You need to sign in to do that
Don't have an account?
Why can users create opportunities on accounts they have Read Only access to?
I'm trying to get some control of record creation which has been a little too global previously and I've noticed a problem whereby users who only have read only access to an accounts and its opportunities can still create an opportunity on that account. Once created they cannot edit it in any way so this seems like a bug to me. The Sharing button on the account clearly says Read Only and the user does not have any special privileges like Modify All Data or anything like that, so why can he still create an opp? It seems like an oversight in the security of the org and I fear that I'll not be able to control it. FYI Opportunity OWS are set to Private.
Thanks
Check the profile permission for Opportunity....
Regards,
Magulan D
They have Read, Write, Edit, Delete; thats it. No view all or modify all. Since they only have Read Only access to the Account and its Opportunities (as confirmed on the Sharing page for the account) then these permissions should not allow them to create an oportunity.
Since opportunity has Read, Write, Edit, Delete permissions, you will be able to create opptys.
Only associated opptys will follow Account's permission.
Regards,
Magulan D
Salesforce.com certified Force.com Developer.
SFDC Blog
If this post is your solution, kindly mark this as the solution.
Are you sure? That doesn't make sense. In what sensible world does "Read Only" mean "Read and Create"?
Hi,
Yes, this is possible.
Because, we have lookup relation between Account & Opportunity.
Hence the Object CRUD settings in Account will not have any effect on Opportunity.
Since the User is having Create permission on Opportunity, hence they are able to create it.
Regards,
Bharathi
Salesforce For All