Security in Salesforce is defined at multiple levels and these levels are -
- Security at object level (Profile)
- Security at field level (Profile)
- Security at record level
- Organization-wide defaults
- Role-hierarchy
- Sharing rules
- Manual Sharing
Profile: Object & field level security can be setup via profile and CRUD permissions can be set for standard & custom objects.
OWD: Used to restrict the permission.,
All profiles get at least the privileges defined in OWD. OWD takes three different values -
- Private (Cant view and edit)
- Public Read only (Can view)
- Public Read-Write (Can view and edit)
Manual Sharing is used to grant one-off access. Manual sharing can be granted by record owner, any one above the owner in role hierarchy and System Administrator. Manual sharing is used to handle exception cases where access to a particular record needs to be given to a specific user. There is a Sharing button on the records page. This is used to provide manual sharing.
Role Hierarchy:
Role Hierarchy allows additional users access to records. If the role has access to some records, then it's parents and ancestors are able to access the record as well.
Sharing Rules:
Share between roles in diff. hierarchy branches. Sharing rule is defined using public groups. Record that match certain condition can be assigned to users in public groups using Sharing Rules. Sharing rules functionality is available via the menu Sharing Settings.
No comments:
Post a Comment