/
Sharing Settings

Sharing Settings

Owned by Tim Sweeney
Last updated: 12 Jul 2023 by Matt Romeo
6 min read

In this article:

Organisation-Wide Defaults, Sharing Rules & Profiles define how records are accessed and shared across user groups in the My Supports Salesforce environment.

ACCESSING SHARING SETTINGS

Sharing Settings can be accessed via the Setup Menu. Here you will find Organisation-Wide Defaults and Sharing Rules for each data object.

SHARING CONSIDERATIONS

  • Organisation-Wide Defaults (OWD) define the base level of access for a record in Salesforce. The most common access levels:

    • Private - means the record cannot be seen by users other than the Owner unless Sharing Rules are applied.

    • Public Read/Write - means the record can be accessed and edited by all users with Profile permissions to the object.

    • Public Read Only - means the record can be accessed by all users with Profile permissions to the object.

    • Controlled by Parent - means record sharing is governed by the parent record via a Master-Detail relationship.

    • Grant Access Using Hierarchies - means the record will be shared via the Role Hierarchy.

  • Profiles define who has access to an object and govern read/write access before sharing rules are applied.

    • View All and Modify All access to an object will give a user access to all records from that object regardless of Sharing Rules.

  • Roles are assigned to Users to define the area that they have access to in the data and to define where the user sits in the access hierarchy.

    • The role access hierarchy will allow users who sit higher in the hierarchy to see data created by their subordinates.

  • Public Groups are assigned multiple Roles and are used in the Sharing Rules to define data access. By using Public Groups in Sharing Rules, we allow Roles to be inherited automatically into sharing and we allow individual users to be assigned to the Public Group if individualised sharing is required.

SHARING SUMMARY

OBJECT

OWD

PROFILE

SHARING RULE

OBJECT

OWD

PROFILE

SHARING RULE

Account

Public Read/Write

 

 

Contact

PRIVATE

 

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Work Order

PRIVATE

 

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Opportunity

PUBLIC READ ONLY

 

 

Service Agreement

Public Read/Write

 

 

Agreement Item

Public Read/Write

 

 

Service Appointment

PRIVATE

 

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Person Note

PRIVATE

 

Shared based on Public Group in parent regions (NSW NORTH, NSW SOUTH, SA, VIC WA EAST, WA NORTH, WA SOUTH).

Document

PRIVATE

 

 

Document Type

Public Read/Write

 

 

Plan

CONTROLLED BY PARENT

READ ONLY EXCEPT FINANCE

 

Service Booking

CONTROLLED BY PARENT

READ ONLY EXCEPT FINANCE

 

Booking Item

CONTROLLED BY PARENT

READ ONLY EXCEPT FINANCE

 

Support Item

Public Read/Write

READ ONLY EXCEPT FINANCE

 

Time Sheet

PRIVATE

 

 

Time Sheet Entry

CONTROLLED BY PARENT

CREATE ONLY EXCEPT FINANCE

 

Invoice

Public Read/Write

CREATE ONLY EXCEPT FINANCE

 

Invoice Line Item

Public Read/Write

CREATE ONLY EXCEPT FINANCE

 

Goal

Public Read/Write

Public Read/Write

 

Product

Public Read/Write

READ ONLY EXCEPT FINANCE

 

Price Book

Public Read/Write

READ ONLY EXCEPT FINANCE

 

CONTACT SHARING

The Organisation-Wide Default for Contact is set to Default Internal Access = Private and Default External Access = Private.

Internal Access refers to standard Salesforce users (or head office staff).

External Access refers to portal/FSL app users (or support workers).

This means:

  • If you’re not the Owner of a Contact Record it needs to be shared with you, either via a Contact Sharing Rule or a manual sharing rule.

    • We use Contact Sharing Rules to control access for standard Salesforce users (head office staff).

    • We use manual sharing rules to control access for Support Workers, when a Service Appointment is assigned to a Service Resource we share the related Contact.

  • If a Contact is shared to a User who is lower in the Role Hierarchy, the Users higher in the hierarchy will also be shared to this Contact.

The Contact Sharing Rules configured:

  • Staff Contacts are shared with all internal and external users.

    • The fields accessible on a Staff Contact Record are defined in the Field Level Security for the Contact object.

    • Client Contacts are shared based on User Role.

      • System Admins and similar profiles (where Contacts View All or Modify All = TRUE) will have access to all Client Contacts.

      • Finance has access to all Client Contacts.

      • All other User Roles share Client Contacts based on Service Territory.

        • A Public Group is configured for each My Supports Service Territory.

        • Users are automatically assigned to the Public Group based on the Role they are assigned.

        • Based on the Owner of the Contact Record, it will be shared with other Users who are in the same Public Group.

Updating the Contact Owner will update the sharing if the User has a different Role assigned.

 

PERSON NOTE SHARING

The Organisation-Wide Default for Person Note is set to Default Internal Access = Private and Default External Access = Private.

Person Note Sharing Rules are based on the User creating the Person Note and the attributes assigned to the Person Note Record.

Key sharing rules:

  • If Confidential Note = TRUE, then only the owner of the Person Note will be able to see the record as well as Users higher in the Role Hierarchy.

  • If Category = Support Coordination, then only Support Coordinators in the same Public Group will be able to see the Person Note Record.

  • The Sharing Group is a read-only field which will be updated on submission based on the User creating the record.

WORK ORDER & SERVICE APPOINTMENT SHARING

The Organisation-Wide Default for Work Order and Service Appointment is set to Default Internal Access = Private and Default External Access = Private.

Similar to Contact Sharing, Work Order & Service Appointment Sharing Rules are configured based on the Owner of the Work Order.

  • When a Support Worker is assigned to a Work Order and Service Appointment then the records will be shared with them.

  • Support Coordination Work Orders & Service Appointments are only available to the Support Coordinator Users in the specified Service Territory.

On the assumption that schedulers will be creating Work Orders and Service Appointments for their specific Service Territory, they will become the Owners of these records which facilitates the sharing configuration.

SUPPORT COORDINATION SHARING

Support Coordinators are assigned to their own section in the Role Hierarchy which is used to control access to records specific to Support Coordination.

  • Support Coordinator Group is assigned to a Contact Record and then all related Support Coordination Records (Person Notes, Work Orders, Documents) are also shared using the same Support Coordinator Group.

DOCUMENT SHARING

The Organisation-Wide Default for Document is set to Default Internal Access = Private and Default External Access = Private.

Document Records are shared to Users based on the Document Type that has been assigned to the Document.

 

Related content

Go-Live: Users Access
Go-Live: Users Access
My Supports Knowledge
More like this
Support Coordination Sharing
Support Coordination Sharing
My Supports Knowledge
More like this
FSL - User Configuration
FSL - User Configuration
My Supports Knowledge
Read with this
Roles
Roles
My Supports Knowledge
More like this
Service Resource Skills
Service Resource Skills
My Supports Knowledge
Read with this
Roles
Roles
Direct Care Resources
More like this