Question

Access to objects by records - behaviour over time

Hi community,

We are implementing a project of Sales CRM with rather complex (but common) organizational strutcture, and initially we were thinking of a simple rule where each department gets access to it's own records and not to other departments oportunities.

So we were setting up several rules using record permissions with the same principle: based on the record author's sales divison on the opportunity, that sales division would get access to that opportunity.

But after some tests I realized that although this would work in the short run, in the long run if this happened:

1) employee A would move from sales division 1 to another sales division 2

2) we needed to run the "update record permission"

all opportunities that were created by employee A while he was working at divison 1 would get the access rights revised and the access would be removed from sales division 1  and added to sales division 2.

Have I gotten this right?

Is there any way to "freeze" the initial sales division?

We are now moving to a model where we use business processes to give access to each sales division at the time of creation of the record but do not have any rule setup in " Opportunity object permissions ".

 

Thanks,

Luis

Like 0

Like

1 comments

Hello Luis,

Once someone moves from one division to another you need to run your custom business process which removes all existing rights for this particular employee in opportunities section and add them back based on his new role. You can save this process and set employee name as a parameter and modify this parameter dynamically (meaning that there can be other employees that can move from one department to another).

Simple "update record permission" action in objects permissions won't help here since this action redistributes access rights according to rules set in "Object permissions" section and in case you have records permissions activated and no rule specified there you will get following situation after running "update records permission" action: only owners of records will be able to see their records and that's all. So you need to build your process using "Change access rights" element so to achieve your task of moving employee from one group to another.

Best regards,

Oscar

Show all comments