function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
SLSL 

Profiles vs. Custom object sharing rules

Hi,

 

 I have a problem which I think is basic but I can't figure out what I am doing wrong.

 

I have a custom object named Customers and 2 users that belong to two different roles but in the same hierarchy level: DM and FASS.

 

One user is a System Administrator and the other has a profile name WM_Profile. The profile WM_Profile is set so that users with this profile can only READ Customers records.

 

I created a sharing rule for the Customers object so that when the Sys admin create a Customer record (The sys admin belong to DM) the other user (belongs to FASS) can have READ/WRITE on that record.

 

This doesn't work and I don't understand why. I created the record with Sys Admin but the other user can only READ it even though this record is shared with him.

 

It seems like the Profile's setting overrides everything I try to do with Roles and Sharing. What am I doing wrong?

 

Hope I was clear.

 

Thanks,

Shay

TrimbleAgTrimbleAg

Shay,

 

On the profile does the user have "Edit" for that object?

 

For items that arent shared to him through the sharing rules it shouldnt allow him to view still.

 

PB
SLSL

Thanks for the fast reply. 

 

The profile has the user as READ for that object.

 

The sharing rules suppose to allow him to READ/WRITE. But that doesn't work.

 

Is there something I can do to change that? 

 

I want to be able to have one user that is able to READ/WRITE a chosen record while the other users can only READ that record.

 

Thanks,

Shay
TrimbleAgTrimbleAg

If the user is above him and you share all records to him, he should see them, but when you do the read/write, I think he still have to have Edit on the object, he wont be able to edit all records, just the ones you have on the sharing rule for the read/write.
SLSL

Thanks. I think I got it now.

 

I assumed that if the Edit button appears so he can Edit the record. I tried it with a user that should not have edit capabilities and it worked. I got an insufficient privileges error.

 

Thanks again. I knew it was something basic that I am missing :-)