With recent changes to permissions relating to Salesforce custom settings you may find that your Salesforce application now rejects access to certain features with an error like this:
Insufficient Read access on field MyField__c on object My_Custom_Setting__c
Let’s take a look at why this is happening and how to get your site up and running again.
Why has there been a change?
Salesforce is always updating their security model to ensure that data in orgs are protected and features are as secure as possible. As a result, you may find that with each new Salesforce release there are corresponding changes required on a package or org configuration.
What has changed?
In the Winter ’20 release Salesforce introduced a critical update that restricted access to custom settings and custom metadata types to users without the ‘Customize Application’ permission.
Salesforce also announced that this critical update would be enabled for everyone with the Spring ’20 release, which has recently been deployed to all orgs.
Previously the user with access to your package would be able to reference values stored in custom settings via Apex, but with the implementation of the change they no longer have permission to do so, resulting in the error shown above.
This issue could affects any user type, including those accessing the custom settings via a guest user profile in Salesforce sites.
For more information on this change, follow this link: https://releasenotes.docs.salesforce.com/en-us/winter20/release-notes/rn_forcecom_custom_setting_perms.htm?edition=&impact=
How can I fix it?
There are three ways to resolve this issue that would allow access to custom settings for the user.
- Enable custom setting definitions on the profile. For public custom settings this will allow the user with this profile to access the custom setting. See the link above for more information.
- Enable access to all custom settings for the user profile or associated permission set. This will keep the restriction in place but will allow the user to access the required custom settings. This will still respect the defined public / protected status of the custom setting.
To enable access, navigate to the profile / permission set and enable the ‘View All Custom Settings’ checkbox.
- Remove the restriction on custom settings access. This will allow all users to access the values and will still respect the defined public / protected status of the custom setting.
The restriction can be removed by navigating to Admin -> Schema Settings and deselecting ‘Restrict access to custom settings’.
What can I do to prevent this in the future?
As the Salesforce platform is constantly evolving, it is important to keep up-to-date with the latest news and developments in order to be aware of any changes that may affect your packages or orgs. This information is freely available online by searching for ‘Salesforce Release Notes’ periodically, and carefully reading the available documentation.
Alternatively, why not let Appsolutely worry about this for you by signing up for a managed services contract today?