You need to sign in to do that
Don't have an account?
Rajesh-SFDC
Sharing rules in Salesforce
Hi Everybody,
I am new to salesforce security just wanted to have understanding on Sharing rules i have below doubt
a) Suppose we have CEO Role at highest level and Recruitment Manager at lowest level of CEO and CEO have all object access what Recuritment manger Have and for all object Grant Access Using Hierarchies in org default is selcted my doubt is whether the record will be accesible to CEO what Recruitment Manager created or do we need to create sharing rules ?
b) What is the sharing rule and Manual Sharing Rule ?
I am new to salesforce security just wanted to have understanding on Sharing rules i have below doubt
a) Suppose we have CEO Role at highest level and Recruitment Manager at lowest level of CEO and CEO have all object access what Recuritment manger Have and for all object Grant Access Using Hierarchies in org default is selcted my doubt is whether the record will be accesible to CEO what Recruitment Manager created or do we need to create sharing rules ?
b) What is the sharing rule and Manual Sharing Rule ?
Below links of trailhead can help you in understanding the Sharing rule .
https://trailhead.salesforce.com/force_com_dev_beginner/data_security/data_security_roles
https://trailhead.salesforce.com/force_com_dev_beginner/data_security/data_security_sharing_rules
And the answer your questions are given below.
a)No, you do not have to create sharing rule. Data security will be handled by the Grant Access Using Hierarchies.
b)Link(https://success.salesforce.com/apex/answers?id=90630000000hvFmAAI) will help you in understanding the difference between the sharing rule and Manual Sharing Rule
If this helps you then Mark this Answer as Best Answer.
Thanks
1) http://amitsalesforce.blogspot.com/2016/02/types-of-sharing-in-salesforce.html
links of trailhead can help you in understanding the Sharing rule .
https://trailhead.salesforce.com/force_com_dev_beginner/data_security/data_security_roles
https://trailhead.salesforce.com/force_com_dev_beginner/data_security/data_security_sharing_rules
1. Force.com Managed Sharing
Force.com managed sharing involves sharing access granted by Force.com based on record ownership, the role hierarchy, and sharing rules:
2. User Managed Sharing, also known as Manual Sharing
User managed sharing allows the record owner or any user with Full Access to a record to share the record with a user or group of users. This is generally done by an end-user, for a single record. Only the record owner and users above the owner in the role hierarchy are granted Full Access to the record. It is not possible to grant other users Full Access. Users with the “Modify All” object-level permission for the given object or the “Modify All Data” permission can also manually share a record. User managed sharing is removed when the record owner changes or when the access granted in the sharing does not grant additional access beyond the object's organization-wide sharing default access level.
3. Apex Managed Sharing
Apex managed sharing provides developers with the ability to support an application’s particular sharing requirements programmatically through Apex or the SOAP API. This type of sharing is similar to Force.com managed sharing. Only users with “Modify All Data” permission can add or change Apex managed sharing on a record. Apex managed sharing is maintained across record owner changes.
Let us know if this will help you
https://trailhead.salesforce.com/force_com_dev_beginner/data_security/data_security_sharing_rules
Set Sharing Rules for Training Coordinator and Projects
Project custom object records should only be seen by the owner of the record and users above the owner on the role hierarchy. However, for some Project records, the Training Coordinator must also have Read Only visibility to the Project record.
Create a custom picklist field on the Project object called “Priority” with the following values: High, Medium, and Low. Then create a criteria-based Sharing Rule for Project records where the Priority = High to share those records with the Training Coordinator role.
The custom object must be named 'Project' with a resulting API name of 'Project__c'.
The Name field for 'Project' must be of type Text (not Auto-Number).
The custom object 'Project' must have a custom field of type picklist named 'Priority' with a resulting API name of 'Priority__c'.
The role label should be 'Training Coordinator' with the resulting 'Role Name' of 'Training_Coordinator'. Note that you may already have this role in your role hierarchy from a previously attempted challenge.
The sharing rule can be named anything.
The organization-wide defaults for Project cannot be set to 'Public Read/Write'.