官术网_书友最值得收藏!

Object-Level Security (OLS)

The first level of access type is Object-Level Security (OLS), as we saw previously on the profile edit page:

These kinds of operations are usually referred to as CRUD operations:

  • Create
  • Read
  • Update (or Edit)
  • Delete

Some of them respect sharing configurations while some do not:

  • Read: Users can view records of this type if the sharing settings allow them to (sharing respected).
  • Create: Users can create and view records (sharing respected regarding the read operation); that is, you cannot have Create without Read enabled.
  • Edit: Users can edit and read records (sharing respected); there can be no Edit without Read.
  • Delete: Users can read, edit, and delete records (sharing respected); there can be no Delete without Read and Edit.
  • View All: Users can see all the records of this object and thus sharing is not respected.
  • Modify All: Users can read, edit, delete, transfer, and run approval on all the records of this object, thereby overriding the sharing settings.

View All and Modify All work like the View All Data and Modify All Data user permissions on profiles, but there should be a better alternative to convey better access granularity to records.

Object accessibility causes the object's tab to be visible to a given user.

View All Data and Modify All Data permissions should be granted to administrators only as they should be the only ones who can view every record in your organization.
主站蜘蛛池模板: 浦县| 大连市| 昌黎县| 登封市| 壤塘县| 靖边县| 黄平县| 南乐县| 文水县| 工布江达县| 黑山县| 泊头市| 泽库县| 曲靖市| 长海县| 寻甸| 沐川县| 礼泉县| 宁陕县| 沛县| 平泉县| 永昌县| 萝北县| 高清| 雷州市| 寻甸| 东山县| 定边县| 大城县| 舒城县| 岫岩| 仪陇县| 山丹县| 德格县| 班戈县| 盐池县| 建昌县| 建始县| 兴安县| 天等县| 九寨沟县|