How do I remove the March 2020 Security Updates
In March 1st, 2020, Salesforce is performing a security update that phases our the guest security access on public sites. You can learn more about the rollout plans at Securing Community Cloud community group.
For Payments2Us, this means that the update will stop our online forms from being able to perform crucial updates.
We have been aware of this since November 2019 and made a release available in January 2020 that addresses this. All customers have been notified multiple times starting from November, again in January and also in February.
Our latest release has updates that work well with the Salesforce security updates. Our recommended approach is to install the updates as per the procedure 7.6 Security Improvements Testing
This procedure is for those organisations that have implemented the latest release by the due date, or have performed the release, but have found other Apps installed in their instance do not work
The below steps only apply if you've previously gone through enable Payments2Us to work with the new security updates. If this has never been done, you can continue to step 2.
Click the 9 dots in the top right corner. Then search for "Merchant Facility"
Note, it is Salesforce's intention to not allow this step being performed from approximately May 2020. You'll need to be on the latest version of Payments2Us by then and to have completed all of the post install steps as as per the procedure 7.6 Security Improvements Testing
Click Edit and scroll towards the bottom of the screen
Unselect "Site guest user record access" and save.
NOTE: If the "Sites guest user record access" field is greyed out and not selectable, then you'll need to first remove ALL criteria based sharing that has been setup. To do this, cancel this screen, then scroll down and see the related criteria based sharing rules. If Payments2Us sharing rules install procedure had previously been completed, you'll need to delete all of those.
It is only those sharing rules that have been previously setup with "Guest user access, based on criteria" set. Other types of sharing should not impact. If having issues, please contact Salesforce Support.