Embed Size (px)
DESCRIPTION
Citation preview
www.vrpinc.com
Management of Access Level &
Sharing Model
Goshko Dmitry
Haritonovich Igor
www.vrpinc.com
Security Overview in Salesforce.
Access to data and functionality is primary comprised of the following:
•Organization Security•Object Security•Record Security•Field Security•Folder Security
www.vrpinc.com
Organization Security.
Org-level permissions determines under what conditions a user can login to Salesforce:
•When users can login (Login Hours)•Where users can login from (Login IP ranges)•How users can login (API, UI, ect.)
www.vrpinc.com
Profiles.
A profile is a collection of permissions and settings that is instrumental in determining a user’s functional access, how information is displayed to the user, and a wide range of other permissions.
www.vrpinc.com
Object Security.
Object-level permissions determines what actions (CRUD) a user can perform on records of each object.
www.vrpinc.com
Record Security.
There are 3 tiers of record-level permissions:
•Read Only•Read/Write•Full Access
www.vrpinc.com
Field-Level Sequrity.
Field-level permissions determines which fields a user can view and edit on record:
•Visible•Read-Only
The combination of settings:
www.vrpinc.com
Folder Security.
Folders are used to secure a variety of data within Salesforce, including but not limited to:
•Report•Dashboards•Email Templates•Documents
www.vrpinc.com
Roles.
The role hierarchy provides a framework to structure access to record and folders in your organization.
www.vrpinc.com
Permission Sets.
Permission sets are optionally assigned to a user to grant them privileges in addition to their profile.
•Permission sets can only grant (not revoke) privileges.•Permission sets are optional, and a user can be assigned more than 1 permission set (a user is assigned zero to many permission sets).•The profile controls some elements (e.g. page layout assignment) that a permission set cannot influence.
www.vrpinc.com
Sharing Model in Salesforce.
- Различия между with sharing и without sharing классами.- Влияние __Share на UserRecordAccess.
- UserRecordAccess как сервисный слой доступ к записям.- Sharing и лицензии Salesforce.
- Primary и secondary Master-Detail и Sharing.- Эмуляция with sharing класса , в without sharing.
- Создание и редактирование Share записей.
www.vrpinc.com
Sharing Model in Salesforce.
www.vrpinc.com
Sharing Model in Salesforce.
www.vrpinc.com
Sharing Model in Salesforce.
www.vrpinc.com
Sharing Model in Salesforce.
www.vrpinc.com
Thank you for your attention
