官术网_书友最值得收藏!

Object-Level Security (OLS)

The first level of access type is Object-Level Security (OLS), as we saw previously on the profile edit page:

These kinds of operations are usually referred to as CRUD operations:

  • Create
  • Read
  • Update (or Edit)
  • Delete

Some of them respect sharing configurations while some do not:

  • Read: Users can view records of this type if the sharing settings allow them to (sharing respected).
  • Create: Users can create and view records (sharing respected regarding the read operation); that is, you cannot have Create without Read enabled.
  • Edit: Users can edit and read records (sharing respected); there can be no Edit without Read.
  • Delete: Users can read, edit, and delete records (sharing respected); there can be no Delete without Read and Edit.
  • View All: Users can see all the records of this object and thus sharing is not respected.
  • Modify All: Users can read, edit, delete, transfer, and run approval on all the records of this object, thereby overriding the sharing settings.

View All and Modify All work like the View All Data and Modify All Data user permissions on profiles, but there should be a better alternative to convey better access granularity to records.

Object accessibility causes the object's tab to be visible to a given user.

View All Data and Modify All Data permissions should be granted to administrators only as they should be the only ones who can view every record in your organization.
主站蜘蛛池模板: 大足县| 铁岭市| 奉贤区| 阿克苏市| 苏尼特右旗| 东乌珠穆沁旗| 江门市| 闽清县| 铜川市| 西乡县| 富平县| 屯门区| 新泰市| 红河县| 汨罗市| 容城县| 蓝田县| 于都县| 双桥区| 十堰市| 吴江市| 大冶市| 漳平市| 泸水县| 水城县| 桑日县| 安泽县| 汽车| 尚义县| 乳源| 泰兴市| 冀州市| 育儿| 黔西| 电白县| 集安市| 介休市| 银川市| 三原县| 江达县| 乌拉特前旗|