It has been raining all week. My little brother is taking long afternoon naps (boring!), and I need something to do. So, I'm re-doing the Security Specialist Superbadge on Trailhead. I am working in my new "office." Even Mom can not find me here! It's perfectly sized!
Hint: Clone the "Standard User" profile! You will only have to change a few settings to pass the challenge.
A frustrating error:
Unlike most Superbadges, the order in which the steps are completed matters to pass this challenge.
1) Sharing Rules
2) Apex Tests
3) Create Opportunities
4 Reassign OpportunitiesThis thread on the developer community provides more details.
One final hint for Challenge 2: Edit security configurations from the top down... Profile then Role then Group then Sharing Rules.
 |
| Bye! |
Hi, I always get
ReplyDeleteThe Inside Sales User does not appear to have the correct object permissions for Accounts and Opportunities.
What permissions I shout give to Inside Sales Users?
I don't want to list all of the permissions and give away the challenge, but here's a hint:
ReplyDelete* Two sharing rules.
If you have two sharing rules set up already, check the Inside Sales profile to make sure that the object permissions match the challenge requirements.
Still stuck? Leave a comment with what you have set up, and I'll take a look.
I've set up the Org-wide sharing setting for account & opportunity as follows:
DeleteAccount: Public Read/Write
Opportunity: Private
The Object-level security for the Field Sales User Profile includes the following
Account: Read - Edit - Delete - View All - Modify All
Opportunity: Read - Create - Edit
I still get the error "The Field Sales User does not appear to have the correct object permissions for Accounts and Opportunities."
Could you please help me with this issue?
thanks in advance!
Toby
Hi Toby - Sad news for you...the object permissions for Field Sales are not correct. (I'd guess you figured that one out already) :) Do something with account that is not "modify all or view all" This might be helpful:
Delete* Org wide default locks down the org to the tightest security
* Profiles open it up a bit
* Other things like sharing rules open up access even wide for specific groups of users
For the Challenge - Object Level Security: Do this
DeleteEdit > In Standard Object Permissions,
Remove the check from Delete for Account, also Remove the check from delete for opportunity>Save
Setup > Profile > New > Existing Profile = Standard User & profile name = Sales Executive User> Save
Now In Profile Detail click Edit > In Standard Object Permissions, Remove check from Create, Edit & Delete also Add Check for view all for Account, also Remove the check from Create, Edit & Delete also Add Check for view all for opportunity> Save
Setup > Role > Set up roles > In CEO press Add Role >Lebel = Sales Executive > Save
Setup > Role > Set up roles > In Sales Executive press Add Role > Label = Field Sales > Save
Setup > Role > Set up roles > In Sales Executive press Add Role > Label = Inside Sales > Save
Thank You.
I have completed all of the steps prior to running the Apex test. When I try to run the Apex test, there is no option for me to select the sb_security.BeAwesome test in the playground that I am completing the superbadge in. All that shows up under the "[All Namespaces]" is "th_con_app.PlaygroundInstallerTests" and "th_con_app.WelcomeFinderTests". However, if I log into my regular developer edition hands-on org, the "Apex test execution" allows me to select the "BeAwesome" test. But obviously I dont have any of the work for this superbadge in that org because it could screw up future work in there. How do I get the "BeAwesome" test on my trailhead playground?
ReplyDeleteThe apex tests are installed as a part of the package- I'd guess that you may have forgotten to install it.
DeleteNope I installed it before beginning any of the challenges while reading through the instructions. It is available in my default developer org/instance but not in the separate playground that I created for this super badge and have done all of my work in. Ive even followed all of the instructions from the link provided in the pre-work and notes section next to the install link.
Deletehmmm that is odd. Search set up for "installed packages." Is the "Trailhad Superbadge- Security" package there?
DeleteI got the same error. I have been on this superbadge for about 6 hours now. Extremely frustrated at getting stuck so many times.
DeleteNow when I click on Select Tests, it doesn't show any tests for me to select. Yes, Apex Classes shows the installed one, I did compile before I went into Apex Text Execution to Select and Run.
Switched to Salesforce Classic, went to Apex Classes and clicked Run all Tests, it went into Apex Test Execution and showed failed. It was failing at some line, unsure which. I tried to fix, didn't help.
I created a new DE, did everything fresh. My steps were different from Baby's however - Logged in as Samantha and created Opportunity, logged back in as me (DE admin) and created Sharing Rules, then Apex Tests. Again on Lightening it showed nothing when I clicked Select Tests. But I switched to classic and Lo and Behold! It showed 2/2 passed. I clicked Check Challenge and it passed!
Renewed energy now, guess I'll spend all of tomorrow again on this annoying superbadge!
i am getting following error:
ReplyDeleteThe sharing rule that shares Opportunities owned by Field Sales users with Inside Sales users does not appear to be setup correctly.
I dont know how to assign rules for project managers. I did created 2 sharing rules on account granting read/write permission for field sales user (opportunity - private) and inside sales user (opportunity - read/write). i am not able to pass apex test too.
There are 4 total sharing rules- 2 for account and two for opportunity. I'd do another review of the instructions.... and if you are still stuck, walk through this unit on trailhead:
Deletehttps://trailhead.salesforce.com/en/content/learn/modules/data_security/data_security_sharing_rules
when I'm assigning the permission set to inside sales user license is not accepting ( I used standard platform as user licence )
Deletesalesforce is not available for assigning as a user license
I stuck for long time at this user license please help me any one
Thanks in advance
DeleteCheck to see how many licenses you have available.
need help baby in apex test class?
ReplyDeleteHello Trailhead baby, I am completely stomped by this task and it's driving me bonkers. Like the user Devin, I could only access the correct Apex test sb_security.BeAwesome in the developer playground so I started from scatch but in there.
ReplyDeleteNow, once I executed every task in the list and when I run the test, the tests fail 0/2 and this is what's in the developer console:
"Class.sb_security.BeAwesome.createUser: line 133, column 1
Class.sb_security.BeAwesome.setup: line 124, column 1"
I've tried to do it in that specific order as well to no avail.
No idea, but I am happy to take a look if you want to share some details of what you have.
DeleteI'm getting the following as I'm trying to hopefully wrap this up on step 6: "Could not find just one PermissionSet enabled for 2FA." I've tried creating a new permission set just for 2FA but that didn't do it. I erased that and ensured my Field Sales profile has the Two-Factor Authentication for User Interface Logins checked.
ReplyDeleteA few things- Is the permission set assigned to Samantha? Yes- it should be a new permission set with two boxes checked. Nothing to adjust in the profile.
DeleteI have passed the Apex test and am still receiving the "We couldn't find the Sharing Rule that shares Opportunities owned by Field Sales users with Inside Sales users. Please check if the setup of this Sharing Rule is correct." message. I have done everything I can think of other than deleting everything and starting over. Do you have any suggestions on what to do?
ReplyDeleteCould you share what you have currently for the sharing rule?
DeleteHi
ReplyDeleteI am also stuck with the Data security challenge 2. Apex test failed. In my trailhead playground I have only 2 salesforce licence. I can't assign inside sales user and sales executive licences to the user. I really don't know what to do with it. Can you please help me.
Apex Error "System.QueryException: List has no rows for assignment to SObject"
Can you help me please? I have started this challenge over so many times. I have followed walkthroughs, started new trailheads and still can't get past the Apex test. I have spent too many hours and still can figure it out. I tried to paste the screen shot of my sharing rules, but it's not giving me the option. TIA!
ReplyDeleteHello- Happy to take a look if you would type some of the details of what you have.
Deletehi can you help me with this error its been 2 days since i am stuck on this !
ReplyDeleteApex Test Result Detail
Time Started 12/20/2019, 12:10 AM
Class BeAwesome
Method Name hugYourMother
Pass/Fail Fail
Error Message System.DmlException: Insert failed. First exception on row 0; first error: REQUIRED_FIELD_MISSING, Required fields are missing: [SolarBot__c]: [SolarBot__c]
Stack Trace Class.sb_security.BeAwesome.hugYourMother: line 72, column 1
Hi,
ReplyDeleteI am getting below Error while doing the challenge.
Challenge Not yet complete... here's what's wrong:
We couldn't find the Sharing Rule that shares Opportunities owned by Field Sales users with Inside Sales users. Please check if the setup of this Sharing Rule is correct.
I have tried all the possible solutions provided in the different forum, with different trainheads Please help me with this. I have been working on this from past 3 days still same thing.
I have done following steps as well.
1. Navigate to "Sharing Settings"
2. Edit "Organization-Wide Defaults" and set "Opportunity" to private in the drop-down menu and save.
3. Scroll down to "Opportunity Sharing Rules" and click "new"
Rule1.
1. Label can be anything you like
2. Rule type = "based on criteria"
3. Field = Type, Operator = Equals, Value = Existing Customer - Upgrade (the last one will be in the lookup using the icon right next to it)
- the second field will be: Field = Stage, Operator = Equals, Value = Closed Won (also use the lookup icon)
***Make sure you created a public group called "Project Managers" prior to this step if you haven't already***
4. "Share with" should be "Public Groups" in the first drop-down, and "Project Managers" for the second drop down.
5. Opportunity access should be set to "read-only"
Rule 2.
1. Label can be anything you like
2. Rule type = "Based on Record Owner"
3. Opportunity: owned by members of = Roles and Subordinates, and choose Sales Executives for the second drop-down menu
4. Share with: Roles, and choose Inside Sales Users for the second drop-down menu
5. Opportunity access should be set to "Read/Write"
Save both of these rules.
Type "Apex" into your quick search and choose Apex Test Execution
- Click Select Tests
- Choose "All namespaces" from the drop-down menu
- Choose "BeAwesome" and click run.
Your results should be 2/2.
Now navigate to the app launcher, and launch the "Sales" tab, and click on "Opportunities"
1. Click New
2. Name the opportunity anything you want
3. Choose Stage "Needs Analysis"
4. The close date should be picked as a value in the future.
5. click save
6. Create another "New" opportunity and name it anything you'd like again
7. For type, select "Existing Customer - Upgrade"
8. Set the date as whatever today's date is
9. Set the stage to "Closed Won"
10. Save
Now we need to make these opportunities owned by your user "Samantha Cordero"
1. Open the first opportunity you created, and click on the details tab
2. Under "Opportunity Owner" select "Change Owner" and change it to Samantha Cordero
3. Repeat steps 1-2 on the second opportunity.
Hi,
ReplyDeleteI am getting below Error while doing the challenge.
Challenge Not yet complete... here's what's wrong:
We couldn't find the Sharing Rule that shares Opportunities owned by Field Sales users with Inside Sales users. Please check if the setup of this Sharing Rule is correct.
I have tried all the possible solutions provided in the different forum, with different trainheads Please help me with this. I have been working on this from past 3 days still same thing.
I have done following steps as well.
1. Navigate to "Sharing Settings"
2. Edit "Organization-Wide Defaults" and set "Opportunity" to private in the drop-down menu and save.
3. Scroll down to "Opportunity Sharing Rules" and click "new"
Rule1.
1. Label can be anything you like
2. Rule type = "based on criteria"
3. Field = Type, Operator = Equals, Value = Existing Customer - Upgrade (the last one will be in the lookup using the icon right next to it)
- the second field will be: Field = Stage, Operator = Equals, Value = Closed Won (also use the lookup icon)
***Make sure you created a public group called "Project Managers" prior to this step if you haven't already***
4. "Share with" should be "Public Groups" in the first drop-down, and "Project Managers" for the second drop down.
5. Opportunity access should be set to "read-only"
Rule 2.
1. Label can be anything you like
2. Rule type = "Based on Record Owner"
3. Opportunity: owned by members of = Roles and Subordinates, and choose Sales Executives for the second drop-down menu
4. Share with: Roles, and choose Inside Sales Users for the second drop-down menu
5. Opportunity access should be set to "Read/Write"
Save both of these rules.
Type "Apex" into your quick search and choose Apex Test Execution
- Click Select Tests
- Choose "All namespaces" from the drop-down menu
- Choose "BeAwesome" and click run.
Your results should be 2/2.
Now navigate to the app launcher, and launch the "Sales" tab, and click on "Opportunities"
1. Click New
2. Name the opportunity anything you want
3. Choose Stage "Needs Analysis"
4. The close date should be picked as a value in the future.
5. click save
6. Create another "New" opportunity and name it anything you'd like again
7. For type, select "Existing Customer - Upgrade"
8. Set the date as whatever today's date is
9. Set the stage to "Closed Won"
10. Save
Now we need to make these opportunities owned by your user "Samantha Cordero"
1. Open the first opportunity you created, and click on the details tab
2. Under "Opportunity Owner" select "Change Owner" and change it to Samantha Cordero
3. Repeat steps 1-2 on the second opportunity.
Inside Sales Users - This is not the correct name for the Role.
DeleteSales Executives - Also not the correct name for the role.
Is this exactly what you have? If so, I'd be that your roles being named incorrectly is triggering issues.
Hi Trailbaby
ReplyDeleteRole names are below. I'm getting the challenge error even after passing Apex test.
Sales Executive
This role reports to - VP, North American Sales
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can edit all opportunities associated with accounts that they own, regardless of who owns the opportunities
Field Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role cannot access opportunities that they do not own that are associated with accounts that they do own
Inside Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can view all opportunities associated with accounts that they own, regardless of who owns the opportunities
Field Sales and Inside Sales have incorrect opportunity access.
DeleteHi
DeleteI have tried changing the opportunity access to for field sales to both( view/ edit) all and
inside sales to no access. Still same Error.
Field Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can view all opportunities associated with accounts that they own, regardless of who owns the opportunities/
Users in this role can edit all opportunities associated with accounts that they own, regardless of who owns the opportunities
Inside Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role cannot access opportunities that they do not own that are associated with accounts that they do own
Read over the instructions again and pick whatever lines up with them.
DeleteStill Stuck with this. :(
ReplyDeleteDoes this have to do with wrong profile setup as well? I have cleared the 1st challenge for profiles though.
What do you have currently for roles and sharing rules?
DeleteWith this
ReplyDeleteGeneral Record-Level Security Requirements
Configure default access to records in your org to:
Restrict access to opportunities to the people who own them (and their managers).
Allow access to accounts to anyone in the org, regardless of who owns them, as long as their profile allows access to Accounts in general.
I get Field sales and Inside sales role should only have access to the their opportunity in any account.
I Have
ReplyDeleteSales Executive
This role reports to - VP, North American Sales
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can edit all opportunities associated with accounts that they own, regardless of who owns the opportunities
Field Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can view all opportunities associated with accounts that they own, regardless of who owns the opportunities
Inside Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role cannot access opportunities that they do not own that are associated with accounts that they do own
For Sharing rule i have same rules as above.
Rule 1.
Field = Type, Operator = Equals, Value = Existing Customer - Upgrade
Field = Stage, Operator = Equals, Value = Closed Won
"Share with" "Project Managers"
Opportunity access "read-only"
Rule 2
Opportunity: owned by members of = Roles and Subordinates, and Sales Executives
Share with: Roles, and choose Inside Sales Users
Opportunity access "Read/Write"
I also tried with adding two account rules
Rule 1
Criteria
Owner in Role and Subordinates: Sales Executive
Shared with: Role: Field Sales
Account and Contract: Read/Write
Opportunity: Private
Case: Private
Rule 2
Criteria
Owner in Role and Subordinates: Sales Executive
Shared with: Role: Inside Sales
Account and Contract: Read/Write
Opportunity: Read/Write
Case: Private
Sales Executive
DeleteThis role reports to - VP, North American Sales
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can edit all opportunities associated with accounts that they own, regardless of who owns the opportunities
** This is not the correct opportunity access **
Field Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role can view all opportunities associated with accounts that they own, regardless of who owns the opportunities
** This is not the correct opportunity access **
Inside Sales
This role reports to- Sales Executive
Sharing Groups- Role, Role and Subordinates
Opportunity Access- Users in this role cannot access opportunities that they do not own that are associated with accounts that they do own
** This is not the correct opportunity access **
I did not review the rest of what you shared....I'd do a really through read through the instructions.
Hi
ReplyDeleteThanks for your support.
I was able to resolve this by creating another opportunity sharing rule for all internal users and shared to inside users.
I have completed superbadge.
hey could you explain this rule in more detail
DeleteHi, could you please help me to resolve this issue? I`ve past test successfully, but the error is still persist? It seems to me that I`ve tried everything already.
ReplyDeleteChallenge Not yet complete... here's what's wrong:
We couldn't find the Sharing Rule that shares Opportunities owned by Field Sales users with Inside Sales users. Please check if the setup of this Sharing Rule is correct.
Do you have 4 sharing rules total? I can't help without you sharing some details.
DeleteHI,
ReplyDeleteAm stuck with Apex test pass/Fail,and the error message is shown below.Not understanding what went wrong?
Error Message System.AssertException: Assertion Failed: Field Sales users should not be able to read Opportunities owned by someone else. However, the test returned records not owned by the user. #sadtrombone: Expected: 1, Actual: 3
hmmm Check your sharing rules.
DeleteI am still running into the same issue but all my sharing rules are correct.
DeleteOWD: Account and Contract Public Read/Write Private
Does it have to do with the order?
Read the instructions again- What you shared is incorrect per the challenge instructions.
DeleteCan some one please help I am stuck while execution apex test execution getting error field sales users should not be able to read opportunity owned by someone else.
DeleteHi Trailhead Baby,
ReplyDeleteThe Apex Test Execution has passed 2/2, but now when I check if step 2 is successful I get the following error :
'There was an unhandled exception. Please reference ID: RJJGVHSW. Error: Restforce::UnauthorizedError. Message: INVALID_AUTH_HEADER: INVALID_HEADER_TYPE '.
Any advice if possible?
Thanks :0
ohhhh That's a bad one. I have no advice or suggestions other than give it 24 hours, wait and recheck!
DeleteHello,
ReplyDeleteI hope you can help me. I am stuck on "Superbadge Security Specialist" Step two.
when I try to create username "Samantha Cordero" I am not able to select User License Standard
to this user is not available. Also for profiles I am not able to see the profiles which I have created
for Field Sales why?
Appreciate sure help I have been stuck on this step for a while. How do I check to see how many licenses do I have?
Thank and Regards,
Farshad
I meant user license as salesfoce.
DeleteWhat profile did you clone to create the custom profiles?
DeleteStandard User.
DeleteI have deleted and ensred I clone "Standard User". I still do not see sales force as an option! to be picked for user license!
Delete"Standard User" is the name of the standard profile that you would clone. "Salesforce" is the license. Samantha Codero should be a user with one of the custom profiles that you created. (The user license will be "Salesforce", but the profile" will show the customer profile name.)
DeleteMy point is that I could select license "Salesforce" for this user Samantha Codero.
DeleteI had to go in and manipulate another user and rename as Samantha Codero.
I am not sure why the Salesforce is not available. I wish could have send you a screenshot.
al lot of time has been waited in this.
I mean I could NOT see Salesforce as license! sorry.
DeleteI do not understand. There should be you as a user and Samantha as a user. These are the only two besides the few that Salesforce created automatically.
DeleteSo if I think I did the correct steps but did them in the wrong order for Challenge 2, is it best to just start again with a new playground or what?
ReplyDeleteTrailhead Baby's comment is very helpful. Pay attention to the 4 sharing rules, I passed the unit tests.
ReplyDeleteApex Test Fail 1/2
ReplyDeleteAssertion Failed: Field Sales users should not be able to read Opportunities owned by someone else
Sounds like an easy fix but for the love of god I cant get it to pass
this is what I'm getting when i run the test ....Assertion Failed: Field Sales users should not be able to read Opportunities owned by someone else. However, the test returned records not owned by the user.
ReplyDeleteand the challenge check is telling me this : Challenge Not yet complete... here's what's wrong:
The unit tests in the managed package have not passed successfully. Make sure you run all test in your org before checking this section
can you help me figure it out.