function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Issue with Querying Private Object in Customer Portal


I have made my cases object private and have a custom visualforce page and controller to retrieve a list of cases.

On the standard page, a user can only see those cases they have read permissions on.

On the visualforce page, the query also retrieves cases where the case contact is also from the same account. However, the user does not actually have permission to these cases, and gets a permission error when they try to access it. 

Just for my own sanity, when you run a query it should only retrieve those objects which you have at least permission to, correct? It has been working like this for everything else I can remember. 

Is there something weird with case sharing and customer portal licenses?

I am using overage customer portal licenses in a community.  
Does the controller run "without sharing", or does it have no sharing keyword? Try setting changing your controller's class to "with sharing"; this should fix the query.
Hi The controller is with sharing. The view does not show all cases possible only cases they can see and ones from the other user on the same account.
Tyler SmithTyler Smith
I have a similar issue, except I can't even get the customer portal license to return any records (created by them, owned by them, or otherwise). I've checked permissions on the profile and things look okay. There is not a permission set assigned to them and of course no roles. They seems to be able to see the objects but not the data stored in the objects. Thoughts?
By see the objects you mean a query by them returns records? Can you try just dumping the Ids from a query into the debug log or on the page output? 

For the data do you get a a permission error or just the field shows up as blank?
Tyler SmithTyler Smith
Correct, by see I mean query. The query runs but always returns zero results. If I run the query on a full license (mine) it brings back results, but when run on the customer portal license it brings back nothing from the private object.

The Visual Force page and the API calls I've made (after granting API access) don't return errors, just zero records. It seems to be related to the privite as I do get results when I querry on public objects assocaited to the user. We have a sharing set in place that is meant to grant access to the object based on the connection to the contact, but it didn't change the zero result response.

Thanks for your quick response. Any thoughts?
What kind of customer portal licenses are these (Overage, High Volume, etc) and is the contact listed (the one related to the customer portal user) as the case contact on the record? 
Tyler SmithTyler Smith
Overage High Volume Customer Portal and, yes, the person is listed as the contact on the cases. 
I think High Volume ones are a little "special"

Have you set up Sharing Sets for the Case?
Tyler SmithTyler Smith
Oh, I believe that they are special. Yes we have a sharing set for the case that is supposed to grant full read/write access based on the contact. I've also tried attaching it to the account link instead but that didn't change anything. I've talked to a couple people here and have gotten to the end of our knowledge pool and so am looking to see if the community knows anything. I need to reach out to our rep at Salesforce as well, but haven't done that yet.
The only other thing I could think of would be to make sure the profile the customer portal user is using has access to cases, but I am assuming you checked that already. 

Is this in a sandbox? Can you see the cases when you change the sharing model to "Public"?

Also, check the sharing on the case - (Sharing Button). It should show sharing to that user like this: 

User-added image
Tyler SmithTyler Smith
Yeah, their profile has read, create, and edit access on cases. The sharing looks very different but I assume that is because of the sharing set (instead of sharing rules because High Volume licenses don't do sharing rules).
Sharing details
Tyler SmithTyler Smith
I've been working on this in a full sandbox used by our organization. I have gotten permission to take another sandbox to test some other things (like moving back to public, really messing with permissions etc), but not until next week. The problem is that, I don't believe a normal sandbox comes with high volume licenses to test the situation.

Thanks for your thoughts at least, it makes me feel less like I just don't know anything when other people are also a little stumped.
You have the OWD sharing set to Private on Cases right?
Tyler SmithTyler Smith
Yes, not on many objects in our org are but we are working on moving more to private in the coming weeks. Our high volume licenses will need access  though and so I'm trying to figure this out generally as well (but with cases first as it is the first point with a problem). This process worked when cases were public but not after we switched to private (I assume it would work again if we switched back to public).

I am facing the same issue in a full sandbox used by our organization. I login with a customer portal contact/user, create a case of particular record type(using a visualforce page created by us) and the case gets created in the background but when I try to search the case its not retrieved through the portal search. I can see the case is created in salesforce and I am able to search the case through salesforce. This functionality worked well previously recently something has gone wrong with customer portal. I approaced the Salesforce support team but no solution from them till yet.
a) Case object has been given Public Read Only (OWD) access
b) Contact belongs to "Customer Portal Manager Custom" profile, profile has Read/Create/Edit access on Cases
c) Controller of the page has keywords "with sharing"
d) Case has been assigned to the account which is same on the contact
e) Sharing button shows full access to the owner and Related Portal User
f) Customer portal user is the owner of the case.

Please give some solution to resolve this problem soon.