SlideShare une entreprise Scribd logo
1  sur  25
Télécharger pour lire hors ligne
Presented By: Sunil Kumar
Email id: sunil02kumar@gmail.com
Twitter : @sunil02kumar
Blog: http://sunil02kumar.blogspot.in/
RECORD SHARING MODEL IN
SALESFORCE
Module Agenda
 Overview of record access.
 Record Ownership.
 Organization-wide Defaults.
 Roles and “Group” of Users.
 Sharing.
Record Access
 The sharing model determines access to specific records.
- Who has access?
- What level of access?
- Why they have access?
 Access to records is dependent on object CRUD.
Levels of Record Access
 Full Access Privileges:
- View
- Edit
- Transfer Ownership
- Delete
- Share
 Read/ Write Privileges:
- View
- Edit
 Read-Only Privileges:
- View
Full Access
-Transfer
Ownership
-Delete
- Share
Read/Write
- Edit
Read Only
- View
Ways to obtain Access to a Record
Full Access:
 Owner field
- User
- Queue Member
 Above user(who has ownership) in the role hierarchy
 Profile Permission: “Modify All Data”
 Object permission: “Modify All”
Read/Write or Read-Only Access
 Organization-wide default
 Above user(who has read/write or read-only access) in role hierarchy
 Manually sharing
 Sharing rules
 Apex Sharing
 Profile Permission: “View All Data”
 Object Permission: “View All”
Let`s compare….Profiles & the Sharing Model
Profiles
 Controls access to objects(Candidates, Positions, etc.)
 Controls access to fields(Candidate Name, Min Pay, Skill Required, etc.)
Sharing Model
 Controls access to records(e.g., one candidate, Joe Schmoe, one position,
Black Box Tester)
So, a User`s profile might specify that a user can see candidates, but the sharing
model determines which candidates that user can see.
The sharing model determine that a user can see Joe Schmoe, but the profile
specifies which fields that user can view and edit.
Module Agenda
 Overview of record access.
 Record Ownership.
 Organization-wide Defaults.
 Roles and “Group” of Users.
 Sharing.
Record Ownership
 Most Records have an associated Owner.
- Exception: Child records in a master-detail relationship inherit access rights from parent record.
Types or Owners:
- Users
- Queues.
 Record owners have Full Access.
Module Agenda
 Overview of record access.
 Record Ownership.
 Organization-wide Defaults.
 Roles and “Group” of Users.
 Sharing.
What are Organization-wide Defaults(OWD)?
 Organization-wide defaults are a security setting that defines the
baseline level of access to data records that you do not own.
 They are the only way to restrict access to data in the sharing
model.
 They can be defined for the custom as well as several standard
objects.
 Access levels:
- Public Read/Write(all users can see and edit every record)
- Public Read- only(all users can see every record)
- Private(users can only see records that they own)
Determining How to Set OWD for an Object
Questions to ask:
1. Who is the most restricted user of this object?
2. Is there ever going to be an instance of this object that this user shouldn`t
be allowed to see?
3. Is there ever going to be an instance of this object that this user shouldn`t
be allowed to edit?
Organization-Wide Defaults Considerations
 Child records in the master-details relationships inherit their organization-wide
defaults from their parents.
 Child records in lookup relationships have independent organization-wide
defaults from their parents.
 Changing organization-wide defaults can produce unintended consequences;
consider your business requirements carefully before setting your
organization-wide defaults.
 Changing organization-wide defaults can potentially delete manual sharing if
that sharing is no longer needed,
- For example, Changing from Private to Public Read/Write.
Module Agenda
 Overview of record access.
 Record Ownership.
 Organization-wide Defaults.
 Roles and “Group” of Users.
 Sharing.
Universal Containers Scenario
Universal Containers `role hierarchy
What are Roles and Role Hierarchy?
A Role:
 Controls the level of visibility that an organization`s data
 A user may be associated to one role
The Role Hierarchy:
 Controls data visibility roll up for reporting
 User *usually* inherit the special privileges of data
owned by or shared with users below them in the
hierarchy
 Not necessarily the company`s organization chart
 With Standard Objects, Access to records rolls up
through the Role Hierarchy
 With Custom Objects, developers choose whether or
not access should roll up through the role hierarchy.
Determined by the Grant Access Using Hierarchies
setting on organization-wide defaults.
Role Hierarchy Considerations
Knowledge Check
Assuming organization-wide defaults are set to private and Grant
Access Using Hierarchies is checked:
1. What can Cynthia Capobianco see?
2. Can Andrew Goldberg see records owned by Amy Lojack? Can
he edit them?
3. Can Megan smith edit records owned by Mario Ruiz?
Public Groups
 Public groups are a way of grouping together users for access.
- Can be used in a sharing rule.
- Can be used to give access to folders.
 Every organization has default public group: Entire Organization.
 Public Group can be made up of any combination of:
- Users.
- Roles.
- Roles and Subordinates.
- Public Groups.
 Public Group membership is updated when public groups are made up of roles or
roles and subordinated, or when a user is added or removed from the role.
Module Agenda
 Overview of record access.
 Record Ownership.
 Organization-wide Defaults.
 Roles and “Group” of Users.
 Sharing.
Universal Containers Scenario
 Megan Smith`s team cannot see any reviews owned by
Andrew Goldberg`s tem.
 Ben Staurt cannot see reviews written by QA or Product
Management.
 Melissa Lee cannot see records for candidates she need to
interview.
Sharing Rules and Manual Sharing
 Sharing Rules :
- Automatic exception to organization-wide defaults for
particular group of users.
- Used to open up access to records.
- Never permitted to be more strict than organization-wide
default settings.
- Sharing can be based on record owner or criteria based.
 Manual Sharing:
- Used to open up access to a specific record.
- Granted by owners, anyone above owners in the role
hierarchy, and System Administrators.
Apex Sharing Reasons
 Clicking the Sharing button on a record displays the various reasons
that a user might have access to a record. Examples of sharing
reasons include:
- Administrator.
- Owner
- Custom Object Sharing Rule.
 Establish Apex sharing reasons allows developers to define the
reason that a user or group of users might have access to a record.
 The Apex sharing reasons describe why users can access a record.
Examples might be:
- Open Position(users have access to a position record because that
position is currently open).
- Hiring Manager(User might have access to position because they are
the hiring manager on that position).
 Apex sharing reasons are defined for custom objects only.
 Apex sharing reasons are defined object by object.
.
Sharing Records
Simple
FlexibleAutomated
Manual SharingSharing Rules
Apex Sharing
Sharing and Security
Review
 Permissions (Profile)
- View All Data
 Record Ownership
 Organization-wide Defaults
- Read-Only
- Read/write
 Roles
- Above the record owner?
 Sharing
- Sharing Rules.
- Manual Sharing.
- Apex Manage Sharing
Permissions(Profile)
Record Ownership
Organization Wide Default
Roles
Sharing
Yes No
Yes
No
No
No
No
Yes
Yes
Yes
Record sharing model in salesforce

Contenu connexe

Tendances

Sharing and setting in salesforce
Sharing and setting in salesforceSharing and setting in salesforce
Sharing and setting in salesforceVishesh Singhal
 
Salesforce admin training 1
Salesforce admin training 1Salesforce admin training 1
Salesforce admin training 1HungPham381
 
Salesforce Sharing Architecture
Salesforce Sharing ArchitectureSalesforce Sharing Architecture
Salesforce Sharing Architecturegemziebeth
 
Salesforce sharing and visibility Part 1
Salesforce sharing and visibility Part 1Salesforce sharing and visibility Part 1
Salesforce sharing and visibility Part 1Ahmed Keshk
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforceMark Adcock
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce CommunitiesSunil kumar
 
Salesforce Security Best Practices for Every Admin
Salesforce Security Best Practices for Every AdminSalesforce Security Best Practices for Every Admin
Salesforce Security Best Practices for Every AdminCloud Analogy
 
Salesforce Admin 201-certification Notes
Salesforce Admin 201-certification NotesSalesforce Admin 201-certification Notes
Salesforce Admin 201-certification NotesAslam Tayyab
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewDhanik Sahni
 
Flow in Salesforce
Flow in SalesforceFlow in Salesforce
Flow in Salesforcevikas singh
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 
Data Management and Migration in Salesforce
Data Management and Migration in SalesforceData Management and Migration in Salesforce
Data Management and Migration in SalesforceSunil kumar
 
Salesforce complete overview
Salesforce complete overviewSalesforce complete overview
Salesforce complete overviewNitesh Mishra ☁
 
Salesforce Integration Patterns
Salesforce Integration PatternsSalesforce Integration Patterns
Salesforce Integration Patternsusolutions
 
Supercharge your Salesforce Reports and Dashboards
Supercharge your Salesforce Reports and DashboardsSupercharge your Salesforce Reports and Dashboards
Supercharge your Salesforce Reports and DashboardsNetStronghold
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorSalesforce Developers
 
Why Flow with Salesforce Flow
Why Flow with Salesforce FlowWhy Flow with Salesforce Flow
Why Flow with Salesforce FlowAjeet Singh
 

Tendances (20)

Sharing and setting in salesforce
Sharing and setting in salesforceSharing and setting in salesforce
Sharing and setting in salesforce
 
Salesforce admin training 1
Salesforce admin training 1Salesforce admin training 1
Salesforce admin training 1
 
Salesforce Sharing Architecture
Salesforce Sharing ArchitectureSalesforce Sharing Architecture
Salesforce Sharing Architecture
 
Salesforce sharing and visibility Part 1
Salesforce sharing and visibility Part 1Salesforce sharing and visibility Part 1
Salesforce sharing and visibility Part 1
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforce
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce Communities
 
Salesforce Security Best Practices for Every Admin
Salesforce Security Best Practices for Every AdminSalesforce Security Best Practices for Every Admin
Salesforce Security Best Practices for Every Admin
 
Salesforce Admin 201-certification Notes
Salesforce Admin 201-certification NotesSalesforce Admin 201-certification Notes
Salesforce Admin 201-certification Notes
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern Overview
 
Flow in Salesforce
Flow in SalesforceFlow in Salesforce
Flow in Salesforce
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
 
Data Management and Migration in Salesforce
Data Management and Migration in SalesforceData Management and Migration in Salesforce
Data Management and Migration in Salesforce
 
Salesforce complete overview
Salesforce complete overviewSalesforce complete overview
Salesforce complete overview
 
Salesforce Integration Patterns
Salesforce Integration PatternsSalesforce Integration Patterns
Salesforce Integration Patterns
 
Supercharge your Salesforce Reports and Dashboards
Supercharge your Salesforce Reports and DashboardsSupercharge your Salesforce Reports and Dashboards
Supercharge your Salesforce Reports and Dashboards
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData Connector
 
Why Flow with Salesforce Flow
Why Flow with Salesforce FlowWhy Flow with Salesforce Flow
Why Flow with Salesforce Flow
 
Salesforce Lightning workshop
Salesforce Lightning workshopSalesforce Lightning workshop
Salesforce Lightning workshop
 
Architect day 20181128 - Afternoon Session
Architect day 20181128 - Afternoon SessionArchitect day 20181128 - Afternoon Session
Architect day 20181128 - Afternoon Session
 
Salesforce APIs
Salesforce APIsSalesforce APIs
Salesforce APIs
 

Similaire à Record sharing model in salesforce

SFDC Database Security
SFDC Database SecuritySFDC Database Security
SFDC Database SecuritySujit Kumar
 
2020 07-08 fireside chat sharing architecture
2020 07-08 fireside chat sharing architecture2020 07-08 fireside chat sharing architecture
2020 07-08 fireside chat sharing architectureJihun Jung
 
2020 07-22 fireside chat : Record Ownership Deep Dive
2020 07-22 fireside chat : Record Ownership Deep Dive2020 07-22 fireside chat : Record Ownership Deep Dive
2020 07-22 fireside chat : Record Ownership Deep DiveJihun Jung
 
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records vraopolisetti
 
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptxDataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptxRebekka Aalbers-de Jong
 
Profiles and permission sets
Profiles and permission setsProfiles and permission sets
Profiles and permission setsVishesh Singhal
 
August 12: Sugar’s Security Model – Teams and Roles
August 12: Sugar’s Security Model – Teams and Roles August 12: Sugar’s Security Model – Teams and Roles
August 12: Sugar’s Security Model – Teams and Roles ticomixcrm
 
Joomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG BredaJoomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG BredaSander Potjer
 
Joomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day GermanyJoomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day GermanySander Potjer
 
Cairo meetup low code best practices
Cairo meetup low code best practicesCairo meetup low code best practices
Cairo meetup low code best practicesAhmed Keshk
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Sander Potjer
 
Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Kiran K.V.S.
 
Managing permissions in SharePoint
Managing permissions in SharePointManaging permissions in SharePoint
Managing permissions in SharePointpearce.alex
 
Administer Active Directory
Administer Active DirectoryAdminister Active Directory
Administer Active DirectoryHameda Hurmat
 
Fastman Permissions Manager
Fastman Permissions ManagerFastman Permissions Manager
Fastman Permissions ManagerFastman
 
Joomla ACL introduction, limit site access
Joomla ACL introduction, limit site accessJoomla ACL introduction, limit site access
Joomla ACL introduction, limit site accessSander Potjer
 
Relations In Online Communities
Relations In Online CommunitiesRelations In Online Communities
Relations In Online Communitiessparrowzen
 

Similaire à Record sharing model in salesforce (20)

SFDC Database Security
SFDC Database SecuritySFDC Database Security
SFDC Database Security
 
2020 07-08 fireside chat sharing architecture
2020 07-08 fireside chat sharing architecture2020 07-08 fireside chat sharing architecture
2020 07-08 fireside chat sharing architecture
 
2020 07-22 fireside chat : Record Ownership Deep Dive
2020 07-22 fireside chat : Record Ownership Deep Dive2020 07-22 fireside chat : Record Ownership Deep Dive
2020 07-22 fireside chat : Record Ownership Deep Dive
 
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
 
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptxDataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
 
Files and folders
Files and foldersFiles and folders
Files and folders
 
Profiles and permission sets
Profiles and permission setsProfiles and permission sets
Profiles and permission sets
 
August 12: Sugar’s Security Model – Teams and Roles
August 12: Sugar’s Security Model – Teams and Roles August 12: Sugar’s Security Model – Teams and Roles
August 12: Sugar’s Security Model – Teams and Roles
 
Joomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG BredaJoomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG Breda
 
Joomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day GermanyJoomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day Germany
 
Cairo meetup low code best practices
Cairo meetup low code best practicesCairo meetup low code best practices
Cairo meetup low code best practices
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
 
Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.
 
Managing permissions in SharePoint
Managing permissions in SharePointManaging permissions in SharePoint
Managing permissions in SharePoint
 
Administer Active Directory
Administer Active DirectoryAdminister Active Directory
Administer Active Directory
 
Fastman Permissions Manager
Fastman Permissions ManagerFastman Permissions Manager
Fastman Permissions Manager
 
Joomla ACL introduction, limit site access
Joomla ACL introduction, limit site accessJoomla ACL introduction, limit site access
Joomla ACL introduction, limit site access
 
Acp policies
Acp policiesAcp policies
Acp policies
 
TrackStudio Permissions
TrackStudio PermissionsTrackStudio Permissions
TrackStudio Permissions
 
Relations In Online Communities
Relations In Online CommunitiesRelations In Online Communities
Relations In Online Communities
 

Dernier

Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum ComputingGDSC PJATK
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 

Dernier (20)

Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum Computing
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 

Record sharing model in salesforce

  • 1. Presented By: Sunil Kumar Email id: sunil02kumar@gmail.com Twitter : @sunil02kumar Blog: http://sunil02kumar.blogspot.in/ RECORD SHARING MODEL IN SALESFORCE
  • 2. Module Agenda  Overview of record access.  Record Ownership.  Organization-wide Defaults.  Roles and “Group” of Users.  Sharing.
  • 3. Record Access  The sharing model determines access to specific records. - Who has access? - What level of access? - Why they have access?  Access to records is dependent on object CRUD.
  • 4. Levels of Record Access  Full Access Privileges: - View - Edit - Transfer Ownership - Delete - Share  Read/ Write Privileges: - View - Edit  Read-Only Privileges: - View Full Access -Transfer Ownership -Delete - Share Read/Write - Edit Read Only - View
  • 5. Ways to obtain Access to a Record Full Access:  Owner field - User - Queue Member  Above user(who has ownership) in the role hierarchy  Profile Permission: “Modify All Data”  Object permission: “Modify All” Read/Write or Read-Only Access  Organization-wide default  Above user(who has read/write or read-only access) in role hierarchy  Manually sharing  Sharing rules  Apex Sharing  Profile Permission: “View All Data”  Object Permission: “View All”
  • 6. Let`s compare….Profiles & the Sharing Model Profiles  Controls access to objects(Candidates, Positions, etc.)  Controls access to fields(Candidate Name, Min Pay, Skill Required, etc.) Sharing Model  Controls access to records(e.g., one candidate, Joe Schmoe, one position, Black Box Tester) So, a User`s profile might specify that a user can see candidates, but the sharing model determines which candidates that user can see. The sharing model determine that a user can see Joe Schmoe, but the profile specifies which fields that user can view and edit.
  • 7. Module Agenda  Overview of record access.  Record Ownership.  Organization-wide Defaults.  Roles and “Group” of Users.  Sharing.
  • 8. Record Ownership  Most Records have an associated Owner. - Exception: Child records in a master-detail relationship inherit access rights from parent record. Types or Owners: - Users - Queues.  Record owners have Full Access.
  • 9. Module Agenda  Overview of record access.  Record Ownership.  Organization-wide Defaults.  Roles and “Group” of Users.  Sharing.
  • 10. What are Organization-wide Defaults(OWD)?  Organization-wide defaults are a security setting that defines the baseline level of access to data records that you do not own.  They are the only way to restrict access to data in the sharing model.  They can be defined for the custom as well as several standard objects.  Access levels: - Public Read/Write(all users can see and edit every record) - Public Read- only(all users can see every record) - Private(users can only see records that they own)
  • 11. Determining How to Set OWD for an Object Questions to ask: 1. Who is the most restricted user of this object? 2. Is there ever going to be an instance of this object that this user shouldn`t be allowed to see? 3. Is there ever going to be an instance of this object that this user shouldn`t be allowed to edit?
  • 12. Organization-Wide Defaults Considerations  Child records in the master-details relationships inherit their organization-wide defaults from their parents.  Child records in lookup relationships have independent organization-wide defaults from their parents.  Changing organization-wide defaults can produce unintended consequences; consider your business requirements carefully before setting your organization-wide defaults.  Changing organization-wide defaults can potentially delete manual sharing if that sharing is no longer needed, - For example, Changing from Private to Public Read/Write.
  • 13. Module Agenda  Overview of record access.  Record Ownership.  Organization-wide Defaults.  Roles and “Group” of Users.  Sharing.
  • 14. Universal Containers Scenario Universal Containers `role hierarchy
  • 15. What are Roles and Role Hierarchy? A Role:  Controls the level of visibility that an organization`s data  A user may be associated to one role The Role Hierarchy:  Controls data visibility roll up for reporting  User *usually* inherit the special privileges of data owned by or shared with users below them in the hierarchy  Not necessarily the company`s organization chart
  • 16.  With Standard Objects, Access to records rolls up through the Role Hierarchy  With Custom Objects, developers choose whether or not access should roll up through the role hierarchy. Determined by the Grant Access Using Hierarchies setting on organization-wide defaults. Role Hierarchy Considerations
  • 17. Knowledge Check Assuming organization-wide defaults are set to private and Grant Access Using Hierarchies is checked: 1. What can Cynthia Capobianco see? 2. Can Andrew Goldberg see records owned by Amy Lojack? Can he edit them? 3. Can Megan smith edit records owned by Mario Ruiz?
  • 18. Public Groups  Public groups are a way of grouping together users for access. - Can be used in a sharing rule. - Can be used to give access to folders.  Every organization has default public group: Entire Organization.  Public Group can be made up of any combination of: - Users. - Roles. - Roles and Subordinates. - Public Groups.  Public Group membership is updated when public groups are made up of roles or roles and subordinated, or when a user is added or removed from the role.
  • 19. Module Agenda  Overview of record access.  Record Ownership.  Organization-wide Defaults.  Roles and “Group” of Users.  Sharing.
  • 20. Universal Containers Scenario  Megan Smith`s team cannot see any reviews owned by Andrew Goldberg`s tem.  Ben Staurt cannot see reviews written by QA or Product Management.  Melissa Lee cannot see records for candidates she need to interview.
  • 21. Sharing Rules and Manual Sharing  Sharing Rules : - Automatic exception to organization-wide defaults for particular group of users. - Used to open up access to records. - Never permitted to be more strict than organization-wide default settings. - Sharing can be based on record owner or criteria based.  Manual Sharing: - Used to open up access to a specific record. - Granted by owners, anyone above owners in the role hierarchy, and System Administrators.
  • 22. Apex Sharing Reasons  Clicking the Sharing button on a record displays the various reasons that a user might have access to a record. Examples of sharing reasons include: - Administrator. - Owner - Custom Object Sharing Rule.  Establish Apex sharing reasons allows developers to define the reason that a user or group of users might have access to a record.  The Apex sharing reasons describe why users can access a record. Examples might be: - Open Position(users have access to a position record because that position is currently open). - Hiring Manager(User might have access to position because they are the hiring manager on that position).  Apex sharing reasons are defined for custom objects only.  Apex sharing reasons are defined object by object. .
  • 24. Sharing and Security Review  Permissions (Profile) - View All Data  Record Ownership  Organization-wide Defaults - Read-Only - Read/write  Roles - Above the record owner?  Sharing - Sharing Rules. - Manual Sharing. - Apex Manage Sharing Permissions(Profile) Record Ownership Organization Wide Default Roles Sharing Yes No Yes No No No No Yes Yes Yes