What does Public Read/Write access mean for a user? This means all users can view and edit all records for that object, but only when the user has permission to access the object (minimum read access). The object permission can be set in Profile or Permission Set assigned to the user.
For example, if Tom is the owner of Trident Inc.'s record, all users can view and edit it. However, only Tom can change the owner or delete (if he has Delete permission given via Profile or Permission Set) the Trident Inc. record.
Scenario:
1. User Profile (and Permission Set) does not have access to the object
- Unable to access any records
- Unable to own records from the object
2. User Profile (or Permission Set) has Read access to the object
- Able to own records
- Able to access records owned by any users
3. User Profile (or Permission Set) has Edit access to the object
- Able to own records
- Able to edit records owned by any users
- Not able to change record owner, only record owner (and users above the role hierarchy if Grant Access Using Hierarchies is enabled for custom objects; Grant Access Using Hierarchies is always enabled for standard objects)
4. User Profile (or Permission Set) has Create access to the object
- Read access will be auto-enabled
- Able to create records
5. User Profile (or Permission Set) has Delete access to the object
- Read and Edit access will be auto-enabled
- Able to delete records owned
- Delete permission does not roll up to users above the role hierarchy; even the Grant Access Using Hierarchies is enabled
So, in other words, View All permission is replaced with Read permission, while Edit All permission is replaced by Edit permission.
Note: Profile permission access does not roll up to user by Role Hierarchy
Reference:
No comments:
Post a Comment