Apex Code Development You need to sign in to do that
Don't have an account?
Chris Talbot (b) Object permissions
Hi,
I just can't seem to get my object permissions right no matter what I do, some help would be immensly appreciated.
I have a free developer account and I'm trying to build a custom app and have created a couple of users for testing the app. If I create a custom object and a tab for it and then add the 2 users to a permission set which sets read/write permissions for the object settings I can create records with both users. However all the records are editable by both users and I need only the owner to be able to edit the record and both users to simply be able to view/read all records.
If I change the permissions in the permission set to just read/create then both users can create new records but none of them can edit any of the records, not even the ones created by the same user. I have read online that the owner of records can always edit them but I can't seem to figure out how to achieve that without every other user also having edit rights.
I've been trying to figure this out for over a week now and have not got very far with it, any help at all would be amazing, thank you.
I just can't seem to get my object permissions right no matter what I do, some help would be immensly appreciated.
I have a free developer account and I'm trying to build a custom app and have created a couple of users for testing the app. If I create a custom object and a tab for it and then add the 2 users to a permission set which sets read/write permissions for the object settings I can create records with both users. However all the records are editable by both users and I need only the owner to be able to edit the record and both users to simply be able to view/read all records.
If I change the permissions in the permission set to just read/create then both users can create new records but none of them can edit any of the records, not even the ones created by the same user. I have read online that the owner of records can always edit them but I can't seem to figure out how to achieve that without every other user also having edit rights.
I've been trying to figure this out for over a week now and have not got very far with it, any help at all would be amazing, thank you.
Is your Custom Object set to "Private" in the Organisation Wide Defaults? That should give the owners of the record edit rights.
https://help.salesforce.com/apex/HTViewHelpDoc?id=admin_sharing.htm&language=en
Thanks
Iain
The object was not currently set to private, although I had tried that already. When it's set to private it doesn't really have any effect on who can edit the record, only who can see it. The object permissions under permission sets seems to have more control. If the object permissions are only set to read and the OWD is set to private, then only the user who created the record can see it, but can't edit it. If I then set it to read/write then the creater can then edit records it has created but other user can't read (browse) them. If I set the object permission (permission set) to 'view all' then the users can browse records they haven't create but they can also edit them. If I then turn off edit permission (permission set) then the creater can no longer edit the record either. It seems like I have tried every combination of permission settings (permission sets, profiles, etc.) but I just can't get it to do what I need it to do.
My end game is to have 2 custom objects, lets call them articles and replies. Replies are related to articles. All users of the custom app can read/browse all the articles and create new ones (and edit any one they have created). They can then also create a 'reply' for any article (created by anyone). Any user at any time should only be able to read all articles, any replies they have created, and any replies that are related to an article they created.
At the moment though, I can't even have a single basic custom object that users can create records for and that all users can view/browse all the records but only edit ones they have created, let alone multiple/related objects. It seems like such a fundamentally basic idea but I just can't get it to work at all in salesforce.
Thanks again.
Sounds like the actual object setting is set to Read on the user's profile. I'd also check the security setting on both Articles and Replies. If Replies is linked to Articles then it may be inheriting the permissions from the parent.
http://salesforce.stackexchange.com/questions/1578/record-owner-cannot-edit-record
I also found this thread which seemed to cover a similar situation.
https://success.salesforce.com/answers?id=90630000000i5ucAAA
Thanks
Iain
However I had already came across those links previously (like I said, I've been working on this for over a week) and none of them helped at all. Also it isn't a problem with inheriting from the parent as I have the exact same problem if I create a brand new object which has only the name field (no custom fields or anything else). If a user creates a record of this object I have the same issues as described previously.
I was thinking though over the weekend, maybe it has something to do with that all the users are ones I created under my developer account and the permissions are set for my account/org and so therein all the created users and thats why I can't have seperate permissions for each created user. How does all this work when the custom app is packaged and used by other people/orgs? How can I test how the custom app will actually work outside of my developer account?
Sorry but I'm new to salesforce development and I just can't seem to get my head around how these permissions work at all.