function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
pintoo rajputpintoo rajput 

Role Hierarchy setting. Please explain all three setting

1-Opportunity Access Users in this role cannot access opportunities that they do not own that are associated with accounts that they do own
2-Users in this role can view all opportunities associated with accounts that they own, regardless of who owns the opportunities
3-Users in this role can edit all opportunities associated with accounts that they own, regardless of who owns the opportunities

Best Answer chosen by pintoo rajput
NagendraNagendra (Salesforce Developers) 
Hi Pintoo,

Understanding Security and Sharing can be complex.   I wanted to share these AMAZING Salesforce videos that answered all of my question in Security, Sharing, Profiles, and Roles.  Please checkout the 9 videos that walk you through all of these features (I recommend taking notes) at:

http://www.salesforce.com/_app/video/Who_Sees_What/Who_Sees_What_Overview_video.jsp

Another best practice, that really helped me, was to make the object private (Opportunities, for example) and then slowly add back access via profiles, roles, etc.   Be sure to test as you go along for each change.  This really works and the videos were AWESOME, you've got to check them out!

I totally get that this part can be a little confusing.  I find myself reading the lines carefullly each time as well.  These questions really are about what happens if they own the account > should they be able to see/edit any associated Cases/Contacts/Opportunities or not.  If no, then you are fine with your question from above.

These settings are very much about their specific accounts, they do not roll up or down the hierarchy.

This is a good one to bookmark as well because looking the other way doesn't always hold true.  The owner of a contact can always see the account
https://help.salesforce.com/HTViewHelpDoc?id=sharing_across_objects.htm&language=en_US

If in doubt, go for a good walkthrough using log-in as other users and the sharing button in a sandbox.  You can get a lot more comfort spending 30min doing this with some test data than you can trying to wrap your head around an explanation from someone else.  Honestly it's true, I've been there.

Here are a few screenshots I'm stealing instead of creating my own from Shell Black, who has some great information there
http://www.shellblack.com/administration/testing/

He doesn't go into the Expand List, but that's a way you can see all users who have access as well.  Beside each one will by a "Why?" button that will tell you the reason they have access.  The Share Button is a great resource for figuring that stuff out, and sometimes the only way to make sense of it in a short amount of time.

Please mark this as best answer if it helps.

Best Regards,
Nagendra.P