Loading
Get Started with Communications, Media, and Energy & Utilities (CME)...
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            UserSecurity Class

            You are here:

            1. Salesforce Help
            2. Docs
            3. Communications, Media, and Energy & Utilities Managed Package

            UserSecurity Class

            Decrypts and encrypts data strings for guest users. The class encrypts using AES-256 and returns it URL-safe encoded.

            Namespace

            This class is used across Vlocity products and uses the appropriate product namespace, such as vlocity_cmt or vlocity_ins.

            product_namespace

            Signature

            UserSecurity()

            Usage

            The UserSecurity class is not a Vlocity Open Interface so you cannot easily expose it as an API. It’s only to be used internally in an Integration Procedure or a custom Apex. Before using the UserSecurity class, see Guest User Technical Details for important considerations, the available tools, and the high-level process.

            Warning
            Warning

            Using the UserSecurity class incorrectly can expose your encryption.

            This class has the following requirements.

            • Do NOT call it directly from an OmniScript or a Card.

            • Do NOT include this class in any profile or permission set. It should not be called directly from a client.

            Methods

            Method Signature

            Description

            static String decrypt(String encryptedAndEncodedString)

            Decrypts the input string and returns the decrypted string (which must be a string that was encrypted by this class).

            If it can’t decrypt the string, it throws a UserSecurityException.

            static String decryptIfNecessary(String possiblyEncryptedString)

            Decrypts the input string if it’s a guest user that executes this Apex. Otherwise, it returns the same input string.

            It calls the decrypt method as described above.

            static String encrypt(String unencryptedStringValue)

            Encrypts the input string (AES-256) and returns it URL-safe encoded.

            If the input string is empty, it returns Null.

            static String encryptForUser(String unencryptedStringValue, Id userId)

            Do not use. Vlocity internal use only.

            Generates an encryption key for each user (future use).

            static String encryptIfNecessary(String stringToEncrypt)

            Encrypts the input string if it’s a guest user that executes this Apex. Otherwise, it returns the same input string.

            It calls the method encrypt as described above.

            static Boolean isGuestHandlingEnabled()

            Do not use. Vlocity internal use only.

            Checks if a custom setting in CPQ is turned ON or OFF.

            static Boolean isGuestUser()

            Checks if the user executing the Apex is a guest user (true) or another user (false).

            static Boolean treatCurrentUserAsGuest()

            Do not use. Vlocity internal use only.

            Checks if a custom setting in CPQ is turned ON or OFF.

            Encrypt & Decrypt Remote Action in an Integration Procedure

            This simple example code creates a Vlocity Open Interface and calls the encryption and decryption service using a Remote Action in an Integration Procedure.

            In this example, you must enable Remote Action access control for security so that encryption/decryption can only be called inside an Integration Procedure or custom Apex.

            If you copy this code, update the namespace.

            global with sharing class InternalOnly_SecurityService implements 
vlocity_ins.VlocityOpenInterface2
{   public Boolean invokeMethod(
       String methodName,
       Map<String, Object> inputs,
       Map<String, Object> outputs,
       Map<String, Object> options)
   {
       try {
           if (methodName == 'encryptIfNecessary') {
               return encryptIfNecessary(inputs, outputs, options);
           }
           if (methodName == 'decryptIfNecessary') {
               return decryptIfNecessary(inputs, outputs, options);
           }
       } catch (Exception e) {
           outputs.put('Error', e.getMessage());
           outputs.put('ErrorLine', e.getLineNumber());
           outputs.put('ErrorType', e.getTypeName());
           outputs.put('MethodName', methodName);
       }
        return false;
   }
    private Boolean encryptIfNecessary(
       Map<String,Object> inputs,
       Map<String,Object> outputs,
       Map<String,Object> options)
   {
       String unencryptedString = (String) inputs.get('unencryptedString');
       outputs.put('encryptedStringIfNecessary', vlocity_ins.UserSecurity.encryptIfNecessary(unencryptedString));
       return true;
   }
    private Boolean decryptIfNecessary(
       Map<String,Object> inputs,
       Map<String,Object> outputs,
       Map<String,Object> options)
   {
       String possiblyEncryptedString = (String) inputs.get('possiblyEncryptedString');
       outputs.put('decryptedStringIfNecessary', vlocity_ins.UserSecurity.decryptIfNecessary(possiblyEncryptedString));
       return true;
   }
}

            The following image shows an example of an Integration Procedure that uses the decryptIfNecessary and encryptIfNecessary methods.

            Integration procedure that uses the decryptIfNecessary method
             
            Loading
            Salesforce Help | Article