KI-18
Critical Update Regression: Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile
Key/Summary | KI-18 Critical Update Regression: Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile | Status | Done |
Created | 09/18/2019 | Updated | 12/19/2019 |
Description | The Winter 20 release of Salesforce.com includes a new Critical Update that, when enabled, results in exceptions to be thrown within the application for several user actions. The critical update in question is "Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile" ( https://releasenotes.docs.salesforce.com/en-us/winter20/release-notes/rn_lc_restrict_apex_authenticated_users.htm ) | ||
Impacted Capabilities | Affected Apps | Medical Information Cloud - Classic Medical Information Cloud - Lightning | |
Affects Versions | Fix Version | V8 | |
Steps to Reproduce | 1. Enable the critical update 2. Attempt to generate an Interaction Snapshot as an MIC User (not admin) 3. Observe the error message indicating something similar to: You do not have access to the Apex class named 'MED_RunDDPCtrl'. | ||
Workaround | Grant access to the following apex classes to the MIC Users. This can be done either through the use of a permission set OR at the User profile level. Impacted classes are as follows: - MED_AsyncApexJobCtrl - MED_CloseInteractionCtrl - MED_E2BGenerateCtrl - MED_InstalledProductsCtrl - MED_HomePageController - MED_LightningLookupCtrl - MED_RunDDPCtrl - MED_UploadFileCtrl | ||