Apex Code Development You need to sign in to do that
Don't have an account?
Whyser Best Practice for Test Methods for Site and Guest User
I'm late to the game when it comes to securing sties/communities and I'm trying to make the appropriate changes before Salesforce enforces the guest rules.
I'm updating my test methods to simulate having our Site run as the Guest User for the Site ("Portal Site Guest User"), but I set up things like Account creation etc prior to running the tests under the "Portal Site Guest User", but for some reason if I try retrieving records created prior to the System.RunAs... it cannot pull up any records created earlier.
I use the @isTest(SeeAllData=true) so that I can retrieve the Portal Guest User.
Sample code:
I'm updating my test methods to simulate having our Site run as the Guest User for the Site ("Portal Site Guest User"), but I set up things like Account creation etc prior to running the tests under the "Portal Site Guest User", but for some reason if I try retrieving records created prior to the System.RunAs... it cannot pull up any records created earlier.
I use the @isTest(SeeAllData=true) so that I can retrieve the Portal Guest User.
Sample code:
@IsTest(SeeAllData=true)
static testMethod void PortalTest()
{
Account a = new Account( Name = 'test', BillingCountry = 'United States', Type = 'Prospect', CurrencyISOCode = 'USD' );
insert a;
User PortalGuest = [SELECT Id FROM User WHERE Name = 'Portal Site Guest User'][0];
System.RunAs( PortalGuest )
{
List< Account> accList = [SELECT Id FROM Account WHERE Id = :a.Id];
System.assert( accList.size() == 1, 'Unable to retrieve created record; accList.size() = ' + accList.size() );
}
}
The System.Assert flags and indicates that the accList.size() = 0.
I have set up Account Sharing Rules for "Portal Site Guest User" to include Account Type = 'Prospect'.
Not sure if I'm missing anything else to be able to access the record from the Guest User. Help?
I believe I found the answer to this, based on Salesforce's best practice article:
https://www.learncommunitycloud.com/s/news/guest-user-record-access-development-best-practices-20Y1U000000UkITUA0
What they are saying here is that I'm performing the insert and the update in the same transaction. The issue with this is that since this is happening in the same transaction, the sharing rules have not been applied to the newly inserted object. As the article states:
"The guest sharing rules would not have kicked in yet for that record, and hence the query will need to be processed from a without sharing class"
"The DML can be moved to a without sharing class"
Basically I would have to create a new "without sharing" class and perform the Account query in that class.
All Answers
Can you please check,if you have given the access to that Object on the guest user Profile.If yes,can you please check,if the checkbox "Secure Guest user record access" has been enabled.
Then,you might need to create the sharing rule and assign it to the guest user.
Kindly let me know if it helps you and close your query by marking it as solved so that it can help others in the future.
Warm Regards,
Shirisha Pathuri
Under Org-Wide Defaults, the "Secure guest user record access" has been checked.
Still running into the same errors.
I believe I found the answer to this, based on Salesforce's best practice article:
https://www.learncommunitycloud.com/s/news/guest-user-record-access-development-best-practices-20Y1U000000UkITUA0
What they are saying here is that I'm performing the insert and the update in the same transaction. The issue with this is that since this is happening in the same transaction, the sharing rules have not been applied to the newly inserted object. As the article states:
"The guest sharing rules would not have kicked in yet for that record, and hence the query will need to be processed from a without sharing class"
"The DML can be moved to a without sharing class"
Basically I would have to create a new "without sharing" class and perform the Account query in that class.