Hello!

Has anybody run into an issue with using encrypted fields in VF pages in a Chatter action?

We've found that we can read encryped fields just fine in our VF page, but as soon as we put it in the Chatter action, we lose the ability to decrypt it in the code.  Please take a look at the attached screenshots of a page we made just to prove the issue.  Notice how the Chatter action in the classic web shows the encrypted value, while everywhere else it works correctly.





Here is the code for this page, in case there might be something we are doing wrong:

VF PAGE CODE:

<apex:page controller="TestABC">
 <apex:outputText value="{!privateDestinationAuthToken }" /> 
</apex:page>

APEX CONTROLLER CODE:
 

global with sharing  class TestABC{
    public static uStudioApi api {
        private get;
        private set;
    }
    @TestVisible
    public static String privateDestinationAuthToken {
        get;
        private set;
    }
    static{
         api = uStudioApi.getAutoProvisionedInstance();
         privateDestinationAuthToken = api.getChatterAuthToken();
    }
}

Any help would be very appreciated!!!

Thanks,

Joseph

I tried the example for Unbound Expressions, {#v.parentAttr} in particular, in this Trailhead module (https://developer.salesforce.com/trailhead/lightning_components/lightning_components_expressions) and it doesn't seem to work.  It just renders the literal string "{#v.parentAttr}"

The bound expression, {!v.childAttr}, works correctly and renders the expression value.

Has anyone gotten the unbound expression to work correctly?

 

Hello!

Has anybody run into an issue with using encrypted fields in VF pages in a Chatter action?

We've found that we can read encryped fields just fine in our VF page, but as soon as we put it in the Chatter action, we lose the ability to decrypt it in the code.  Please take a look at the attached screenshots of a page we made just to prove the issue.  Notice how the Chatter action in the classic web shows the encrypted value, while everywhere else it works correctly.





Here is the code for this page, in case there might be something we are doing wrong:

VF PAGE CODE:

<apex:page controller="TestABC">
 <apex:outputText value="{!privateDestinationAuthToken }" /> 
</apex:page>

APEX CONTROLLER CODE:
 

global with sharing  class TestABC{
    public static uStudioApi api {
        private get;
        private set;
    }
    @TestVisible
    public static String privateDestinationAuthToken {
        get;
        private set;
    }
    static{
         api = uStudioApi.getAutoProvisionedInstance();
         privateDestinationAuthToken = api.getChatterAuthToken();
    }
}

Any help would be very appreciated!!!

Thanks,

Joseph

We believe this is a bug with Field-Level Security within managed package updates.

Steps to reproduce:
Install a managed package that has a managed object without a managed Type__c field (namespaced).
Create your own Type__c field (not namespaced) on that managed object.
Install a new version of the same managed package that contains a Type__c field (namespaced) on the same managed object - make sure to select "Grant access to all users" on the security step. This is supposed to give full access to all new components, including new fields.
See that FLS is not set for the managed Type__c field.