Skip to main content

I’m having trouble getting reference fields to save on a force.com site page - is a site ‘Guest User’ able to save data contained in reference fields if the object being looked up is not explicitly available to the Guest User profile?


ie…


The conditions I have on the feedback model are as pictured:



I’ve tried quite a few different combinations of conditions here, but can’t seem to get it to work for the site’s Guest User profile.


Do I need to expose the Account object to the site’s Guest User profile? (Which I would prefer not to do) or is there some particular condition I have missed?


Thanks, Greg

if that profile does not have access to the account object the lookups will be always empty (because that profile cannot read accounts).

Before continue reading, please note that I’m just discovering the sharing rules and all the things with not internal users, so the information can not be accurate or wrong.

I think you have 3 options here: 

  • Give read on accounts (and don’t share any account with that user / group so he can use the object, but no data is shared with him (I think a user has automatically shared the account of his/her contact). I don’t know how this will work if you try to put an account that is not shared with the user in the lookup, probably will fail (the record does not exist for that user)

  • Use apex. I think apex does not look at the permissions in profiles,(I’m not really sure of this). you can store the data on text fields and with a trigger update the account, or schedule a batch to set the account in all the feedbacks without account

hope it helps (and hopping the info is accurate)


Thanks Pablo. 

I’ve considered the apex option - we would need to add text fields to the Feedback object where we capture the id url parameters, and then when the record is saved we use Apex to populate the lookup fields using those ids - but I’d prefer to stay away from that as it’s harder to maintain as a long-term solution for the client in this case.

And I’d prefer not to give public site users read access to all Accounts on the site - whilst its ‘low risk’ it does technically expose ALL the Account data publicly, which isn’t ideal.


Just a quick update on this - I ended up having to go down the apex trigger path to update these reference fields behind the scenes. There didn’t seem to be a way to do it using the UI as I didn’t want to grant read access accounts on that force.com site. The trigger is working nicely for the site Guest User profile.


Reply