function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
InfantInfant 

Looking for a Best Practice

Hi,

 

We have developed an application on Salesforce. Now based on that application we have created Sites (website) to allow users to check their details or to enter data.

 

I have created CUSTOMISED TABS and attached VisualForce Pages to those, and have used custom controls.

 

I have a doubts / questions, in every Visual Page after login into the site, to display informations from the custom objects of the particular individual who has logged in (i.e only data related to the person who has logged in),  i am first checking the userid from the user object, then from their checking the account name from contact objects and then from their checking the id of the from the account object and then finally retrieving the data from the custom objects (i have pasted the sample code).

 

public LIST<CUSTOM_OJECT> getServBaseList()
    {
       User usr = [select email from user where id = :userinfo.getUserID()];
       contact y= [select account.name from contact where email= :usr.email];
       account a = [select id from account where name = :y.account.name];
         
        return [select name from CUSTOM_OJECT where som__Account__c = :a.id];

    }

Now is it possible to get the id (like the one i get from account object above) directly, the way we get the id while using application from the Salesforce environment.

 

What is the best practice to handle such a scenario. Plss help

Best Answer chosen by Admin (Salesforce Developers) 
BulentBulent

You might want to set the sharing settings properly rather than trying to implement security via apex. 

In portal users are limited to access information tied to their account.

Also by enabling private sharing you can restrict users to see the data that they own or data that are shared with them. 

All Answers

Edwin VijayEdwin Vijay

If you access your SF site as a public user then according to Salesforce you will be logged in as the Site Guest User with the Site Profile which creates automatically when you create a site..

So your first query would return the Id of the Site Guest user always.. Hope this gives some insight!!!

If you say that you would like users to login to your site then you must have Customer Portal enabled

InfantInfant

thanks edwin,

 

yes i am using site server using Custom Portal. Actually the confusion i have is, to access any records from the custom objects in case of SITE SERVER (i.e website) i am need to first get the userid (from the user object) and based on that, i go about getting the the id from the account object (pls check the code i have pasted).

 

My confusion is, is there a way to access the id from the Account Object directly (like you have command/instruction

:ApexPages.currentPage().getParameters().get('id')), instead of going through 3 steps.

BulentBulent

You might want to set the sharing settings properly rather than trying to implement security via apex. 

In portal users are limited to access information tied to their account.

Also by enabling private sharing you can restrict users to see the data that they own or data that are shared with them. 

This was selected as the best answer