Hi there,

I have the following scenario:

1. Retail Cluster (Master): The company that owns one or more Retail Stations 

2. Retail Stations (Detail): The Retail Station under the Retail Cluster  

Required Security Funtionality:

1. If the Retail Cluster Owner log in through the Customer Portal, they should see all the Retail Stations that they own.

2. If the Retail Station Manager log in, they should ONLY see details about the Staion that they are the manager for.

Current approach:

Assume we have a Retail Cluster 100 and we have Retail Stations called 100.1 and 100.2. 

We made Retail Cluster a child of Account.

We created an Account Hierarchy of:

100

    - 100.1

    - 100.2

We also added the

    - Retail Cluster Owner as a contact under Account 100.

    - Retail Station Managers as a contact under 100.1 and 100.2

We enabled the contact records for Customer portal.

This works when the Contact from 100.1 and 100.2 log in. They only see their records. But when the contact from 100 log in they do not see any records. Also, please note the Account object is set as Private.

The question that I have is why is this not taking the Account Hierarchy and assingining the permission accordingly? What is the best approach to over come this. I want to try to ignore creating custom sharing records through Apex. Please let me know if you guys have any suggestions. Thank you.

Sanch S.