Salesforce is a cloud-based Customer Relationship Management (CRM) platform that allows businesses to manage their sales, marketing, and customer service activities in a more efficient and effective manner. Three important concepts in Salesforce are CRUD, FLS, and Sharing Rules, which are critical to controlling access to data and maintaining data security.
In this blog, we will provide a detailed explanation of each concept and examples of how they can be used.
CRUD
CRUD stands for Create, Read, Update, and Delete. These are the four basic operations that can be performed on any record in Salesforce. CRUD permissions determine who can perform these operations on a record.
For example, let’s say you have a custom object called “Job Posting” in Salesforce that contains information about job openings at your company. You want to ensure that only certain users can create new job postings, while all users can view them.
To do this, you would set the CRUD permissions as follows:
- Create: Only users with the “Job Posting Manager” profile can create new job postings.
- Read: All users can view job postings.
- Update: Only users with the “Job Posting Manager” profile can update job postings.
- Delete: Only users with the “Job Posting Manager” profile can delete job postings.
FLS
FLS stands for Field Level Security. FLS determines which fields on an object can be viewed and edited by different users. FLS permissions are set at the profile level and determine the visibility and editability of fields in both the UI and API.
For example, let’s say you have a custom object called “Contact Survey” in Salesforce that contains information about customer satisfaction. You want to ensure that only certain users can view and edit sensitive information like contact names and phone numbers.
Don’t forget to check out: Sharing Rules In Salesforce Security
To do this, you would set the FLS permissions as follows:
- Contact Name: Only users with the “Contact Survey Manager” profile can view and edit the Contact Name field.
- Phone Number: Only users with the “Contact Survey Manager” profile can view and edit the Phone Number field.
- Satisfaction Score: All users can view and edit the Satisfaction Score field.
Sharing Rules
Sharing rules allow you to extend access to records beyond the organization-wide default settings. Sharing rules are used to share records with users or groups who would not otherwise have access to them. There are two types of sharing rules in Salesforce: Ownership-based sharing rules and Criteria-based sharing rules.
Ownership-based sharing rules allow you to share records owned by a particular user or group. For example, let’s say you have a custom object called “Project” in Salesforce that contains information about ongoing projects. You want to ensure that all users in the “Project Manager” group have access to all projects owned by any member of the group.
To do this, you would set up an ownership-based sharing rule as follows:
- Rule Name: Project Manager Access
- Sharing Setting: Share with Group
- Group: Project Manager
- Access Level: Read/Write
- Shared by: Owner
Criteria-based sharing rules allow you to share records based on specific criteria. For example, let’s say you have a custom object called “Opportunity” in Salesforce that contains information about potential sales deals. You want to ensure that all users in the “Sales” group have access to all opportunities that are in the “Prospecting” stage.
To do this, you would set up a criteria-based sharing rule as follows:
- Rule Name: Sales Access to Prospecting Opportunities
- Object: Opportunity
- Sharing Setting: Share with Group
- Group: Sales
- Access Level: Read/Write
- Criteria: Stage equals Prospecting
Check out another amazing blog by Mohit here: What do you mean by Ant Migration in 2023? | Salesforce Developer Guide
In conclusion, understanding the concepts of CRUD, FLS, and Sharing Rules in Salesforce is essential for ensuring data security and controlling access to sensitive information. By setting up the appropriate permissions, businesses can ensure that only authorized users can perform certain actions on records, view and edit specific fields, and access certain data based on criteria or ownership. These features are critical for maintaining the integrity of data within Salesforce and ensuring that businesses can use the platform effectively and securely.