+ Start a Discussion
prageethprageeth 

Restrict data access using roles

Hi all;

I have several opportunities and I want to restrict some users by viewing data of some Opportunities. I like to assign users to various user-roles and then let those roles to access only pre-defined Opportunities. It means users under some roles can't access(view / edit) some opportunities. Is there a way to do this? Can I use user-roles to accomplish this kind of a task? (If my question is not clear I'm ready to explain further.)

Thanks.

Best Answer chosen by Admin (Salesforce Developers) 
dkadordkador

Yes, set up opportunity sharing to be private.  If both users are admins or have view all records on opportunity, then that overrides private sharing.

All Answers

BA_AdminBA_Admin

Go to sharing settings and in the opportunity object define sharing rule for the users you want to restrict

dkadordkador

Just to be clear - defining a sharing rule GRANTS access to certain users/roles.  Sharing rules don't ever deny access.  The sharing model (private/read-only/read-write) combined with the user's profile's entity CRUD (create/read/update/delete/view all records/modify all records) determine whether or not a user can see a record by default.  Then sharing rules kick in and potentially can grant access to additional records.

prageethprageeth

Thanks 

dkadordkador

Yes, set up opportunity sharing to be private.  If both users are admins or have view all records on opportunity, then that overrides private sharing.

This was selected as the best answer
prageethprageeth

Thanks D