Declarative Sharing 2 of 3 Flashcards
Can be shared with users/ public groups / roles and territories and additional permission can be assigned to allow sharing of
reports and dashboard folders
Can be crated t osee a specific set of object records, filter by specific criteria and by owner
custom list views
Access levels of Viewer, Editor or Manager
Report or dashboard folders
manager level allows sharing
Access level oneself, all users and specific groups (i.e. public groups, roles, and roles and subordinates
List views
Threes types of List view charts
vertical bar
horizontal bar
donut
available for any list view except recently viewed
A report or dashboard can be share with _______ users, groups, roles or territories
25
A folder can be shared up to 500 segments through folder sharing Rest API
A list view needs to be created and made available to all the relevant sales users of the company and made available when they access records from the Account tab. These users are sales managers and those who are bellow them in the role hierarchy. What is a possible solution.
custom list view to display record which meet a specific criteria made visible to the sales managers ‘role and subordinates’
If the company uses communities, the list view would need to be made visible to a ‘role and internal subordiates’
When list views are made visible to certain roles which users also obtain access
those above them in the role hierarchy
Permission which allows a user to create, edit or delete public list views.
manage public list views
List views can be made visible to which user groups
user, public group, role, role and subordinates, territories
List view for a queue and made visible only to the queue members
Filter by owner = Queue name and visible to a public group where those user included in the public group are those users also users assigned to the queue
Permission which allows a user to see all the list view in salesforce
manage public list views
This access level allows a user to give others access to a report or dashboard folder
Manager
Permissions which allow a user to give access to a report or dashboard folder
manage reports in public folders and manage dashboards in public folders
Permission for access to public folders
view reports in public folders
Standard objects automatically provide access to records
owned by or shared with users below them in the role hierarchy
For which objects can access be enable by the role hierarchy
Custom objects
What the features can sharing be extended by the role hierarchy
sharing rules, public groups, and manual sharing
What impact does the role hierarchy have in saelsforce
determines users access to records and data in reports. It is used with sharing settings to determine levels of access to a salesforce organizations data
What is the purpose of the role in salesforce
users are assigned a role which controls access to records owned by users who are lower in the role hierarchy. They also determine access to cases, contacts and oppty
What setting is used to enable access from the role hierarchy on custom objects and public groups
grant access using hierarchy
When org wide defaults sharing settings for standard and custom objects are restrict
role hierarchy opens up RECORD access
For users with multiple access grants to a record what is the result
the access with the most permissive grant determine the record access for the user
Which type of sharing results in few sharing rows thus reducing the org’s record access data volumne
public groups
Groups of users that salesforce creates and manages internally to support various features and behavior, such as queues
System defined groups
why?
it allows the data that supports queues and personal and public groups coexit in the same database tables and unifies how SF manages the data. Mean access grants for a queue is the same as access gratns for a public group
What are the three group types in Salesforce
Indirect Members
Direct Members
Inherit record access from the groups of direct members and are assigned to manager roles
indirect members
Direct Members fall in three types
Role groups - direct members are those member assigned to the role the group represents
RoleAndSubordinates - direct members are those member assigned to the role the group represents or one of its subordinate roles
RoleAndInternalSubordinates-direct members are those assigned to the role the group represents, or one of the its non-portal subordinate roles.
When a record owner changes, how does this affect the sharing tables in salesforce
Salesforce deletes its associated sharing rows
with Manual row causes (.ie. manual share are reset and any sharing rules would be reset with only rules which apply with the new owner
What sharing occurs when the first member in a a new role owns any data
- ) SF arranges access to her data for all users in the hierarchy (indirect members of the role)
- ) Removes sharing to child records if the new member once as in another role
- ) Adds new shares to reflect the change in settings
- ) member owned any customer or partner portals - makes changes to group membership/ adjust shares that provide access in the hierarchy to records owned by or share to portal users.
Salesforce recalculates all sharing rules
that included an members old role and new role in the source group. specifically deletes all shares for the user’s records form the top of the role and all of its subordinates and depending on the sharing rules for accounts SF might also need to remove shares to the accounts child records
Additional the user above loose access through inheritance in the hierarchy - no updates to group membership or sharing tables are required.
Benefit of moving a role to another branch in the hierarchy results in
any portal accounts simple move along with their parent role and SF doesn’t have to change the related sharing; however Sf much do all the associated work for every user in the role being moved and for all their data.
Results of changing the owner of a portal account
SF is reparenting the portal roles associate with the account and adjusting sharing for all of the data associated with that portal account
ownership data skew
when a user owns more than 10k record of a single object
https://developer.salesforce.com/docs/atlas.en-us.draes.meta/draes/draes_tools_parallel_sharing_rule_recalculation.htm
