With the Winter '21 release, Salesforce is actively de-assigning permission sets that contain the View All Data, Modify All Data, Edit, and Delete permissions for Site Guest Users in existing Salesforce orgs. More information can be found here.
For FinDock, this means that permission sets PaymentHub Integration Base and ProcessingHub Operations will be automatically removed from any Site Guest User. This removal prevents the FinDock Payment API form functioning.
To ensure continued operation of the FinDock Payment API, we are executing the following plan:
- The ProcessingHub package (v2.17.1 or higher) will contain a new permission set FinDock Site Guest User. This permission set replaces PaymentHub Integration Base and ProcessingHub Operations for the Site Guest User only.
- When ProcessingHub v2.17.1 is installed, the permission set FinDock Site Guest User is auto-assigned to every Site Guest User in the org that already has an assignment to one of the above mentioned permission sets.
- ProcessingHub v2.17.1 will be pushed proactively to all sandboxes and production orgs on 04 October 2020.
We have also reviewed all PSP package permission sets for any occurrences of View All, Modify All, Edit and Delete permissions. The packages Axerve for FinDock, SIX Saferpay for FinDock and PayPal for FinDock had one or more of these permissions.
We are in the process of resolving this by removing these permissions from the permission sets and carefully testing the new version. We will reach out to affected customers directly.
Do you need to take actions for production orgs?
If you are not using Axerve, SIX Saferpay or PayPal extensions, no action is required. With the automatic deployment of the ProcessingHub package update, you are all taken care of.
If you are using any of these three payment extensions, you need to manually install an update. We are providing specific instructions via email to affected customers.
Do you need to take actions for sandboxes?
The new FinDock Site Guest User permission set and the auto-assignment were implemented after your sandboxes got upgraded to Winter '21. This means that you will need to manually assign the FinDock Site Guest User permission set to your Site Guest User.