function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Erica DeanErica Dean 

Field Sets are not Maintaining Security Settings

1. Brief description of the issue:

We have a field set that is used to drive the fields displayed on an external site view page accessible by the guest user. The field set contains fields to which the guest user does not have read access, but they are still visible on the site.

4. Exact replication steps:

The fields have been removed from the field set, so they will need to be added first (client is okay with this).

1. Setup > Create > Objects > Project Task > Field Sets > Gantt Mouseover
2. Add Estimated Hours and Entered Hours to the Field Set
3. Save Field Set

1. Navigate to External View for a Project (http://bluewaterlearning.force.com/externalprojectview?id=a0Yd0000006CTHg)
2. Scroll to Gantt Chart
3. Hover mouse over project task bar within the Gantt chart)
4. View Estimated Hours and Entered Hours Fields

To confirm Security:

1. Navigate to Site to view Public Access Users. Setup > Develop > Sites > CloudCoach Project View > Public Access Settings
2. Scroll to Field Level Security for Project Tasks and note that no access has been granted to the Entered Hours or Estimated Hours fields

1. Navigate to Site to view Public Access Users. Setup > Develop > Sites > CloudCoach Project View > Public Access Settings > View Users > Site Guest User > Permission Sets > CCPE | Minimum User Permissions for External View.
2. Under Object Settings, open the Project Task object and note that no access has been granted to the Estimated Hours or Entered Hours fields.
logontokartiklogontokartik
Hi,

I looked at the force.com sites and I dont see Estimated Hours & Entered Hours fields, does something change recently?

User-added image
Erica DeanErica Dean
Hi, Thanks for responding. These fields are part of the CloudCoach application, but we are using standard SF field sets and security settings. The problem is not with these two fields specifically. The problem is that the guest user generating the link provided does not have access to those fields via profile or permission set; therefore, they should not be displayed. Does that make better sense? *Erica Dean* Product Specialist Cloud Coach [mobile] 843.209.0983 www.CloudCoach.com Everything you love about Salesforce now for Project Management
logontokartiklogontokartik
Yes, I understand that Guest User should not be able to see the fields when accessing the http://(http://bluewaterlearning.force.com/externalprojectview?id=a0Yd0000006CTHg site, and yes when I access the site, I am the guest user and I dont see those 2 fields.

Can you confirm if you are accessing the site as guest user? Also, can you try accessing the link in a different browser?  
Erica DeanErica Dean
My apologies. Those fields were pulled from the field set as my client didn't want their client seeing those values. They've been added back to the field set. Are you able to view them now? *Erica Dean* Product Specialist Cloud Coach [mobile] 843.209.0983 www.CloudCoach.com Everything you love about Salesforce now for Project Management
logontokartiklogontokartik
I still dont see them,  I think the security is working as expected, it might be maybe that you are accesing the site as admin user or you might have an old copy cached in your browser. 

Even on the table at bottom I dont see them

User-added image
Erica DeanErica Dean
My apologies again. I added those fields to the wrong field set. Please check the hover text within the Gantt chart. You'll now see those two fields as visible. *Erica Dean* Product Specialist Cloud Coach [mobile] 843.209.0983 www.CloudCoach.com Everything you love about Salesforce now for Project Management
Erica DeanErica Dean
This still seems to be an issue.  Any additional insight?