Configure Data Access for Your Site

Learning Objectives

After completing this unit, you’ll be able to:

• Configure data access using sharing rules.
  
• Configure data access using custom settings.
  
• Set object and field permissions and Visualforce access for your website visitors.
  

Let’s Get Ready to Configure

Now that we’ve enabled Salesforce Sites and created our site, it’s time to get into the details of configuration.

It may seem like a lot of steps to get your site set up, but remember this is a one-time setup process. After you’ve configured the correct access, you don’t need to touch these configurations again—you can just kick back and watch as your volunteers sign up and their data flows right into Salesforce.

Let’s go!

Configure Data Access Using Sharing Rules

On your Volunteers for Salesforce (V4S) website, volunteers can update their contact information and sign up to volunteer. But in order for them to be able to do those things, they need access to account, contact, and campaign records and fields.

Sharing is the general term that describes how you control who sees what in Salesforce. Sharing settings control users' access to Contact, Account, Campaign, Volunteer Jobs, and the other objects V4S uses. 

Sharing rules make exceptions to your organization-wide sharing settings for a selected set of users. We'll create sharing rules to extend access to the guest users who visit our volunteer website. 

If you haven’t had a chance to dive into the details of how Salesforce data access works, check out the links in the Resources section for an overview. The V4S documentation, also linked in the Resources section, walks you through this step in detail. 

Let’s create sharing rules to give guest users the access they need to view and sign up for volunteer shifts. 

Define Campaign Sharing Rules

For volunteer jobs and their related shift and hours records to display on the V4S site, the campaign record must be shared with the Site Guest User profile.

1. Click the Setup gear (), then click Setup.
   
2. Enter Sharing Settings in the Quick Find box, then click Sharing Settings.
   
3. Scroll to the Campaign Sharing Rules related list and click New.
   
4. In Label, enter Volunteers Site Guest User.
   
5. Salesforce fills in the Rule Name field for you. Leave that as is.
   
6. In the Rule Type field, select Guest user access, based on criteria.
   
7. Select the records to share. Configure the first criteria row with these details.
   

• Field: Active
  
• Operator: equals
  
• Value: True
  

8. Configure the second criteria row with these details
   

• Field: Campaign Record Type
  
• Operator: equals
  
• Value: Volunteer Campaign
  

9. In the Select the users to share with section, select Volunteers Site Guest User (your site name might be different).
   
10. In the Select the level of access for the users section, set Campaign Access to Read Only.
    
11. Click Save.
    

Define Account Sharing Rules

For a Site Guest User to view and update their contact information or sign up to volunteer, they need access to their contact record. By default, the organization-wide sharing setting for contacts is Controlled by Parent. Since the parent object of the contact is the Account object, we'll set up a sharing rule on the Account.

If your organization-wide sharing setting for contact is not Controlled by Parent, you may need to create a sharing rule for contacts.

Remember: This is just an example. Create a sharing rule for your org that accommodates your specific language or field criteria.

1. In Sharing Settings, find the Account Sharing Rules related list and click New.
   
2. In the Label field, enter Volunteers Site Guest User.
   
3. In the Rule Name field, leave the default Rule Name field value as is.
   
4. In the Rule Type field, select Guest user access, based on criteria.
   
5. Select the records to share. Because No More Homelessness (NMH) is also using Nonprofit Success Pack (NPSP) and the Household Account model, NMH’s admin, Gorav, wants to filter on that record type in the first criteria row.
   

1. Field: Account Record Type
   
2. Operator: equals
   
3. Value: Household Account
   

6. In the Select the level of access for the users section, set Default Account and Contact Access to Read Only.
   
7. Click Save.
   

Configure Data Access Using Custom Settings

A Site Guest User may already be entered as a contact in your org, or they may be a brand new contact. Configure the Volunteer Settings custom setting to allow guest users to update their existing contact information, or to have V4S create a new contact if no match exists.

1. From Setup, enter Custom Settings in the Quick Find box, then select Custom Settings.
   
2. Click Manage next to Volunteer Settings.
   
3. Click New before Default Organization Level Value. If this area already contains settings, click Edit.
   
4. Select these settings:
   

• Grant Guest Users Update Access
  
• Signup Creates Contacts If Not Match
  
• Signup Matches Existing Contacts
  

5. Click Save.
   

Configure Data Access for Visualforce Pages Using Profiles

Now we need to make sure that our Volunteers profile can access the V4S Visualforce pages and has the right permissions for all objects that V4S touches. 

We’ll start with the Visualforce pages, which are custom-built pages for the volunteer calendar, volunteer sign-up page, and much more.

1. Go back to Sites in Setup by entering Sites in the Quick Find box then selecting Sites.
   
2. Click the site label for your site. We labeled it Volunteers in our example.
   
3. On the Site Details page, click Public Access Settings.
   
   
4. Scroll to the Enabled Visualforce Page Access section or click the navigation link at the top of the page.
   
   
5. In the Enabled Visualforce Page Access list, click Edit and add the following pages to the Enabled Visualforce Pages list.
   

• GW_Volunteers.JobCalendar
  
• GW_Volunteers.PersonalSiteContactInfo
  
• GW_Volunteers.PersonalSiteContactLookup
  
• GW_Volunteers.PersonalSiteJobCalendar
  
• GW_Volunteers.PersonalSiteJobListing
  
• GW_Volunteers.PersonalSiteReportHours
  
• GW_Volunteers.PersonalSiteTemplate
  
• GW_Volunteers.PersonalSiteTemplateEspanol
  
• GW_Volunteers.VolunteersJobListing
  
• GW_Volunteers.VolunteersJobListingFS
  
• GW_Volunteers.VolunteersReportHours
  
• GW_Volunteers.VolunteersSignup
  
• GW_Volunteers.VolunteersSignupFS
  
  

6. Click Save.
   

Almost there! Just a few more steps.

Configure Data Access for Object and Field Permissions Using Profiles

Now let’s set the object and field permissions.

To start, click Edit on the Volunteers Profile page, then scroll to Standard Object Permissions. (If you navigated away from the Volunteers Profile page, you can find it by clicking Public Access Settings on the Volunteers site page.)

Use this table to set Read or Create permissions for the standard objects V4S needs to access.

Once you're done setting permissions for the standard objects, scroll to the Custom Object Permissions section and repeat the process with the objects using this table as a reference.

Note

Permission on the Household object is only needed if you’re using one of the legacy NPSP account models (Individual Bucket and One-to-One Individual). If you're not sure what account model you’re on, check in NPSP Settings > People > Account Model.

Click Save.

Now that the object permissions are set, it’s time to check field permissions. In the Field-Level Security section of the Volunteer Profile page, click View next to each of the objects listed above to verify that all volunteer-related fields have Read and Edit permissions selected. You won’t be able to select Edit for read-only fields.

For example, these are some of the volunteer fields on the Contact object.

If any of the volunteer fields don’t have Read and Edit access, click Edit, select Edit Access, then Save your changes. Repeat for each standard and custom object listed in the tables above.

In the next unit, we’ll set the default time zone then test all of our hard work.

Resources

• Salesforce Help: Website Integration—A Tag Team Event
• Salesforce Help: Set Up Your Salesforce Site
• Salesforce Help: Volunteers for Salesforce (V4S) Documentation
• Trailblazer Community Group: Volunteers for Salesforce (V4S) App
• Salesforce Help: Salesforce Sites
• Trailhead: Data Security