Force.com Streaming API Developer Guide

Getting Started with Force.com Streaming API
Code Examples
Using Streaming API
Working with PushTopics
PushTopic Queries
Security and the PushTopic Query
Supported PushTopic Queries
Unsupported PushTopic Queries
Event Notification Rules
Replay PushTopic Streaming Events (Beta)
Bulk Subscriptions
Deactivating a Push Topic
Streaming API Considerations
Generic Streaming
Reference
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Security and the PushTopic Query

Subscribers receive notifications about records that were created, updated, deleted, or undeleted if they have:
  • Field-level security access to the fields specified in the WHERE clause
  • Read access on the object in the query
  • Read access on the PushTopic
  • Visibility of the new or modified record based on sharing rules

If the subscriber doesn’t have access to specific fields referenced in the query SELECT clause, then those fields aren’t included in the notification. If the subscriber doesn’t have access to all fields referenced in the query WHERE clause, then they will not receive the notification.

For example, assume a user tries to subscribe to a PushTopic with the following Query value:

1SELECT Id, Name, SSN__c
2FROM Employee__c 
3WHERE Bonus_Received__c = true AND Bonus_Amount__c > 20000

If the subscriber doesn't have access to Bonus_Received__c or Bonus_Amount__c, the subscription fails. If the subscriber doesn’t have access to SSN__c, then it won’t be returned in the notification.

If the subscriber has already successfully subscribed to the PushTopic, but the field-level security then changes so that the user no longer has access to one of the fields referenced in the WHERE clause, no streamed notifications are sent.