General execution steps in any Real Time Project
- First we create Apps, Objects, Fields and Relationships.
- Then will make OWD (Org Wide Default) as Private. 99% of projects we make this OWD as Private.
- Create Profile based on the client requirement.
- We will give the basic fundamental access that is CRED/CRUD (Create, Read, Edit/Update/Delete) access on which the particular profile needs to work.
- Also give access to App, Tab etc.
- Then work on Login Hours, IP Ranges at the Profile level
- Create users as per the information given by the client.
- Add users into that profile.
- Done
Scenarios on OWD VS Profile
Object: Student
Users in the Profile : User A and User B
Scenario 1:
OWD: Set to Private
Profile: The user has CRED access and View All and Modify All is not given.
Question: What User A can do with User B’s data?
Answer: User A cannot see and edit the records of User B.
Explanation:
To have access to others records, first the user needs to have access to his own record. Here in this case it is given (CRED=Yes). To see or edit the records of other users in that profile the user needs to have View All and Modify All access. In this case it is not given. (VA=No and MA = No). Then it will check in OWD. There also it is restricted. (OWD = Private). Hence User A cannot see or edit the records of User B.
Scenario 2:
OWD: Public Read Only
Profile: The user has CRED access and VA ,MA are absent.
Question: Can User A see the records of User B?
Answer: Yes, user A can see the records of User B.
Explanation:
Though we have not given View All access at Profile level, OWD was set to Public Read Only hence with that permission User A can see the records of User B.
Scenario 3:
OWD: Public Read Write
Profile: The user has CRED access and VA ,MA are absent.
Question: What can User A do with the records of User B?
Answer: User A can see and edit the records of User B.
Explanation:
There is no access to others records at Profile level (VA/MA = No) then it will check in OWD. It is given as Public Read Write. Hence User A can see and edit the records of User B
Scenario 4:
OWD: Private
Profile: The user has CRED and VA ,MA access.
Question: What can User A do with the records of User B?
Answer: User A can see and edit the records of User B.
Explanation:
First we have to check the permission at the Profile level. It is given access to see and edit the records of the others. Hence we need not bother about what’s there in OWD.
Scenario 5:
OWD: Private
Profile: The user has CRED access and VA ,MA are absent.
Question: What can User A do with the records of User B?
Answer: User A can’t see and edit the records of User B.
Explanation:
There is no access to see and edit the records of the other users in that profile. (VA: No, MA: No). Then Salesforce will check the permission in OWD. It is Private. Hence User A can’t see and edit the records of User B.
Scenario 6:
OWD: Public Read Write
Profile: The user has no CRED, VA ,MA access.
Question: What can User A do with the records of User B?
Answer: User A cannot see and edit the records of User B
Explanation
To have access to others records, first the user needs to have access to his own records. That is the first fundamental access the user needs to have. That is missing at the profile level. Hence he can not see and edit his own records as well as User B’s records.
Think Salesforce, Think Cloudely
At Cloudely, we deliver everything Salesforce. From Implementations to Support, Managed Services, Training and Staffing, Think Cloudely for Salesforce A-Z requirements.
Explore our online Salesforce training programs.
Found this article informative? Share this article.
Looking for expert answers to Salesforce questions? Send them to salesforce@cloudely.com. Our Salesforce experts will answer your queries.