Apex Code Development You need to sign in to do that
Don't have an account?
Neha Garg 39 Grant Access Using Hierarchies
What should be done to provide managers access to records of which they are not the owner in a private sharing model?
A. Create a Manager Permission set and select the “View All Data” option.
B. Create a Manager profile and select the “View My Teams Data” option.
C. Define a Role Hierarchy and use the Grant Access Using Hierarchies option.
D. Set the Manger field for each User Record on the Manager’s team.
The answer should be C but some post says A. can anyone help me provide clarification about why it can't be C?
A. Create a Manager Permission set and select the “View All Data” option.
B. Create a Manager profile and select the “View My Teams Data” option.
C. Define a Role Hierarchy and use the Grant Access Using Hierarchies option.
D. Set the Manger field for each User Record on the Manager’s team.
The answer should be C but some post says A. can anyone help me provide clarification about why it can't be C?
Example: Lets say a sales rep reports to a manager and we have role define for both, i.e. sales rep reports to his manager. Then by checking ' Grant Access Using Hierarchies' it can be done.
But if the question says a user needs manager access for all the objects, then the right answer is A. This feature will give access to all object records irrespective of ownership. These are generally given to administrator or delegated admin profiles.
As far as I think the correct answer is C.
All Answers
Let's say a role sales manager reports to VP.
Object permission of Sales Manager profile assigned to people in Sales Manager role is CRUD and for VP is Read, then because of the hierarchy setup, VP role users will have access to all records that are visible to people in Sales manager role, but the object permissions will define what a VP can do with those. If the VP's profile does not have Edit permissions, he won't be able to edit the records, regardless of the sharing setup.
As per the documentation, regardless of your organization's sharing settings, users can gain access to records they do not own through other means such as user permissions like “View All Data,” sharing rules, or manual sharing of individual records.
While Grant Access using hierarchies determine whether users have access to records they don’t own, including records to which they don’t have sharing access, but someone below them in the hierarchy does, it comes down to what permission they have through their profile
If you find this information helpful, please mark this answer as Best
Regards,
Anudeep
Example: Lets say a sales rep reports to a manager and we have role define for both, i.e. sales rep reports to his manager. Then by checking ' Grant Access Using Hierarchies' it can be done.
But if the question says a user needs manager access for all the objects, then the right answer is A. This feature will give access to all object records irrespective of ownership. These are generally given to administrator or delegated admin profiles.
As far as I think the correct answer is C.