Skip to main content

User Sharing - Winter14 Release

Today, while working on one of our client's organization there was a requirement to get the detail of Owner of a collaboration group. We couldn't use Salesforce UI to get and look into CollaborationGroup because of some reason. I used ID of CollaborationGroup to make a query and get OwnerId field's value. OwnerId was that of a user, since it was starting with '005'. When I run a query on User to get detail of this user, I was surprised that query returned 0 records. I was puzzled, since CollaborationGroup has a user as owner, but query is not returning me detail of this user.

After much of exploration, I realised that it is because of one of feature released in Winter14 'User Sharing'.

Following is detail of what it is:-

Control who sees who in the organization with standard sharing functionality.

User Sharing enables you to show or hide an internal or external user from another user in your organization. Previously, User Sharing for external users was enabled by default with Communities, while User Sharing for internal users was available through a pilot program. With Winter ’14, User Sharing is automatically enabled in new organizations. You can:

  1. Set the organization-wide defaults for user records to Private or Public Read Only.
  2. Create user sharing rules based on group membership or other criteria.
  3. Create manual shares for user records to open access to individual users or groups.
  4. Control the visibility of external users in customer or partner portals and communities.


Existing organizations can contact salesforce.com to enable User Sharing.

How can your organization use User Sharing? For example, you might be a manufacturer who needs to include all dealers in your organization while still keeping them from seeing or interacting with each other. You can set the organization-wide defaults for the user object to Private. Then, open up access among groups of dealers who need to see and interact with each other in the organization with sharing rules or manual sharing. Additionally, you can assign the “View All Users” permission to users who need to see everyone in the organization.

If you have access to a record owned by a user to whom you don’t have access, you’ll receive an insufficient privileges error when hovering on the owner’s name. Similarly, on Chatter, if you lost access to a user, you cannot @mention him or her. You’ll not be able to hover their names for a full profile nor see their profile page. But you can @ mention the user if you are in a Chatter group together or if you are in the same conversation thread.

Comments

Post a Comment

Popular posts from this blog

Mashup Integration in Salesforce

During preparation for TA certification exam, I came across a word Mashup for integration a number of times. I explored about it and below is description:- Mashups, sometimes called “composites,” are hybrid applications created by bringing together several data sources and Web services to create a new application or to add value to an existing application. Behind the scenes, mashups may require different levels of integration, depending on whether the mashed-up data is only meant to be viewed, whether it can be edited, and whether data is actually transferred between systems. There are three types of mashup:- Client Presentation Mashup - In this type of mashup the integration takes place strictly at the visual level. It makes possible to view data from two or more applications in a browser,  without actually moving data between the applications. Example - Google Maps. Client Service Mashup - As mashups evolve, they are becoming more complex and sophisticated. Client...
15 comments
Read more

ReadOnly Annotation

Use Case:- You want to show up to 10000 record on single VF page. Count of records based upon some business requirement where number of records could go up to 1 million. So far, it was not possible to achieve above in VF page because of following limitations:- The maximum number of items in a collection that can be iterated over using components such as <apex:dataTable> , <apex:dataList> , and <apex:repeat> is 1000. Normally, queries for a single Visualforce page request may not retrieve more than 50,000 rows. Solution:- But with API version 23.0 , salesforce has introduced ' ReadOnly ' annotation which has following functionality/restriction:- The @ReadOnly annotation allows you to perform unrestricted queries against the Force.comdatabase. All other limits still apply. It's important to note that this annotation, while removing the limit of the number of returned rows for a request, blocks you from performing the following operations ...
Post a Comment
Read more

Grant Access Using Hierarchies

Problem There is a custom object say 'XYZ' and OWD for this is set to ' Private ', which means record of this can be seen by only owner and users above in role-hierarchy and territory. However, to share this with other user, we can manually share it. The problem is that I don't want other users, who are above in role-hierarchy and territory of the user with whom record has shared, can see it. Solution We can un-check ' Grant Access Using Hierarchies ' check box for object 'XYZ' on 'Sharing Settings' page. We can go to Setup >> Security Controls >> Sharing Settings and click on ' Edit ' button. On the edit page, we can un-check ' Grant Access Using Hierarchies ' for required object.  Major uses of 'Grant Access Using Hierarchies' are:- If you disable the Grant Access Using Hierarchies option, sharing with a role or territory and subordinates only shares with the users directly asso...
1 comment
Read more