I have a requirment to create a service which takes input as a user ( userid) and the service needs to return the list of Accounts the user has access to. The user can get access to account  to all possible ways that salesforce can provide (Sharing rules, Role Hierharchies, Record Ownership, Account Team etc...).

I looked around on AccountShare object, GroupMember, UserRecordAcess, Role  object. but could not really connect all the dots together to come up with logic to accomplish this.

USerRecordAccess has the details but you have to provide the USerid and Recordid in order to pull the records which does not fit my requirment.

Looking for any guidance.

In our organization, we have sales reps report to Managers --> Executives --> CEO.  Reps are grouped by NE, MW Markets. We need to enable NE users to see/work on some of opportunities  that belong to MW. Similarly some of MW Reps would need to see some opportunities owned by NE. How could we set up the roles. I beleive it can be done via sharing rules. 

 

Is it possible to prevent some users from downloading report data? 

 

Is it possible to hide/enable some portion of dashboard to a specific user group? 

 

Appreciate your feedback 

Hello friends,

 

I have some understanding gap with customer portal role hierarchy.

 

I had read on wiki as below :

"When you enable a Customer Portal on an account, the system creates a role hierarchy for the account's portal users. The portal roles are unique for each account and include the account's name. For example, “Account A Customer User.” In your organization's overall role hierarchy, this account-specific hierarchy is directly below the account owner."

 

So lets say  Account A was created by a salesforce user having role 'YW'
So will customer portal role hirarchy created for account A will come under this role 'YW' or any salesforce role ??

 

Thanks You.

 

 

I'm using Data Loader v21 to load in new customer portal users.  I'm getting the error mentioned in the subject for about 1% of my 12,000 users I'm loading in.  What might cause this error?

Hello,
We are in the process of trying to get our security in place. Everything is going well with the exception of trying to implement security in our accounts and contacts. You see we utilize record types and we need to control access to records based on that record type.

For Accounts we have
- Clients
- Respondents
- Organizations

and we have the same set of record types for contacts. We need to set different access to these record types based on profile.

 

For example, Profile1 should have read only access to Organizations, read, modify and create on Respondents, and no access what so ever to Clients. Profile2 might have have read and edit access to all of those. From what I can find there isn't an easy way to really set up security based on the record type of a record. Am I missing it, or is there a work around that is viable? Please let me know. Thank you!

Is it possible to determine whether the current user has delete permissions (aka Full Access) for a particular record (custom object), without actually attempting to delete the record?

I'm creating some custom actions using VF/apex, and for some of them I want to limit who can perform the action to the same users who can delete the record.  The action does not involve deleting the record, but I want it to be more restrictive than who can perform an edit.

I looked into the sharing table (object_share) but that only lists the owner as Full Access.  Since anyone above the owner in the role hierarchy also has full access, and the hierarchy might be several levels tall, it seems like a tall order for my code to walk the entire hierarchy and determine if that applies.  Is there an easier way?

Thanks much!