Tuesday, February 21, 2023

Salesforce: Activity Visibility Controlled by Parent



In Salesforce.com, for Activity objects (Task & Event), there is only 2 options in the Organization-Wide Defaults sharing setting:
- Controlled by Parent
- Private

Private
Only the activity owner (label as Assigned To), and users above the activity owner in the role hierarchy can edit and delete the activity.
Users with Read access to the record to which the activity is associated (Name and Related To) can view and report on the activity.

Controlled by Parent
A user can perform an action (such as view, edit, transfer, and delete) on an activity based on whether he or she can perform that same action on the records associated with the activity.

For example, if a task is associated with the Acme account and John Smith contact, then a user can only edit that task if the user can edit the Acme account and the John Smith contact.

The "parent" of the activity record is:
  • Who Id (Name): Contact and Lead
  • What Id (Related to): Account, Opportunity, Case, Campaign, Asset, and custom objects with Allow Activities enabled.

To edit a task, the user needs to have Edit Tasks permission defined in the Profile or Permission Sets and to edit an event, the user needs to have Edit Events permission defined in the Profile or Permission Sets. Both permissions are located under General User Permissions in the profile, or this permission also can be assigned to specific users using the Permission Set.

When a user creates a task/event, regardless of the parent of the task/event owner, the default task/event will be assigned to the current user, not based on parent record owner.

When the user is assigned to a task/event, the user is able to access and edit the task/event (the user need to have Edit Tasks/Edit Events permission to edit task/event), regardless of the OWD sharing setting for Activity, and even user does not have access to the parent record of that Activity record. This edit access will include users in the higher role hierarchy of the assigned user.

Permissions related to View an activity:
  • Be assigned to the activity, or
  • Be above the user assigned to the activity in the role hierarchy, or
  • Have at least read access to the record to which the activity is associated, or
  • Have the “View All” object-level permission in the related record, or
  • Have the “View All Data” permission

Create an activity:
  • Have the “Edit Tasks” and “Edit Events” permissions; AND
  • Have at least read access to a record, if associating the activity with another record

Edit or Delete an activity:
  • Have the “Edit Tasks” and “Edit Events” permissions; AND
  • Be assigned to the activity, or
  • Be above the user assigned to the activity in the role hierarchy, or
  • Have the “Modify All” object-level permission in the related record, or
  • Have the “Modify All Data” permission

View, add and edit events on other users’ calendars
  • Have the “Edit Tasks” and “Edit Events” permissions to create and edit activities AND
  • Have access to the user’s calendar, which depends on your organization-wide calendar sharing defaults and how the user has set up individual calendar sharing.

Note:
Events marked as private via the Private checkbox are accessible only by the user assigned to the event. Other users cannot see the event details when viewing that user’s calendar. 
However, users with the “View All Data” or “Modify All Data” permission can see private event details in reports and searches, or when viewing other users’ calendars.


Tip:
The user who is assigned to an activity in the Assigned To field is often referred to as the “activity owner”.


Reference:

No comments:

Post a Comment

Understanding Wire vs Imperative Apex Method Calls in Salesforce Lightning Web Components (LWC)

Understanding Wire vs Imperative Apex Method Calls in Salesforce Lightning Web Components (LWC) Introduction: Salesforce Lightning Web ...