Salesforce Winter '20 Release: Critical Updates

Salesforce has announced two critical updates to be released at the beginning of 2020. The administrator of the CT Mobile package must perform additional configuration for the current profiles before the update is released, otherwise, the CT Mobile package’s proper functioning will be impossible.

Announced Critical Updates

Require Customize Application permission for direct read access to custom settings

Currently, users without Customize Application permission can read custom settings using different APIs that Salesforce provides. Following the "secure by default" approach, read access for users without Customize Application permission will be revoked with this update.

The system administrator needs to perform the actions that are described in this article to allow access to custom settings to non-admin CT Mobile users (via profiles or permission sets).

3 January 2020

Require Customize Application permission for direct read access to custom metadata types

Currently, users without Customize Application permission can read unprotected custom metadata types using different APIs that Salesforce provides. Following the "secure by default" approach, read access for users without Customize Application permission will be revoked with this update.

The system administrator needs to perform the actions that are described in this article to explicitly grant access to custom metadata types to non-admin CT Mobile users (via profiles or permission sets).

17 February 2020

You can allow direct read access to custom settings and custom metadata types by editing:

  • Profile settings. Configure each profile separately, or you can edit a permission set and assign it to all users you want to grant read access to.

  • Permission Set settings. To avoid manually configuring a new permission set, assign the preconfigured permission sets to users or administrators and perform a full synchronization.

Impacted Functionality

Since all settings for the CT Mobile package are stored within the custom settings and custom metadata types, if the required permissions are not set for appropriate profiles, any type of synchronization will not be available.

Recommended Actions

To avoid possible issues, we recommend you perform a test configuration for your package before the automatic updates take place. The update can be manually activated and rolled back after testing.

Follow the instructions below to set up desired profiles and check proper package functioning.

  • Use the sandbox to perform testing.

  • If you encounter any issues, please, address them to Salesforce support immediately.

Grant Permissions to Custom Settings

Via Profile Settings

To set up permissions or direct read access to custom settings for a profile:

  1. Go to Setup → Users → Profiles.

  2. Click Edit next to a profile you want to configure.

  3. Go to the Enabled Custom Setting Definitions Access section.

  4. Click Edit.

  5. Select the following Available Custom Setting Definitions from the list:

    • all package custom setting definitions with the CT Mobile prefix;

    • all project-specific custom setting definitions (any additional non-package custom settings added by the company’s admin);

    • the Digital Signature Settings custom setting definition (if the Documents module is used on your project).

      custom set

  6. Click Add.

  7. Click Save.

The setup is complete. Assign the newly configured profile to the required users.

Via Permission Set Settings

To set up permissions for direct read access to custom settings for a permission set:

  1. Go to Setup → Users → Permission Sets.

  2. Select a permission set that you want to configure, or create a new permission set.

  3. On the Permission Set Overview page that opens, scroll to the Apps section and click Custom Settings Definitions.

  4. On the next page, click Edit next to the Custom Settings Definitions.

  5. Select the following Available Custom Setting Definitions from the list:

    • all package custom setting definitions with the CT Mobile prefix;

    • all project-specific custom setting definitions (any additional non-package custom settings added by the company’s admin);

    • the Digital Signature Settings custom setting definition (if the Documents module is used on your project).

      custom set

  6. Click Add.

  7. Click Save.

The setup is complete. Assign the newly configured permission set to the required users.

Grant Permission to Custom Metadata Type

Via Profile Settings

To set permission for direct read access to custom metadata types for a profile:

  1. Go to Setup → Users → Profiles.

  2. Select a profile.

  3. Go to the Enable Custom Metadata Type Access section.

  4. Click Edit.

  5. Select the following Available Custom Metadata Types:

    1. package metadata types:

      • CT Mobile.clm.CT Mobile.Replication

      • CT Mobile.clm.CT Mobile.Workflow

      • CT Mobile.clm.CT Mobile.Workflow Step

    2. all project-specific metadata types (any additional non-package metadata types).

      custom meta type

  6. Click Add.

  7. Click Save.

The setup is complete. Assign the newly configured profile to the required users.

Via Permission Set Settings

To set up permission for direct read access to custom metadata types for a permission set:

  1. Go to Setup → Users → Permission Sets.

  2. Select a permission set that you want to configure, or create a new permission set.

  3. On the Permission Set Overview page that opens, scroll to the Apps section and click Custom Metadata Types.

  4. On the next page, click Edit next to the Custom Metadata Types.

  5. Select the following Available Custom Metadata Types:

    • package metadata types:

      • CT Mobile.clm.CT Mobile.Replication

      • CT Mobile.clm.CT Mobile.Workflow

      • CT Mobile.clm.CT Mobile.Workflow Step

    • all project-specific metadata types (any additional non-package metadata types).

      custom meta type

  6. Click Add.

  7. Click Save.

The setup is complete. Assign the newly configured permission set to the required users.

``