Salesforce Summer '19 brought about some critical updates. One such critical update is that users will require to use the Customize Application Permission for Direct Read Access to Custom Settings. The reason behind this update is that Salesforce follows a "secure by default" approach meaning those that should have the permission, will need to have it actively enabled. This change affects Visualforce pages and Lightning components that directly reference custom settings.

Where: This change applies to Lightning Experience and Salesforce Classic in Contact Manager, Essentials, Professional, Enterprise, Performance, Unlimited, and Developer editions.

WhenThis critical update will be enforced starting January 3, 2020, as part of the Spring ’20 release 

For ADvendio users, this is of particular importance as some key features within ADvendio which users could previously use, may give an error or an insufficient privileges message if the permission sets are not configured correctly. For example, without this permission set basic features such as the

This change has the potential to impact all features which depend on Custom Settings. 


What to do: 

  1. Check the "View All Custom Settings" permission in your custom profiles is set to true 
    or
  2. assign the ADvendio SuperUser Permission Set to allow users read-access to the custom settings outside of Apex code or system mode contexts (version 2.119 onwards) (be mindful that the ADvendio SuperUser Permission Set may give access to additional rights beyond the Users Profile)

Additional note:

Administrators will also need to have Customize Application  set to true in order to have for direct read access to custom settings, manage custom permissions and manage translations. This can either be added to the Permission Set (this permission set can then only be used with Salesforce Licenses) or added to the Admin Profile. 

Please note that setting Customize Application to true will automatically set Manage Custom Permissions and Manage Translation to true.