Salesforce Visibility & Data Access Part 2

This is the part 2 of Salesforce Visibility & Data Access, you can find the part 1 blog which I wrote last time from here http://www.www.inoks.com/en/blog/129-salesforce-visibility-data-access-part-1

This is the part 2 of Salesforce Visibility & Data Access, you can find the part 1 blog which I wrote last time from here http://www.www.inoks.com/en/blog/129-salesforce-visibility-data-access-part-1


4. Org-Wide Default Permission of an object

·         This control what is the default visibility of your object records

·         Set on object level

·         Default object org-wide default can be set to either Private, Public with Read Only, or Public with Read/Write access

·         If the object org-wide default is set to Private then only the record’s owner can see the records

·         If the object org-wide default is set to Public Read Only then all users can see all records, but can only modify record own by them

·         If the object org-wide default is set to Public Read / Write then all users can see and edit all records

·         Available from Setup > Security Controls > Sharing Settings

5. Role Hierarchy

·         Can be used to extend / share record visibility vertically based on user’s role hierachies

·         By default users in higher role hierarchy can automatically see records below them which they don’t own, if the “Grant Access Using Hierarchies” option in org-wide default setting in point no.4 above is enabled

·         Users in higher role hierarchy can see records below them with following permission: either Read Only / Public Read / Public Read Write depending on the object org-wide default settings in point no.4 above

·         Users in the same role hiearchies cannot see each other records, to grant record access visibility on this can use sharing rules (point no. 6)

·         Available from Setup > Manage Users > Roles

6. Sharing Rules

·         Can be used to extend / share record visibility either vertically or horizontally

·         Sharing rules can never be stricter than your organization-wide default settings. They simply allow greater access for particular users

·         Set on object level

·         Sharing rules can be created based on two rule types, either based on Record Owner or based on Criteria

·         Available from Setup > Security Controls > Sharing Settings, select which object then add the Sharing Rules for that object

Posted in Blogs.