You need to sign in to do that
Don't have an account?
Push Alerts/Emails/Workflows when certain profile permissions are changed
Problem Statement: Our product that is built on the Force.com platform calculates commissions, which is highly confidential information. One prospect has a number of users with the out-of-the-box System Administator profile, some of which cannot see this information but need to view/edit all other data and also manage users within the application. We can remove read/write permissions from our custom objects (therefore creating a new profile), but cannot limit their ability to edit their profile and add themselves back to be able to view those objects.
Ask: Is there a way that we can:
- Identify a short-list of objects we are interested in
- Push alerts/emails/activate workflows whenever the permissions on these objects within a profile are modified to a person/group of people to monitor this sensitive data
Thanks,
Mike Davis
408.207.9563
Hi Mike, what tasks with respect to Manage Users do these users need? Could a custom profile & Delegated Administration solution work?
- Custom profile: Modify All / View All permissions on the appropriate objects, no Customize Application, no Manage Users, View Setup & Configuration
- Delegated Administration (for Users Admin and/or Object Admin)
Kristin