Sharing rules
Sharing rules
there are three types of security available on SF
Object level security
Field Level Security
Record level security
ols - Profile level and permission set settings decide if the user has access to objects
fls - profile(fls ssection) + permission set+ page layout. if the page is read only or accessible
rls - OWD
Sharing model comes into picture.
user is not owner or admin, then sharing rule decides if the user can access the record
Record ownership
User groups
Sharing model
Sharing Rules
Base line for security is profiles and permission sets. On top of it we have multiple layers
OWD - organization-wide-defaults : these determines the accesslevels for org wide users
Role-Hierarchy : opens vertical access, i.e. users with higher roles in the hierarchy can view the records of the records owned by subordinates
Sharing Rules : comes into picture here. opens up the access horizontally. i.e. access to the records can be given to other even if they are not the owners
Manual sharing : flexible sharing, users can give access to anyone
applied when a user wishes to allow access to other users for records.
We cannot use sharing rules to restrict data access. It is only used for allowing greater access to records
By default, all users in your organization will have organization-wide-default sharing settings of either Public Read Only or Private.
Sharing Rules
Base line for security is profiles and permission sets. On top of it we have multiple layers
OWD - organization-wide-defaults : these determines the accesslevels for org wide users
Role-Hierarchy : opens vertical access, i.e. users with higher roles in the hierarchy can view the records of the records owned by subordinates
Sharing Rules : comes into picture here. opens up the access horizontally. i.e. access to the records can be given to other even if they are not the owners
Manual sharing : flexible sharing, users can give access to anyone
applied when a user wishes to allow access to other users for records.
We cannot use sharing rules to restrict data access. It is only used for allowing greater access to records
By default, all users in your organization will have organization-wide-default sharing settings of either Public Read Only or Private.
OWD
Private
Public Read-Only
Public Read/Write
Controlled by Parent
No comments: