Term
What things should you consider before building an application?
|
|
Definition
Who are the users (actors), what data is important to them? are there any data restrictions?, how can I make the user experience more streamlined and efficient? |
|
|
Term
Who are the actors in the recruiting application?
|
|
Definition
Interviews, Hiring Managers and Recruiters
|
|
|
Term
What are the objects that we’ll need to track?
|
|
Definition
Positions, Candidates, Job Applications, Interviews and Reviews |
|
|
Term
Once fields are set to read-only through field-level security, is there any way that the an interviewer could edit these fields?
|
|
Definition
|
|
Term
Can you use field-level security to handle cases regarding special access exceptions for data owned by the user? |
|
Definition
No. Field-level security is set for a profile. That means that if a profile has access to edit a particular field, they can edit that field on every record that they have access to. There is no way to do conditional field-level security like only edit a particular field IF you are the owner of the record. |
|
|
Term
True or False: System Administrators can see every record in Salesforce?
|
|
Definition
| True – interesting thing to point out: admins can see every record, but FLS does apply to administrators, so they may not see every field. Keep in mind that though System Administrators might not see a field, they do have the permissions to change FLS. |
|
|
Term
If a developer wanted to share records with a group of users who were not all in the same role, how could the developer do it without creating multiple sharing rules?
|
|
Definition
|
|
Term
What is the advantage of using record types?
|
|
Definition
| Allows developers to specify different page layouts for the same object, allows for different picklist values for different profiles and use cases. |
|
|
Term
Which feature sets the baseline level of access for an object?
|
|
Definition
| Organization wide defaults |
|
|
Term
| If a developer wanted interviewers to see positions, but never see the Grade listed on a position, which tool would the developer use? |
|
Definition
| Field-level security on the Grade field |
|
|
Term
Do using record types restrict the records that are available to this profile?
|
|
Definition
| No. Record types are not a security feature. It does not affect access to records. It only changes the way that the UI appears. |
|
|
Term
A hiring manager creates a position with the record type of Technical Position with a Department of IT. The record type is then changed to Non-Technical Position. What value will be displayed in the Department field? What will happen if the record is edited?
|
|
Definition
| The Department value will not change. If the record is edited, the user will have the option to change the field to a Non-Technical Position value. |
|
|
Term
How can a user bypass the record type selection screen if they always want to use the same record type? (Hint: it’s a user setting)
|
|
Definition
| Go to setup | My Personal Information | Record Type Selection |
|
|
Term
How will approvers get access to closed positions? Open positions?
|
|
Definition
| Closed position: manual sharing to them. Open position: sharing to the entire organization |
|
|
Term
How will all users get access to open positions?
|
|
Definition
| Manual sharing to the entire organization |
|
|
Term
How will recruiters get access to closed positions? Open positions?
|
|
Definition
They own them, so will have access regardless of whether they are open or closed |
|
|
Term
Would using page layouts be a good way to conceal salary information from everyone except recruiters and hiring managers? Why or why not?
|
|
Definition
No. Page Layouts affect the user interface, they are not a security feature. If we hid the salary information from the page layout for a user, but they still had access to it through field-level security, they could access that information through the API. |
|
|
Term
Is it possible to change the record type of a record after it has been create? Does this change the page layout used to display that record?
|
|
Definition
| It’s possible to change the record type of a record after it has been created by clicking the [Change] link next to the Record Type field on the page layout. It may or may not change the page layout used to display that record – it depends on the page layout assignment. |
|
|
Term
What are the different types of licenses that are available?
|
|
Definition
| Salesforce, Platform, Platform Light |
|
|
Term
What do profiles control?
|
|
Definition
| Access to Tabs, Apps, Record Types, Page Layouts, Permissions, Login Hours and IP Ranges, CRUD |
|
|
Term
What are the permissions that allow a System Administrator to manage the application?
|
|
Definition
| "View All Data", "Modify All Data", “Customize Application” (there are others, but these are the big ones) |
|
|
Term
True or False: System Administrators can customize the permissions of both standard and custom profiles. |
|
Definition
False. Only the permissions on Custom Profiles can be customized. |
|
|
Term
True or False: When creating a new profile, it’s possible to copy over settings from an existing profile.
|
|
Definition
| True. It’s not only possible, but also required. |
|
|
Term
What are the two questions that you should ask yourself when trying to decide how to set OWD permissions for an object?
|
|
Definition
| Will there be users who shouldn’t see this object? 2. Will there be users who shouldn’t edit this object? |
|
|
Term
What is fundamentally different about the way OWD affects data than all of the other data access controls?
|
|
Definition
| OWD restrict access, all other pieces of the security model open up access. |
|
|
Term
True or False: Child records in master-detail relationships have their own organization wide defaults.
False. Child records in master-detail relationships inherit the OWD from the parent record.
What is the most restrictive level of access that can be set on organization wide defaults?
Private
True or False: Organization wide defaults can be set for both standard and custom objects
True
If even one person in your organization is not allowed to see position data, what MUST your OWD be?
Private
3-3
What is an instance where the role hierarchy might not match a company’s management structure?
Developers will usually be at the top of the role hierarchy. If there is a user who should be higher so that they have access to more data, but isn’t high up in the management structure.
3-4
What users/groups can be a part of a public group?
Users, Roles, Roles and Subordinates, Public Groups
Where are public groups used?
Sharing Rules, Folder Access
3-5
What are the levels of access that can be granted through sharing rules?
Read Only, Read/Write
Could you create a sharing rule for reviews to share records owned by the entire organization to a particular user? Why or why not?
No. Sharing for reviews is controlled by the job applications.
3-6
Why is this method not appropriate for a system-wide solution?
It’s manual and tedious.
Who are the three types of users that can grant sharing privileges on a given record?
System Administrator, the owner of the record, and anyone above the owner of the record in the role hierarchy.
Module 3 Review
List all of the reasons that a user might be able to see a particular record.
The user is a System Administrator (or has View All Data), the user is the owner of the record, the user is above the owner of the record in the Role Hierarchy (and Grant Access Using Hierarchies is enabled for that Object), the OWD is set to at least Read Only, there is a Sharing Rule giving access, Manual Sharing is set up to give access.
What is the difference between a role and a profile?
Role is a position in the hierarchy and determines how record access rolls up. It affects the records that users can see. Profiles are a set of permissions that determine what users can do with the records that they can see.
True or False: Sharing rules are used to restrict access to records. |
|
Definition
False. Sharing rules cannot restrict access to data, they can only open up access to data. |
|
|
Term
If a developer wanted to set up his organization so that managers always see records owned by their subordinates, what feature should that manager use?
|
|
Definition
|
|
Term
If a user needed to give access to just one record, what feature should that user choose?
|
|
Definition
|
|
