Apex Code Development You need to sign in to do that
Don't have an account?
SFDC New learner Basic questions on sharing rules,profiles
Hi All,
I have some basic questions.
1. Using Grant Access Hierarchies or Role Hierarchy, the user can grant access to the role above the hierarchy. But what if the user in above the hierarchy wants to grant access to below the hierarchy or lower level.
e.g A (CEO)
B ( Manager)
C ( Sales rep)
In this case, how do B can share the record to c? Do we use Sharing rules for this requirement?
2. If there are 100 users in one profile1 and 100 users in another profile2. How to restrict the record access from each other. Profile1 should not see Profile2 records and same with Profile2 should not see Profile1's records.
Any ideas on this?
Thanks,
Sirisha
I have some basic questions.
1. Using Grant Access Hierarchies or Role Hierarchy, the user can grant access to the role above the hierarchy. But what if the user in above the hierarchy wants to grant access to below the hierarchy or lower level.
e.g A (CEO)
B ( Manager)
C ( Sales rep)
In this case, how do B can share the record to c? Do we use Sharing rules for this requirement?
2. If there are 100 users in one profile1 and 100 users in another profile2. How to restrict the record access from each other. Profile1 should not see Profile2 records and same with Profile2 should not see Profile1's records.
Any ideas on this?
Thanks,
Sirisha
B can share record to c by sharing rule you are correct,
For your second query, make OWD private but in this case, 100 users of profile 1 will not be able to see each other records too and remove View all permission from the profile.
If the above answer cleared your doubt, Please mark it as the best answer.
Happy Learning.
Thanks & Regards,
Abhishek Singh.
Please find below the answers:
1. Yes. You are correct. To share records with child role, we need to use sharing rules.
2. Profiles are mainly used to control the object level access rather than record level access.
So in your case, if you want Profile 1 users should not see records of Profile 2 users, then first of all you need to make OWD for Account as Private.Also, remove "View All" and "Modify All" permission from the profiles.
Then, you can assign same roles to all users of Profile 1 (Role 1) and Profile 2 (Role 2).
Now, Using sharing rules, share the records with Role 1 and Role 2 based on user's profile.