4. Controlling Access to Records Flashcards Preview

DEX-403 > 4. Controlling Access to Records > Flashcards

Flashcards in 4. Controlling Access to Records Deck (18)
Loading flashcards...
1
Q

What are the levels of Record Access?

A

No Access
Read-Only - view
Read/Write - view, edit
Full Access - view, edit, transfer ownership, delete, share

2
Q

Profile vs Record Access

A

Profile & Permission Sets

  • Control access to objects (positions)
  • Control access to fields (min pay)

Ownership & Sharing
- Controls access to records (Joe)

profile might specify that a user can see a position, but the sharing model determines WHICH positions the user can see

3
Q

What is record ownership?

A

allows you to specify which users or types of users should be able to access specific records or types of records

owners have Full Access

4
Q

What is a Queue? Give an example of it.

A

A queue is a collection of users that can take ownership of a record.

example: ubereats where there are a queue of drivers and whoever claims your “order” first is the one that will be responsible for fulfilling it.

5
Q

What are the Organization-Wide Defaults (OWD)?

A

Security setting defining the baseline access to data records.

  • Public read/write
  • Public read-only
  • Private
6
Q

What are some things to consider for OWD?

A

Need to consider who should be able to read/edit the data. If everyone is allowed to view X data, then X should be “public-read only”. However, if only HR should be able to see X than it should be “private”.

7
Q

What are Roles and Role Hierarchy?

A

Roles control the level of visibility to each data. Each User has at most one role.

Role Hierarchy controls data visibility through the sharing model. Sharing rolls up the hierarchy unless disabled in OWD.

8
Q

How does sharing roll up the Role Hierarchy?

A

Any subordinates will be inherited by their superiors so that each superior has at least the record access of their subordinates.

9
Q

How is data visible in the Role hierarchy?

A

Role Hierarchy controls data visibility through the sharing model. Sharing rolls up the hierarchy unless disabled in OWD.

10
Q

What are Public Groups?

A

Public groups are a way of grouping users together for access. Every organization has a default public group that includes all users.

  • Can be used to give access to folders, share files and libraries, or provide access to a queue
  • Public groups can be any combo of: users, roles, roles & subordinates, public groups
11
Q

What are Sharing rules?

A
  • Exceptions to org-wide defaults
  • Access granted via sharing rolls up through the hierarchy
  • Irrelevant for public data access models
12
Q

Two types of Sharing Rules

A

Owner-based - opens access to records owned by certain users

example) need to see opportunities owned by sales managers in a different region.

Criteria-based - open access to records that fall under a certain criteria

example) just share data in which Position is manager

13
Q

What is Manual Sharing?

A

Allows users to decide record-by-record how they want to share (Read or Read/Write). To enable this the “Sharing” button must be on the Page Layout for the object.

14
Q

Who can implement manual sharing?

A

It can be implemented by any user with Full Access to the record.

15
Q

What is Team Sharing?

A

Only for Accounts, Opportunities, and Cases

16
Q

What is Flow Sharing?

A

Automates sharing declaratively when requirement goes beyond what you can do with a sharing rule

17
Q

What is Apex Sharing?

A

Automates sharing programmatically when requirement goes beyond what you can do with a sharing rule

18
Q

What are some ways you can access records you don’t own?

A
Role Hierarchy (vertical access)
Sharing Rules (horizontal access)
Manual & Team Sharing
Automated Sharing (Apex & Flow)