SalesForce Roles, Profile, Permission Set, Sharing Rules, OWD

Ace your homework & exams now with Quizwiz!

Types of Permission in a Profile

Administrative: can grant some administrative permissions to custom profile General User: control the ability that standard user can do like editing tasks Standard Object: control read, create, edit and delete action on standard objects Custom Object: control read, create, edit and delete actions on custom objects View All Data allows administrators to view all records regardless of all other security settings Modify all Data - allows administratos to modify all records Customize Application permits administrators to administer the application API only user cannot login to sf.com. such users can only use the application through API calls Password Never Expires prevents password expiring

OWD

OWD is the default access level on records for any object in sales force. By default while creating custom object OWD is set to Public Read/Write For custom objects we can see below access levels - Private: only owner and above hierarchy users can have Read/Write access and below hierarchy users don't have any access. Public Read only: only owner and above hierarchy users can have Read/Write access and below hierarchy users can have only Read Only. Public Read/Write: Irrespective of role hierarchy every one can have Read/Write permissions on the records.

Profiles

Profile deals with CRED (Create, Read, Edit and Delete) permissions over Apps, Tabs, sObjects, Fields, Record Types, etc... We can map only one profile for one user and without mapping the profile we cannot create the user.

Roles

Role deals with authorization to access data. defines data access rights granted to users at higher roles users access to all records they own and their sub-ordinates

Permission Set

To improve the permissions for the users over profiles we should go for Permission Sets. It cannot be used to restrict permissions. Example- To give additional permissions to few users who belongs to different profiles over Apps, Tabs, sObjects and fields.

Apex Sharing

allow developers to define the reason why a user or group of users have access to record apex sharing reasons exist only for custom objects and they are defined for individual objects. each object can have up to 10 apex sharing reasons

Sharing Rules

are created to grant access to records between users when access does not roll up Using sharing rules, read only and read/write access can be granted to users Sharing rules cannot be more restrictive than owd settings.

Field Level Security

restricts access to fields list views, reports, force.com, conenct offline, custom links, mail merge, related lists overrides less restrictive page layout settings set at profile level each profile can have different level of access to object doesn't allow conditional security of records all users can edit any accessible fields

Manual Sharing

used to grant access to records on a one-off basis when randon users require record access. Access rights can be granted by the owner of a record, anyone above the owner in the role hierarchy and by the system adminsitrator It is granted at the record level and is not used to grant access at the organization level


Related study sets

Unit 8 - The Nazi Dictatorship (1933-1939)

View Set

H. Bio. Mastering Ch. 5.1-5.15 Review (Multiple Choice)

View Set

Writing Workshop 1B: Types of Nouns

View Set

Chapter 24: Asepsis and Infection Control

View Set

Psychology: "Research Methods" by Michael W. Passer Glossary

View Set

7 - collaborators and resistance

View Set