You need to sign in to do that
Don't have an account?
Amey Singh
Control Access to Fields
Hi, I am trying to complete following challenge in data security module under control access to fields.
Create a profile and permission set to properly handle field access
All the sales team members have access to create, edit, and view Accounts and Contacts, but NOT delete them. Also, only select senior sales members should be able to see or edit the account Rating field. For this challenge, assume they have the same object and field permissions of the Standard User profile.
Create a Profile to handle access to the Account and Contact objects. Create a Permission Set to give selective access to the Rating field.
Create a new profile based upon the existing profile: Standard User
Profile name: Account
Give the following access to the Account object: Read, Create, and Edit
Give the following access to the Contact object: Read, Create, and Edit
Remove from profile access to account Rating field: Read Access and Edit Access
Create a new permission set
Label: Rating
API Name: Rating
License: Salesforce
Give to permission set access to account Rating field: Read Access and Edit Access
My Solution Includes
Creating a profile named accounts with salesforce license and from page layout under object permission removing delete permission and keeping the READ, CREATE and EDIT permission for the account and contact object.and I couldn't find the account rating field there.
then I created the permission set called rating and in the object setting gave the read and edit access. Still unable to complete the challenge.
Create a profile and permission set to properly handle field access
All the sales team members have access to create, edit, and view Accounts and Contacts, but NOT delete them. Also, only select senior sales members should be able to see or edit the account Rating field. For this challenge, assume they have the same object and field permissions of the Standard User profile.
Create a Profile to handle access to the Account and Contact objects. Create a Permission Set to give selective access to the Rating field.
Create a new profile based upon the existing profile: Standard User
Profile name: Account
Give the following access to the Account object: Read, Create, and Edit
Give the following access to the Contact object: Read, Create, and Edit
Remove from profile access to account Rating field: Read Access and Edit Access
Create a new permission set
Label: Rating
API Name: Rating
License: Salesforce
Give to permission set access to account Rating field: Read Access and Edit Access
My Solution Includes
Creating a profile named accounts with salesforce license and from page layout under object permission removing delete permission and keeping the READ, CREATE and EDIT permission for the account and contact object.and I couldn't find the account rating field there.
then I created the permission set called rating and in the object setting gave the read and edit access. Still unable to complete the challenge.
Please refer my mistake
Did you mean you edited the object permission from PROFILE ? May be posting a snapshot of your PRofile> Object Settings>Accounts
would give us clear idea.
1) https://developer.salesforce.com/forums/?id=906F0000000BNzFIAW
2) https://developer.salesforce.com/forums/?id=906F0000000BUghIAG
3) https://developer.salesforce.com/forums/?id=906F0000000AzmoIAC
4) https://developer.salesforce.com/forums/?id=906F0000000BNuPIAW
To complete this challenge, you must first create a profile called "Basic Account User".
- In Setup, choose Manage Users > Profiles
- Click the New Profile button at the top
- You will need to clone an existing profile; from the Existing Profile drop-down, select a profile that uses the Salesforce user license ("Standard User" is one of these)
- Name the profile "Basic Account User" and click Save
Now set the permission for the new profile so that it only has Read access to the "Accounts" object.- From the Profiles list, click the Edit button next to Basic Account User
- Scroll down to the Standard Object Permissions section and uncheck every box for all objects; now check only the boxes in the Read and Edit columns for the Accounts object
- Scroll to the top or bottom and click Save
You now have the correct user profile to complete the challenge: A profile that can only view and update Accounts. It is now possible for two users to have these permissions. You now need to create a permission set that will grant extra permissions to any users it is applied to; in this case, the permission set will allow its assigned user to see and edit the Rating field in the Account object.This was the last piece of the puzzle that allowed me to finally solve this challenge: I needed to set the field-level security on the Rating field of the Accounts object to be hidden from all users. Here's how I did it.
Let us know if this will help you
You have already done all the steps yet the error still come up!
Challenge Not yet complete... here's what's wrong:
The 'Account' profile did not have the appropriate object and field-level security for the Account object.
Label: Rating
API Name: Rating
User License: Salesforce
Give the Rating permission set access to account Rating field: Read Access, Edit Access
I cannot do this, yet. I have a permission set, I have labeled it, API naming, but I have no permission sets with a Salesforce license, and there is not object button. Basically, I am totally stuck, and the tutorial doesn't seem to cover it.
I've solved searching:
Permission Set from setup menu,
selecting "Rating" permission set and then
Permission Set Overview > Objects Settings > Account from
in Field Permissions list I found Rating and checked Edit Access and Read Access
see screenshot attached.
Hope this can help you!
Bye.
Valerio
Valerio
Go to Permission Sets - Rating(Edit) - Object Setting - Accounts - Edit - Object Permisiions - Read,Edit checked - Field Permissions - Rating: Read,Edit checked.
2. In profiles(click profile you created -sales) check standard object permissions for accounts and contacts read,create,edit should be checked.
3. In object manager - account - fields and relations - rating - set field level security - for sales visible and read only should be unchecked.