Skip to main content

Access Concept in Salesforce


Access is probably the most interesting and important concept in Salesforce.


Access can be Organization level , Object level , Field level and Record level.
Objects in Salesforce are basically similar to Tables in any RDBMS databases (Same as entity). Objects have fields (many). Fields are similar to Columns in RDBMS. Records are  similar to records (Simple!)

So remember:

1.Object ðŸ¡’  Table
2. Field ðŸ¡’  Column
3. Record ðŸ¡’  record
Shown below: An object can have many fields and records


Object Access:  Profiles and Permission Sets control the user's access to an object. An object can standard or custom, it is applicable to both. Profiles provide 'minimum baseline access' to all objects and fields.

Profiles:
1. Each SFDC user has to have a profile and there can be only ONE profile per user.
2. Profiles have multiple users assigned to them. Profiles are usually created by their function. Example a sales representative, call center agent, sales manager etc.
3. Profiles also control access to fields but do NOT control access to records.
4. There are 5 standard profiles:
   
  • Read Only
  • Standard User
  • Marketing User
  • Contract Manager
  • System Administrator
Normally admins clone these profiles and modify/customize them as per business needs.

5. Access to profiles: Setup>Quick search> Type Profiles
6. Profiles also control additional features like: allowed login times, App visibility (Apps are collection of objects working together as application) , tab visibility, record types etc.
7. For Objects, the access is in CRED form: Create, View (read), Edit and Delete. E.g. If your profile has a has edit setting for an object, you would have an ability to edit that record (unless that record does not belong to you, then there are further rules ...)

Permission Sets: Profiles provide 'minimum baseline access' to the objects. There are times when we need to give extra access or additional access for a specific person or specific group of people. There is also a use-case for granting additional access for specific times. We use Permission Sets to do that.



If a user has a permission in their base profile, you can’t remove it by assigning a permission set to that user. A permission can only ADD permissions. To take away a permission, you have to remove it from the user's base profile and from any permission sets the user may have.


Location: San Francisco, CA, USA

Comments

Post a Comment

Popular posts from this blog

Must Have Salesforce Tools

There are lot of tools available in the market to support Salesforce ecosystem. These tools will make your life easier if you work in the ecosystem 1. Login: As a developer, business user, analyst or architect you would need to login to multiple orgs and sandboxes to test out or develop or browse  Salesforce Logins: It is a chrome extension. You can add an account, import/export logins. It is convenient not to remember passwords which keep on changing. You will find it here  2. Salesforce Inspector :  https://chrome.google.com/webstore/detail/salesforce-inspector/aodjmnfhjibkcdimpodiifdjnnncaafh?hl=en
Post a Comment
Read more