This article shows you an example of an implementation where an admin created sharing rules to allow certain groups of users to see certain Form Templates.
In this example, we are going to show you how Salesforce Sharing Rules can be used to allow an admin to be precise with how different users see different Form Templates.
What Are Sharing Rules
Taken straight from the Salesforce help documentation, here is a brief explanation of sharing rules:
Use sharing rules to extend sharing access to users in public groups, roles, or territories. Sharing rules give particular users greater access by making automatic exceptions to your org-wide sharing settings.
In other words, Sharing Rules allow you to give certain users access to certain types of records, based on criteria that you set in the system. Given this, consider the following sample use case:
Sample Use Case
Suppose an organization implements Youreka, and they wish to only have certain users access certain types of forms. Here are a list of their requirements:
- The organization has users in North America, and South America. They wish to divide access so that the users in NA can only access Form Templates and Forms using the North American templates. The opposite is true for South America, where South American Users should only be able to access Form Templates and Forms which are designated for South America.
- The organization has installed Youreka "For Admins Only", and intends to provide access to Youreka through the use of permission sets.
The system admin chooses to take the following steps to make it happen.
Adjust Org Wide Defaults (OWDs)
Out of the box, Youreka's objects (namely Form Template) are set to Public Read/Write. However, because we won't want our users to be able to see every Form Template, the system admin changes the OWDs for Form Template to Private. The admin also is sure to do this in a sandbox first to ensure that users in production aren't affected by such a change.
Adjust Object Access
Because the organization is using Youreka's permission sets to give end users access to Youreka, we need to double check the permission sets that are assigned to the user. Out of the box, Youreka contains the Youreka Complete Forms permission set. Within it, Form Template View All access is given to any user assigned to the permission set. This does not align with our needs. We need end users to NOT have access to all form templates, but instead, only access to SOME form templates, based on a certain criteria.
The logical step here would be to remove the View All access from the permission set - but because the Youreka Complete Forms permission set is managed (provided in the Youreka Managed Package), it cannot be adjusted. Instead, the admin chooses to Clone the permission set, and make adjustments there.
As stated above, the admin chooses to remove View All access to Form Templates. The admin then ensures that the end users who need access to Youreka are assigned this permission set.
After having done these steps, we've ensured that the org wide defaults for Form Template are private, and the users who will be using Youreka also do not have View All access to the Form Template object. The next step is to give users access, based on a certain criteria.
Create Public Groups
The admin chooses to segment users into Public Groups, which is one of many ways that Sharing Rules can be applied. The user then adds various users to each group, depending on their location.
Configure the Form Template Object
The admin then chooses to add a custom field on the Form Template object called Region, allowing users to select North America or South America from a dropdown when setting up Form Templates. This allows the organization to designate which Form Templates belong to which region - and will therefore determine end user access to each.
Create Sharing Rules
The admin then visits the Setup menu, and creates a couple sharing rules, which provide end users from each group access to their respective Form Templates.
The admin then tests the sharing rules by logging in as various users across each group, and verifying that they can only view Forms and create Forms for the appropriate subset of templates.
The End Result