Role Hierarchy,Sharing Rules and Manual Sharing with Scenarios

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi everyone my name is Chacon today we are going to learn roles sharing rules manual sharing in Salesforce we'll go through some real-time scenarios to have a better understanding this is second and final part in the security model series we have already covered owt and profiles in the first part by end of this video you will be able to understand the concepts of roles sharing rules and manual sharing and you will also understand when and how to choose so level hierarchy sharing rules manual sharing for any given scenario as you already know there are multiple ways to provide security as I have mentioned in part 1 there is over WDN profiles and we also have role hierarchy sharing rules and manual sharing so order Union profile is mandatory for any of this system so if you log in definitely what ability will be having set to private publicly or publicly don't be and profile will be setting with read create edit delete options as per the requirement so these are quite mandatory then why do we have role hierarchy sharing rules and manual there are some scenarios where owd and profile cannot fit into the requirement that our client is asking so we'll see those scenarios and will understand how row level had a key sharing rules and manual sharing will help us ok let's jump into a scenario we have three different users and the object is set to owd private and profile set to grid throughout this video we'll be seeing these similar users where the same profile will be set for all the users as soon as would ability set to private none of these users can see the records which are owned by others which means brands cannot bran cannot see BTS and Suchi records so she cannot see Betty and brand records Betty cannot see bran and Suchi records as profile is set to cred create read edit and delete each of them can perform a read operation edit operation delete operation on their own records and they can create new records except that they cannot see anyone sells records now the requirement here is as you see these red marks Betty wants to see the records owned by bran and Suchi because Brandon tsuchi our sales reps to baiting Betty wants to see the records which bran and Suchi are creating so in this kind of hierarchy level situation whenever there is a manager and subordinates kind of situation when our manager wants to see data which has been created by their subordinates we have something called rules if we implement roles in our arc obviously the supervisor will be able to see the subordinate records okay the role hierarchy settings help supervisor to see and edit the records who are below the hierarchy only thing we need to do is we need to set users in row level hierarchy as per our requirement I will show you how and we'll also need to grant hierarchal access in owd if you have watched the part one in this series I told you to remember about this point we need to grant access in order will do only then this gets applicable okay let's see how we'll create low role in hierarchy in this scenario so I have created three users as per our scenario manager make TD manager and there are two reps bran and switching so I did not assign any roles to these persons but we have a common football for all of them this common profile has a conveyor we will be dealing with account object so account object we I have you in all the kids operations now in sharing settings on account it is set to private which means bran cannot see Betty since uchi record switch she cannot see bran and Betty record right the beta cannot see Brandon switch you record and if you remember I was telling this access has to be checked only then row level hierarchy shearing will work if you uncheck the queue or uncheck this role hierarchy will not work now we'll just see how they are looking at the reports now I will open Peggy so if you see I have logged in with Betty here so I have three different windows login with three different people here I logged in as manager here and I created a my record under between em so manager Betty record as account is private she can only see her record she she cannot see switches and branch records now I will go and open run so if you see this is branch this is brands login and if you see I have created one more account under brand name but he is able to see his record not with the source which is recorded now I will show you the sushis credentials so I login and Suchi here and Suchi as a Reb she is and she has created one more record she can see only her record but not brands and bit is now now let's try to create roles I put these three people and then we'll assign those roles to these respective people how I will go to my system in Access this is my system in credential which are open in classic now I need to search Perl roles so currently there are no roles assigned to them and we haven't created any roles so I will go and create roles role installs and click on roles this is how you need to create roles and do not show this page again and set up profiles and expand on so for my scenario I will be creating all the roles under this CEO so all the roles which I create under here will be reporting to see whoa so I will make it as Manager Sales Manager and name will be auto-populated it's all about the operation in cases I will leave the default values click on 7 so we have 1 Sales Manager so I will create sales rep so Betty Betty sales manager and we have two sales rep so I will have each of them in two different sales of foundation sales rep India and since the POS so this sales up India has to report to sales manager here so we have sales myself busiest of India will be any persons who is part of who is the overall setup will be reporting to sales manager will leave the default census and we'll get one model and say let's wrap - us and it should be reporting to the same manager now if you can't save now we have created three roles we'll see how it is looking like the hierarchy we need to understand the hierarchy so I click on roles and if you see under sales manager there is sales rep and sales rep us so we'll assign our sales manager with Betty so click on assign and then get our beta user and assign it to this person and click on save so sales manager is being assigned with above Betty now we can also go and go to the users and we can change it I have a send it there if i refresh this page obviously I would be seeing a manager design side to this shot so I will assign it come here now so I will go to Brad and I will change the role to sales rep its Brown right so I will make it sale SEP us and we'll go back to the complete list again and then click Edit and we'll assign this Suchi user to sales up India okay now we have our roles properly set and we also have given the grant a hierarchy axes inaudible UT now the expectation is which belonging with manager Betty then you will be able to see brands the constants which she records will see where are you Betty where are you this is Betty will just refresh this yeah see very very easy this is how you can create it but this hierarchy will only work with things super your supervisor if I go to rep any of these two reps it shouldn't show the records so I will go to su Chi which who is a wrap I will refresh this page and should she should be still seeing only her the corn same applies for this q-tip the boy wrap brat click refresh and it should be still his record say roller hierarchy is very very easy there are two steps you need to set up the roles and assign those users to the roles and grant access in the hierarchy owt as simple as that role hierarchy is the easiest way to share records between manager and subordinates now scenario 2 so if you see will have the same or WDN profile settings the same profile is set to all the three users Betty Brown and Suchi if Betty wants to see implants and some cheese of course we have roads water brands all team member the cause has to be shared with sushi as they are in clear level role cannot help now if all brand teams report has to be shared with Swiss team the option is sharing rules this helps users to share records based on condition let's say the records which are how created where records created by brand has to be shared with a certain group onto a subset and group address at a role in this kind of situations we always need to go for sharing rules so in the examples share records of user of who is of role one has to be shared with users who is in role 2 and the other example share records of the users which are of role one to a particular group sharing rules usually gets applicable for roles groups and roles and subordinates okay now we'll go ahead and create sharing roads so to do that first we'll understand why we need to do it so manager can see manager but he can see branch and switches record now we'll try to create a sharing role where all the recalls that has been created with this particular role has to be shared with sales rep Ania let's say an example of Otto kind of things all the records of sales rep US team has to be audited by sales rep Enya which means all the existing records with sales rep US team has been created and all the new recalls that is a both to get created has to be shared with sales rep India team that is something which will look into it so I will go to sharing settings and if you scroll down you will be seeing the sharing rules so our WD and sharing rules will be there under sharing settings so I'll scroll down and we'll go to account because the account object is something which we are working on click on new and this is the interface so I will say share US records too Indian thing now we'll leave the default of rule type we'll need to share which record has to be shared the records of the role who aids in slap us so the records which has been created by the users who are part of the sales rep us has to be shared with whom we are trying to share with the sales reps of Indian team so we are trying to do this we will try to give just read-only access and we'll click on save now as soon as you do it a sharing rules will be sharing those would be run in the background it will take a little time to complete it so wrap bran bran is part of yes team so this record has to be shared with suchi here so you should be able to see his record now in his in the system because which is part of Indian team and the rep is a part of US team so yes team records has to be shown up in this Indian team now so I click on refresh it should be able to display it now see I can see it but the other way is not true so if I go here on that rep and i refresh this page I cannot see switches record now let me now will have another scenario where a new record has been created from this US team and it should be shown in Indian team now so I will make it rep brand record too until consume as soon as I click on save here sharing rules will run again and then it will be automatically shared with Indian team against I will go back to this sue Chitra credentials and click on refresh I should be able to see brand record two sharing rules will walk with the existing record and snoo records as well this is how you need to work on sharing rules now we'll go ahead with scenarios but he can see Branson's to cheetah courts but Beatty wants to share one of had record to share with plan and Suchi so just remember it's only one of her record if it is not just one record entities bunch of record and it has to be the every time then we can go ahead with sharing rules but if it is just only one record and that to unconditionally and it has to be shared with only couple of people then the answer is manual ship this helps users to share his or her reports to any user manually there will be a sharing button on the top where if you click on it it will ask for de use at FTP cell via snip and then you can share it examples are share record of mine to my colleague to walk on the lead as I will be only currently you can share your record you're pulling so that he or she can walk on it share my record with an expert who can work on the lead to close that in let's say I'm working on opportunity and it seems it is little bit challenging to me and there is Alden expert who has all dealt the same opportunity with the same customer will just pass it to a team member who is an expert here and then he can work on it so these are some of the examples for battleship ok now we'll see how to do manual sharing as we already know manager breaking can see plans record sense which is recorded but probabilities records can be only seen by her but not by have subordinates but let's say Betty is going on leave and then she wants to oh she wants her subordinates to walk on it how how this is her accounts page where she is having her record and these are the trade cons that has been shared by our loyal hierarchy now she wants to share her manager Becky record to the people but to do a manual sharing lightning it doesn't support that functionality so to share it manually we need to go back to classic and then we need to do it from there so switch to classic and then it will take us to the classic view and we need to select our respective record which we need to share it will take us to the detail page and you should be seeing this button this button will not be visible and lightning now now click on sharing and if you see this record is currently shared with only one person that is herself as she is owner now we'll try to add the other two users and scroll down and we select the users you can also share it based on roles and roles on subordinates 7 select reprimand reps uchi and then select them to the right side window and then make it just read-only and click on save now this record should be accessible to these two people but in read-only mode it is there if the reason is set to manual sharing now we will see whether it is working properly or not I will go back to ref ran and they refresh this and I should be able to see manage your bippy record I will see but it should be only into read-only more why because we have given the mode as read so I should not be saying see if I see edit button but I will not have access to change it updated and look on save it shouldn't allow me see insufficient access now I will go back to sushis credentials yeah and now I will be in touch the page again to see all my in shared passing manage a bit is record is part of it brands record on shared based on sharing roles manageability record has been shared based on manual sharing so click on Betty and even this person we shouldn't be able to edit it then click on save see insufficient access so this is how you can share records manually by giving read access or you don't read entity taxes and one last thing what if owd is set to public read/write there is no shearing required because once it is set to public read/write obviously all the people will be able to see all each other's records with didn't edit mode so there is no point of having this manual sharing concept or no level hierarchy concept I hope you might have understood what is low level hierarchy sharing manual sharing and sharing Hodes okay in summary if a supervisor wants to see his or her subordinate roles later then we need to choose roles so in this way we can have our subordinates data to be visible to us if data has to be shared between a person to person like a single record then we need choose for manual sharing let's say if sharing has to be done between set of users to set up users then we need to choose for sharing rules it can be one way or both the directions so if this kind of things has to been sharing rules has a better option okay quiz time in your are if were WD is set to private which means we cannot see the recalls on by others and profile is set to create credit really readily for every user I want all the records of ref users who are of the left team to share the records with thee another team so if a set of users records has to be shared with other team then what is the option the answer is sharing rule quiz time to n in your org if whatever you D is set to private and profile is set to cred I want all the records all subordinates to be accessed by supervisor then what is the security setting you will choose the answer is no level hierarchy as soon as you see the hierarchy and they were expecting the data visibility based on the hierarchy then immediately you need to choose role hierarchy for your requirement quiz tree in your arc if whatever you do is set to public you'd only and profile is set to cred Betty wants to share one of the records with switchy to edit so already it's public you know which means both of them can see all the records but Betty wants have records to be shared with suci to edit it so in this scenario what is the option the answer is manual sharing as soon as it suggests a single record made he can actually share it manually and that this is the last question but it is little tricky try to think an answer in your org if whatever it is set to public read/write and profile is said to cred I want Betty's records to be shared with Succi and ran it also Betty wants to share one record with Succi and bran how you will do it I am Telling You this is a tricky question try to read the question again and answer that this question is basically a combination of part 1 and part 2 videos and the answer is you don't need to share this why because owd set to public read/write makes everyone to see and edit each other scores as providers also set to crate and public read/write he's already said there is no need of sharing already sushi and ran will have the access and let's wrap up if you like this video give a thumbs up if you have any feedback comment down below practice practice practice happy learning and bye

Info

Channel: Salesforce Exclusive

Views: 35,498

Rating: undefined out of 5

Keywords: roles, sharing rules, manual sharing, role hierarchy, roles salesforce, sharing rules salesforce, manual sharing salesforce, salesforce security settings, owd, owd salesforce, profiles salesforce, data security, organization wide defaults, real time scenarios, salesforce sharing settings, object level security, record level security, organization level security, owd and profiles, owd and profiles in salesforce

Id: Xzm0EocL6KY

Channel Id: undefined

Length: 20min 9sec (1209 seconds)

Published: Fri Oct 04 2019