the API (it would only be hidden from them on the page).
Making the field visible to contract manager will make it visible to all contract managers. However, there is a fairly simple formula that will allow you to enforce this securely.
1) make secret field not visible to contract managers.
2) Create a hierarchical relationship to the contract manager on user.
3) Create a formula that checks if the running user is the contract manager of the user you are looking at.
IF($user.id == user.contract_manager__c,secret_field__c,'only this users contract manager can see this.')