Apex Code Development You need to sign in to do that
Don't have an account?
Query about Customer Community security
Hi All,
While exploring our Customer community, I had the following observations and I am not sure whether every org faces these or we are the only ones or if we are doing something wrongly here.
Background - We have a Customer community and we use the Overage High Volume Customer Portal license for providing access to Customers.
The observations -
1. External OWD seems to affect the High-Volume users while its a general belief that none of the sharing settings apply to HV users as they neither have a Role nor can be part of Public Groups.
2. Our Community has several VF pages exposed on it and the entire look and feel is customized (no standard stylesheets). We have just exposed the Home tab on Community and no other tabs. All standard tabs like Account, Contact, Case etc. are hidden on the profile associated with these HV users. Still if an authenticated community user types in the standard Salesforce URL patterns, they are able to view these tabs along with the data (as per the external OWD, if their profile provides them at least Read permission on the object). For e.g. typing "/500/o" would take him to the Cases tab, "/001/o" would take him to the Accounts tab and so on. They can also type in the Id of any record and reach the detail page (if they don't have access, insufficient privileges page). All these standard URLs display the pages with standard community styling.
The issue is why are the users able to access tabs by typing in the URLs when their profile has those tabs as hidden ?
It seems to be a very serious issue and I expect that I am not the only one who's facing it (please do not assume you don't have it unless you have explicitly checked/tried to reproduce). What is the use of having a custom styling when such behavior destroys the uniform experience that a Customer is supposed to have and there are chances of exposing data that they are not supposed to see (they should see what has been exposed via VF pages on Community).
If you faced the same issue, how did you work-around this ? or if you are facing the same issue, how do you plan to mitigate it ?
While exploring our Customer community, I had the following observations and I am not sure whether every org faces these or we are the only ones or if we are doing something wrongly here.
Background - We have a Customer community and we use the Overage High Volume Customer Portal license for providing access to Customers.
The observations -
1. External OWD seems to affect the High-Volume users while its a general belief that none of the sharing settings apply to HV users as they neither have a Role nor can be part of Public Groups.
2. Our Community has several VF pages exposed on it and the entire look and feel is customized (no standard stylesheets). We have just exposed the Home tab on Community and no other tabs. All standard tabs like Account, Contact, Case etc. are hidden on the profile associated with these HV users. Still if an authenticated community user types in the standard Salesforce URL patterns, they are able to view these tabs along with the data (as per the external OWD, if their profile provides them at least Read permission on the object). For e.g. typing "/500/o" would take him to the Cases tab, "/001/o" would take him to the Accounts tab and so on. They can also type in the Id of any record and reach the detail page (if they don't have access, insufficient privileges page). All these standard URLs display the pages with standard community styling.
The issue is why are the users able to access tabs by typing in the URLs when their profile has those tabs as hidden ?
It seems to be a very serious issue and I expect that I am not the only one who's facing it (please do not assume you don't have it unless you have explicitly checked/tried to reproduce). What is the use of having a custom styling when such behavior destroys the uniform experience that a Customer is supposed to have and there are chances of exposing data that they are not supposed to see (they should see what has been exposed via VF pages on Community).
If you faced the same issue, how did you work-around this ? or if you are facing the same issue, how do you plan to mitigate it ?
1. Modified the External OWD for most objects to Private.
2. Created Sharing Sets to share data with High-Volume users as required (especially for Cases created by them, its a must).
3. Created custom redirects to redirect users trying to view standard URLs to Community homepage. Salesforce does not accept wildcards in redirects and hence it is not scalable.
All Answers
I had faced the similar issue with one of my previous client. I was frustrated and got convinced that, Salesforce behaves like that.
We had overridden the Account tab with a Visualforce page which has a functionality to check the log in user can/can't see the standard tab based on their profile. Show a message If the user is not supposed to see the page or navigate him/her to the tab.
See if the same solution suit you.
Thanks,
Aravind
We thought about this but it does not seem easily scalable to me as each tab (whose associated object is readable) would require it to be overridden.
Also, its not limited to tabs but even list view and detail pages can be accessed via URLs.
1. Modified the External OWD for most objects to Private.
2. Created Sharing Sets to share data with High-Volume users as required (especially for Cases created by them, its a must).
3. Created custom redirects to redirect users trying to view standard URLs to Community homepage. Salesforce does not accept wildcards in redirects and hence it is not scalable.