Security Model

[Khandagale-Saurabh]

1] Org Level Security

A]Network Acess: trusted ip setup who can login or not B] Password Policys: password exipes ,length C] bussines hours: 8am to 6pm after no can login => business hours seach D] Who can login : if user is active then able to login or else not able to login [setu->user->Active]

2] Object level Security :[who can see what]

[Khandagale-Saurabh]

Org-wid:

1]if we change it to private then only app owner will able to see record 2] Grannd access by role herriachy: if it is public then all people above the role will have aces to view dta

[Khandagale-Saurabh]

[object is of 2 type custom and standard we can give perform c-r-u-d on it with help of profile & permission] Users can set up Object Level Security in Salesforce through two methods. We will learn more about them in the following sections of the blog.

Profiles– Users can only access the records of an object mentioned under the profile. Permissions– Users get additional permissions apart from the standard control access of a profile.

We can give read & edit permissions to the field. We can handle these field level permissions in three ways.

1. By using “set field level security” button at field level.

2. By using “view field accessibility” button at field level

3. In profiles/permission sets we can handle field level permissions.

[owd: public read/write : private : public read:if you are owner then you can edit else you can only view data ]

[role heriarchy is grater than owd so if private and role heiachy is true then also masterwill able to viewdata] [If 2 user not share role heriarch and also want to share data then we use sharing setting ][bottom of sharing setting eg: account sharing setting]

[Sharing rule vs manual sharing rule ] sharing rules : with siblings: manulasharing: it is use when any unconditional record or any special case record is therir [classic only have manual sharing ]

[Khandagale-Saurabh]

![Uploading image.png…]()

[Khandagale-Saurabh]

https://www.salesforcetutorial.com/field-level-security-salesforce-2/

[Khandagale-Saurabh]

owner based sharing : where owner is=ram criteria based sharing : where location - nagpur

[Khandagale-Saurabh]

https://www.youtube.com/watch?v=RFSyeIgMLzQ&list=PL70-k_f-tFW1bsHebSTvwk4BJuw_ccMv1&index=28 most imp

[Khandagale-Saurabh]

1] privste 2] criteria sharing 3]role bases sharing 4]both are manager (sibling)=> manual sharing 5] 6] for wilson,..... give them permission set of [r/e/d] because owd not have delete 7]p rofile=> view all 8]profile=> modify all data (profile because they belong to same profile)

step=> owd(r/v) => profile / permission [delete/ modify all]

[Khandagale-Saurabh]

1] private 2]when open share with hr=> share with role 3] create public group => expect wilson ,A,kavya => shen status is close share it with public grp 4] same role => no, same profile=> no so create public grp assign user div,ram and b when status is pending share with this grp 5] permission set=> modify all

[Khandagale-Saurabh]

Sharing rule

[Khandagale-Saurabh]

on owd public/read public/read/write contro by parent

[Khandagale-Saurabh]

Q] kavya : hide record 111 from kavay

Solution: everyone will see their own record

their are tyrpe of sharing rules 1] owner based sharing rules 2]criteria based sharing rule: share only record where country is India 3]

[Khandagale-Saurabh]

Permission Set We have create a prole developer with some restriction and assign that profle to all developer in org now we need some specila permission for front-end and some diffent permission for backkedn so we go for permission set