salesforce_security_impl_guide

More documents

Recommendations

Info

Securing and Sharing Data Criteria-Based Sharing Rules Overview Type Contact sharing rules Custom object sharing rules Lead sharing rules Based on Contact owner or other criteria, including contact record types or field values Custom object owner or other criteria, including custom object record types or field values Lead owner or other criteria, including lead record types or field values Set Default Sharing Access for Individual contacts and associated accounts Individual custom object records Individual leads Opportunity sharing rules Opportunity owner or other criteria, including opportunity record types or field values Individual opportunities and their associated accounts User sharing rules Group membership or other criteria, including username and whether the user is active Individual user records Note: • You can’t include high-volume portal users in sharing rules because they don’t have roles and can’t be in public groups. • Developers can use Apex to programmatically share custom objects (based on record owners, but not other criteria). This does not apply to User Sharing. Criteria-Based Sharing Rules Overview Criteria-based sharing rules determine whom to share records with based on field values in records. For example, let’s say you use a custom object for job applications, with a custom picklist field named “Department.” You can create a criteria-based sharing rule that shares all job applications in which the Department field is set to “IT” with all IT managers in your organization. Note: • Although criteria-based sharing rules are based on values in the records and not the record owners, a role or territory hierarchy still allows users higher in the hierarchy to access the records. • You can’t use Apex to create criteria-based sharing rules. Also, criteria-based sharing cannot be tested using Apex. • You can use the Metadata API to create criteria-based sharing rules starting in API version 24.0. • You can’t include high-volume portal users in sharing rules because they don’t have roles and can’t be in public groups. EDITIONS Available in: Professional, Enterprise, Performance, Unlimited, Developer, and Database.com Editions Accounts, Opportunities, Cases, and Contacts are not available in Database.com You can create criteria-based sharing rules for accounts, opportunities, cases, contacts, leads, campaigns, and custom objects. You can create up to 50 criteria-based sharing rules per object. • Record types • These field types: 50
Securing and Sharing Data Creating Lead Sharing Rules – Auto Number – Checkbox – Date – Date/Time – Email – Number – Percent – Phone – Picklist – Text – Text Area – URL – Lookup Relationship (to user ID or queue ID) Note: Text and Text Area are case-sensitive. For example, a criteria-based sharing rule that specifies “Manager” in a text field won’t share records with “manager” in the field. To create a rule with several common cases of a word, enter each value separated by a comma. Creating Lead Sharing Rules Lead sharing rules are based on the record owner or on other criteria, including record type and certain field values. You can define up to 300 lead sharing rules, including up to 50 criteria-based sharing rules. 1. If you plan to include public groups in your sharing rule, confirm that the appropriate groups have been created. 2. From Setup, click Security Controls > Sharing Settings. 3. In the Lead Sharing Rules related list, click New. 4. Enter the Label Name and Rule Name. The Label is the sharing rule label as it appears on the user interface. The Rule Name is a unique name used by the API and managed packages. 5. Enter the Description. This field describes the sharing rule. It is optional and can contain up to 1000 characters. 6. Select a rule type. 7. Depending on the rule type you selected, do the following: EDITIONS Available in: • Enterprise • Performance • Unlimited • Developer USER PERMISSIONS To create sharing rules: • “Manage Sharing” • Based on record owner—In the owned by members of line, specify the users whose records will be shared: select a category from the first drop-down list and a set of users from the second drop-down list (or lookup field, if your organization has over 200 queues, groups, roles, or territories). • Based on criteria—Specify the Field, Operator, and Value criteria that records must match to be included in the sharing rule. The fields available depend on the object selected, and the value is always a literal number or string. Click Add Filter Logic... to change the default AND relationship between each filter. Note: To use a field that’s not supported by criteria-based sharing rules, you can create a workflow rule or Apex trigger to copy the value of the field into a text or numeric field, and use that field as the criterion. 51
Page 1 and 2:
Security Implementation Guide Versi
Page 3 and 4:
CONTENTS Chapter 1: Security Overvi
Page 5 and 6: Contents Editing Lead Sharing Rules
Page 7 and 8: CHAPTER 1 Security Overview Salesfo
Page 9 and 10: Security Overview User Security Ove
Page 11 and 12: Security Overview Custom Permission
Page 13 and 14: Security Overview CAPTCHA Security
Page 15 and 16: Security Overview Auditing • Role
Page 17 and 18: Securing and Sharing Data Revoking
Page 19 and 20: Securing and Sharing Data Viewing P
Page 21 and 22: Securing and Sharing Data Cloning P
Page 23 and 24: Securing and Sharing Data App and S
Page 25 and 26: Securing and Sharing Data Working w
Page 27 and 28: Securing and Sharing Data Enable Cu
Page 29 and 30: Securing and Sharing Data Assigning
Page 31 and 32: Securing and Sharing Data Creating
Page 33 and 34: Securing and Sharing Data Editing P
Page 35 and 36: Securing and Sharing Data Searching
Page 37 and 38: Securing and Sharing Data Enable Cu
Page 39 and 40: Securing and Sharing Data Object Pe
Page 41 and 42: Securing and Sharing Data Comparing
Page 43 and 44: Securing and Sharing Data Setting F
Page 45 and 46: Securing and Sharing Data Working w
Page 47 and 48: Securing and Sharing Data Setting L
Page 49 and 50: Securing and Sharing Data Restricti
Page 51 and 52: Securing and Sharing Data Managing
Page 53 and 54: Securing and Sharing Data External
Page 55: Securing and Sharing Data Disabling
Page 67 and 68: Securing and Sharing Data Editing L
Page 69 and 70: Securing and Sharing Data Editing C
Page 71 and 72: Securing and Sharing Data Editing C
Page 73 and 74: Securing and Sharing Data Sharing R
Page 75 and 76: Securing and Sharing Data User Shar
Page 77 and 78: Securing and Sharing Data Sharing U
Page 81 and 82: Securing and Sharing Data Viewing A
Page 83 and 84: Securing and Sharing Data Granting
Page 85 and 86: Configuring Salesforce Security Fea
Page 95 and 96: CHAPTER 4 Enabling Single Sign-On S
Page 97 and 98: Enabling Single Sign-On • Before
Page 99 and 100: Monitoring Your Organization's Secu
Page 107 and 108:
Security Tips for Apex and Visualfo
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
INDEX A Access about 10 revoking 11
Page 115 and 116:
Index Profiles (continued) object p
show all

salesforce_security_impl_guide

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?