博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
043_关于Salesforce集中权限的解释
阅读量:5874 次
发布时间:2019-06-19

本文共 4997 字,大约阅读时间需要 16 分钟。

1.创建Object的时候,一定要选中Deploy,避免在All Tabs 中找不到

2.在Profile里,选择 Standart tab Setting、Custom tab setting,有三个值 tab off 、on 、hidden 

3.setting->App, 选中这个app需要由哪些object构成的,在选择需要访问这个app的profile 

集中访问级别:

1、OLS:Obejct Level Security  在Profile 中Standard/Custom Object Permission   Access Level :create delete update edit/Modified all ,view all

2、FLS:Filed Level Security  在Profile 中Standard/CustomField-Level Security 设置字段的访问权限

3、在object 中的指定filed中Field-Level Security for Profile 有两个按钮Set Field-Level Security(A)\View Field Accessibility(B) ,假如在A中针对一个profile设置了visible和read only,那么在B中显示的就是Read only;假如在A设置了read only,那么b显示的就是Hidden,  不好理解吧,那就从这两个按钮来理解,一个是Set的,一个是Set之后可以view的结果,慢慢体会

4、Pagelayout 中添加submit for approval,前提是在approve中有这个approve

5、Record Level Scurity:这部分请参照我之前的文章 http://www.cnblogs.com/bandariFang/p/6229476.html、http://www.cnblogs.com/bandariFang/p/5465612.html

 

Managing the Sharing Settings

Available in: Professional, Enterprise, Unlimited, Developer, and Database.com Editions

Teams are not available in Database.com

User Permissions Needed
To set default sharing access: “Manage Users”

AND

“Customize Application”

Using Salesforce, you can control access to data at many different levels. For example, you can control the access your users have to objects with user profiles. Within objects, you can control the access users have to fields using field-level security. To control access to data at the record level, use the sharing settings described below.

To view your sharing settings, click Your Name | Setup | Security Controls | Sharing Settings. You can either view all lists at once, or you can use the Manage sharing settings for drop-down list at the top of the page to view only organization-wide defaults and sharing rules for a selected object.

Organization-Wide Defaults

Your give you a baseline level of access for each object and enable you to extend that level of access using hierarchies or sharing rules. For example, you can set the organization-wide default for leads to Private if you only want users to view and edit the leads they own. Then, you can create lead sharing rules to extend access of leads to particular users or groups.

Sharing Rules

represent the exceptions to your organization-wide default settings. If you have organization-wide sharing defaults of Public Read Only or Private, you can define rules that give additional users access to records they do not own. You can create sharing rules based on record owner or field values in the record.

Tip
Sometimes it's impossible to define a consistent group of users who need access to a particular set of records. In those situations, record owners can use manual sharing to give read and edit permissions to users who would not have access to the record any other way. Although manual sharing isn't automated like organization-wide sharing settings, role hierarchies, or sharing rules, it gives record owners the flexibility to share particular records with users that need to see them.

Apex Managed Sharing

Apex managed sharing allows developers to . When you use Apex managed sharing to share a custom object, only users with the “Modify All Data” permission can add or change the sharing on the custom object's record, and the sharing access is maintained across record owner changes.

For more information on Apex managed sharing, see the .

Other Methods for Allowing Access to Records

In addition to sharing settings, there are a few other ways to allow multiple users access to given records:
Map category groups to roles
Control access to data categories by mapping them to user roles. See .
Queues
Queues help your teams manage leads, cases, service contracts, and custom objects. Once records are placed in a queue manually or through an automatic case or lead assignment rule, records remain there until they're assigned to a user or taken by one of the queue members. Any queue member or users above them in the role hierarchy can take ownership of records in a queue. Use to route lead, case, and custom object records to a group.
Teams
For accounts, opportunities, and cases, record owners can use teams to allow other users access to their records. A
team is a group of users that work together on an account, sales opportunity, or case. Record owners can build a team for each record that they own. The record owner adds team members and specifies the level of access each team member has to the record, so that some team members can have read-only access and others can have read/write access. The record owner can also specify a role for each team member, such as “Executive Sponsor.” In account teams, team members also have access to any contacts, opportunities, and cases associated with an account. Note
A team member may have a higher level of access to a record for other reasons, such as a role or sharing rule. In this case, the team member has the highest access level granted, regardless of the access level specified in the team.

转载于:https://www.cnblogs.com/bandariFang/p/7833332.html

你可能感兴趣的文章
Scrum实施日记 - 一切从零开始
查看>>
关于存储过程实例
查看>>
配置错误定义了重复的“system.web.extensions/scripting/scriptResourceHandler” 解决办法...
查看>>
AIX 7.1 install python
查看>>
PHP盛宴——经常使用函数集锦
查看>>
重写 Ext.form.field 扩展功能
查看>>
Linux下的搜索查找命令的详解(locate)
查看>>
福利丨所有AI安全的讲座里,这可能是最实用的一场
查看>>
开发完第一版前端性能监控系统后的总结(无代码)
查看>>
Python多版本情况下四种快速进入交互式命令行的操作技巧
查看>>
MySQL查询优化
查看>>
【Redis源码分析】如何在Redis中查找大key
查看>>
关于链接文件的探讨
查看>>
android app启动过程(转)
查看>>
Linux—源码包安装
查看>>
JDK8中ArrayList的工作原理剖析
查看>>
安装gulp及相关插件
查看>>
如何在Linux用chmod来修改所有子目录中的文件属性?
查看>>
Applet
查看>>
高并发环境下,Redisson实现redis分布式锁
查看>>