Versions Compared

Version Old Version 1 New Version Current
Changes made by

Tim Sweeney

Matt Romeo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this article:

Table of Contents
Info

Organisation-Wide Defaults, Sharing Rules & Profiles define how records are accessed and shared across user groups in the My Supports Salesforce environment.

ACCESSING SHARING SETTINGS

Sharing Settings can be accessed via the Setup Menu. Here you will find Organisation-Wide Defaults and Sharing Rules for each data object.

...

SHARING CONSIDERATIONS

  • Organisation-Wide Defaults (OWD) define the base level of access for a record in Salesforce. The most common access levels:

    • Private - means the record cannot be seen by users other than the Owner unless Sharing Rules are applied.

    • Public Read/Write - means the record can be accessed and edited by all users with Profile permissions to the object.

    • Public Read Only - means the record can be accessed by all users with Profile permissions to the object.

    • Controlled by Parent - means record sharing is governed by the parent record via a Master-Detail relationship.

    • Grant Access Using Hierarchies - means the record will be shared via the Role Hierarchy.

  • Profiles define who has access to an object and govern read/write access before sharing rules are applied.

    • View All and Modify All access to an object will give a user access to all records from that object regardless of Sharing Rules.

  • Roles are assigned to Users to define the area that they have access to in the data and to define where the user sits in the access hierarchy.

    • The role access hierarchy will allow users who sit higher in the hierarchy to see data created by their subordinates.

  • Public Groups are assigned multiple Roles and are used in the Sharing Rules to define data access. By using Public Groups in Sharing Rules, we allow Roles to be inherited automatically into sharing and we allow individual users to be assigned to the Public Group if individualised sharing is required.

SHARING SUMMARY

OBJECT

OWD

PROFILE

SHARING RULE

Account

Status
colourGreen
titlePublic Read/Write

Contact

Status
colourRed
titlePRIVATE

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Work Order

Status
colourRed
titlePRIVATE

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Opportunity

Status
colourYellow
titlePUBLIC READ ONLY

Service Agreement

Status
colourGreen
titlePublic Read/Write

Agreement Item

Status
colourGreen
titlePublic Read/Write

Service Appointment

Status
colourRed
titlePRIVATE

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Person Note

Status
colourRed
titlePRIVATE

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Document

Status
colourRed
titlePRIVATE

Document Type

Status
colourGreen
titlePublic Read/Write

Plan

Status
colourYellow
titleCONTROLLED BY PARENT

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

Service Booking

Status
colourYellow
titleCONTROLLED BY PARENT

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

Booking Item

Status
colourYellow
titleCONTROLLED BY PARENT

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

Support Item

Status
colourGreen
titlePublic Read/Write

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

Time Sheet

Status
colourRed
titlePRIVATE

Time Sheet Entry

Status
colourYellow
titleCONTROLLED BY PARENT

Status
colourYellow
titleCREATE ONLY EXCEPT FINANCE

Invoice

Status
colourGreen
titlePublic Read/Write

Status
colourYellow
titleCREATE ONLY EXCEPT FINANCE

Invoice Line Item

Status
colourGreen
titlePublic Read/Write

Status
colourYellow
titleCREATE ONLY EXCEPT FINANCE

Goal

Status
colourGreen
titlePublic Read/Write

Status
colourGreen
titlePublic Read/Write

Product

Status
colourGreen
titlePublic Read/Write

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

Price Book

Status
colourGreen
titlePublic Read/Write

Status
colourYellow
titleREAD ONLY EXCEPT FINANCE

CONTACT SHARING

The Organisation-Wide Default for Contact is set to Default Internal Access = Private and Default External Access = Private.

...

Info

Internal Access refers to standard Salesforce users (or head office staff).

External Access refers to portal/FSL app users (or support workers).

This means:

  • If you’re not the Owner of a Contact Record it needs to be shared with you, either via a Contact Sharing Rule or a manual sharing rule.

    • We use Contact Sharing Rules to control access for standard Salesforce users (head office staff).

    • We use manual sharing rules to control access for Support Workers, when a Service Appointment is assigned to a Service Resource we share the related Contact.

  • If a Contact is shared to a User who is lower in the Role Hierarchy, the Users higher in the hierarchy will also be shared to this Contact.

The Contact Sharing Rules configured:

  • Staff Contacts are shared with all internal and external users.

    • The fields accessible on a Staff Contact Record are defined in the Field Level Security for the Contact object.

    • Client Contacts are shared based on User Role.

      • System Admins and similar profiles (where Contacts View All or Modify All = TRUE) will have access to all Client Contacts.

      • Finance has access to all Client Contacts.

      • All other User Roles share Client Contacts based on Service Territory.

        • A Public Group is configured for each My Supports Service Territory.

        • Users are automatically assigned to the Public Group based on the Role they are assigned.

        • Based on the Owner of the Contact Record, it will be shared with other Users who are in the same Public Group.

...

Updating the Contact Owner will update the sharing if the User has a different Role assigned.

...

PERSON NOTE SHARING

The Organisation-Wide Default for Person Note is set to Default Internal Access = Private and Default External Access = Private.

...

Person Note Sharing Rules are based on the User creating the Person Note and the attributes assigned to the Person Note Record.

Key sharing rules:

  • If Confidential Note = TRUE, then only the owner of the Person Note will be able to see the record as well as Users higher in the Role Hierarchy.

  • If Category = Support Coordination, then only Support Coordinators in the same Public Group will be able to see the Person Note Record.

  • The Sharing Group is a read-only field which will be updated on submission based on the User creating the record.

...

WORK ORDER & SERVICE APPOINTMENT SHARING

The Organisation-Wide Default for Work Order and Service Appointment is set to Default Internal Access = Private and Default External Access = Private.

...

Similar to Contact Sharing, Work Order & Service Appointment Sharing Rules are configured based on the Owner of the Work Order.

  • When a Support Worker is assigned to a Work Order and Service Appointment then the records will be shared with them.

  • Support Coordination Work Orders & Service Appointments are only available to the Support Coordinator Users in the specified Service Territory.

Info

On the assumption that schedulers will be creating Work Orders and Service Appointments for their specific Service Territory, they will become the Owners of these records which facilitates the sharing configuration.

...

SUPPORT COORDINATION SHARING

Support Coordinators are assigned to their own section in the Role Hierarchy which is used to control access to records specific to Support Coordination.

  • Support Coordinator Group is assigned to a Contact Record and then all related Support Coordination Records (Person Notes, Work Orders, Documents) are also shared using the same Support Coordinator Group.

...

DOCUMENT SHARING

The Organisation-Wide Default for Document is set to Default Internal Access = Private and Default External Access = Private.

Info

Document Type is a read-only object for all standard users.

...

Document Records are shared to Users based on the Document Type that has been assigned to the Document.