function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
AxxxVAxxxV 

Sharing: Granting Full Access to a subset of users within Private Sharing org.

I have the following use case that I have difficulty implementing. Premium support has been no help. I have a couple of workarounds in mind, but they seem too complex. Has anyone implemented similar use case? Seems like a very trivial scenario...


We have a
Private sharing in our org for Contact object. However, within Makreting group, users need to be able to have full access to each others' records. For example, if one user creates a few contact records, another other user should be able to delete them either directly, or as a result of a merge or import of data.

Sharing Rules and Manual Sharing only go as far as giving Read/Write access but no Full Access (no ability to delete).
 
An attempt of using Role Hierarchy solves this only half way, i.e. user in the top of the hierarchy can delete records owned by users below in the hierarchy, but not their peers or users above...
 



Nazeer AhamedNazeer Ahamed

Create a public group called “Marketing” or like, share the contacts between this group as per your required access criteria read / write.

Security controls – sharing setting – contact sharing rule

-Nazzy

AxxxVAxxxV
This does not work for me. What I need is full access (ability to delete).
Granting read/write access using either Sharing (using Roles or Public Groups) or Manual Sharing only allows read/write, but not delete.


So far, my only solution is to write a trigger that would reassign ownership of all Contact records upon creation to a single user that is at the bottom of the role hierarchy. This way everyone in the Marketing team will be able to delete all records. Problem with this is that
a. Users cannot filter on "My records" in reports and list views.
b. Some other reports are invalidated (s.a. user adoption, records counts per user etc)
c. Maintenance overhead when a designated owner leaves company or changes roles.
d. May be pther implications down the road....

I do not like this solution, but so far, this is the only one I have come up with...