Apex Code Development You need to sign in to do that
Don't have an account?
Michael Kolodner 15 Site Guest User Potentially Accessing Records?
My client has a community that was created by a previous partner. There should be no non-authenticated access to the community. (Site Guest User, while it exists, because it has to, should not have any access to records. I'm relatively confident that the Site Guest User can't log in and couldn't access any records even if it could.) A few weeks ago I built a screen flow to put on Contact and Case pages to display a message. Once that flow was activated, we have started to get infrequent flow errors indicating that Site Guest User initiated the flow interview and that it errored because the record it was trying to look up isn't found (isn't accessible to the Site Guest User due to sharing settings). Error comes just a handful of times--maybe 5 in a week. But we can't figure out under what circumstances a Site Guest User would even be trying to access a record at all. I can't reproduce because if I try to access the site unauthenticated, I never get beyond the login screen. (Copying URL for a contact and then going directly without authenticating immediately goes to the login screen and does not trigger the error.) Need help figuring out the circumstances that cause the error. Here is the full text of one of the error emails:
Flow Details
Flow API Name: Community_Contact_Display_TANF_Warning
Type: Screen Flow
Version: 4
Status: Active
Org: Denton County Friends of the Family (00D0b000000vJB9)
Flow Interview Details
Interview Label: Community_Contact_Display TANF Warning 8/19/2020 10:09 PM
Current User: DCFOF Client Cases Site Guest User (0050b000005Zm5v)
Start time: 8/19/2020 10:09 PM
Duration: 0 seconds
How the Interview Started
DCFOF Client Cases Site Guest User (0050b000005Zm5v) started the flow interview.
Some of this flow's variables were set when the interview started.
varContactId = 0030b00002Ucz8sAAB
FAST LOOKUP: Look_up_Contact
Find all Contact records where:
Id Equals {!varContactId} (0030b00002Ucz8sAAB)
Store those records in {!varContact}.
Save these field values in the variable: Id, TANF_out_of_date__c
Result
Failed to find records.
Error Occurred: This error occurred when the flow tried to look up records: SELECT Id, TANF_out_of_date__c FROM Contact WHERE ((Id = '0030b00002Ucz8sAAB')) ^ ERROR at Row:1:Column:37 sObject type 'Contact' is not supported. If you are attempting to use a custom object, be sure to append the '__c' after the entity name. Please reference your WSDL or the describe call for the appropriate names.. You can look up ExceptionCode values in the SOAP API Developer Guide.
Flow Details
Flow API Name: Community_Contact_Display_TANF_Warning
Type: Screen Flow
Version: 4
Status: Active
Org: Denton County Friends of the Family (00D0b000000vJB9)
Flow Interview Details
Interview Label: Community_Contact_Display TANF Warning 8/19/2020 10:09 PM
Current User: DCFOF Client Cases Site Guest User (0050b000005Zm5v)
Start time: 8/19/2020 10:09 PM
Duration: 0 seconds
How the Interview Started
DCFOF Client Cases Site Guest User (0050b000005Zm5v) started the flow interview.
Some of this flow's variables were set when the interview started.
varContactId = 0030b00002Ucz8sAAB
FAST LOOKUP: Look_up_Contact
Find all Contact records where:
Id Equals {!varContactId} (0030b00002Ucz8sAAB)
Store those records in {!varContact}.
Save these field values in the variable: Id, TANF_out_of_date__c
Result
Failed to find records.
Error Occurred: This error occurred when the flow tried to look up records: SELECT Id, TANF_out_of_date__c FROM Contact WHERE ((Id = '0030b00002Ucz8sAAB')) ^ ERROR at Row:1:Column:37 sObject type 'Contact' is not supported. If you are attempting to use a custom object, be sure to append the '__c' after the entity name. Please reference your WSDL or the describe call for the appropriate names.. You can look up ExceptionCode values in the SOAP API Developer Guide.
The visual workflow runs with the security settings of the current user. Make sure the user has CRUD and FLS access to the object/fields and that should help you.
Thanks,
Vinay Kumar
So there a few options here.
I recently had a similar situation where I was hired to work on a community that had initially been set up by someone else
Since it was previous partner you may have to do some digging...
Is the page is truly not navigable to an unauthenticated user?
Are there ANY public pages in the community/experience other than the login screen?
Is there a hyperlink on any public page that might direct an unauthenticated user to a page that they wouldn't otherwise be able to navigate to?
Is there a link anywhere else on the web (the organization's main webpage perhaps) to this page?
Is the standard Flow Community page public?
Is that flow run from a different custom page? If so, is that page public?
Even though there is no way to navigate within the site to the page, if it is public, directly entering the url would still take them there.
I am not sure if a search result on the web might point to the page if it is public.
Does the community use audience targetting that might be allowing a the site guest user access to any given page or component?
https://help.salesforce.com/articleView?id=sf.community_builder_page_visibilty_overview.htm&type=5#community_builder_page_visibility_overview (https://help.salesforce.com/articleView?id=sf.community_builder_page_visibilty_overview.htm&type=5#community_builder_page_visibility_overview)
Let me know if this helps, if you figure it out or have any other questions!
Good Luck!