search

SalesforceLabs / survey-force

85 stars 61 forks source link

testAccessControl Fails #94

Closed corym-cp closed 3 years ago

corym-cp commented 3 years ago

When attempting to validated any change set in sandbox or production after installing and configuring the SurveyForce package, we receive a failure on the SFDCAccessControllerTest, method testAccessControl with error message: "System.AssertException: Assertion Failed: Expected: false, Actual: true" Class.SFDCAccessControllerTest.testAccessControl: line 141, column 1

We have confirmed configuration is correct based on the Post Install Guide & Instructions. I have attached a debug log of the failure.

apex-07L3t00003o2UMUEA2.log

jrattanpal commented 3 years ago

Does user have "Create" access for "Contact" object?

That class s using that to validate it. I know it's not listed in there but, generally, an admin does it and they have access to that object.

If that's not the case AND you don't want to give create access then change that line of code to use another object with create access.

System.assertEquals(false, Access_Controller.isAuthorizedToCreate(Schema.Contact.SobjectType, contactLastModifiedDate));

Maybe change that to "Schema.Account.SobjectType" (or any other object)

corym-cp commented 3 years ago

Yes, I am the user running the test and I have full Admin across our Org to include full CRUD on all objects.

jrattanpal commented 3 years ago

I read it wrong. This is actually testing to make sure that it will fail because you shouldn't have access to create LastModifiedDate.

But I believe there is a permission to create Audit fields. I wonder if you have that on and if that is causing it. Because no one should have permission to create LastModifiedDate field.

jrattanpal commented 3 years ago

This is the feature I was talking about. Do you have this feature on?

https://help.salesforce.com/articleView?id=000328426&type=1&mode=1

corym-cp commented 3 years ago

HI jrattanpal, we do have this enabled and assigned to our custom admin profile. I am re-running tests in sandbox to confirm resolution after removing the permissions. I appreciate your guidance thus far, stay tuned for my update after test runs complete.

corym-cp commented 3 years ago

jrattanpal, removing the "Set Audit Fields upon Record Creation" permission from our profile. This allowed the test to successfully pass.

Thank you for the guidance!

dschach commented 3 years ago

I suggest putting a check in the method that looks for the presence of the field on the user profile, and then acting accordingly if that field is not found, and returning a value that will allow the assertion to pass if the field is found.