Sharing Considerations

The sharing model is a complex relationship between organization-wide defaults, the role hierarchy, user permissions, sharing rules, and exceptions for certain situations. Review the following notes before setting your sharing model. For considerations on specific sharing features, see:

• Sharing Rule Considerations
• Guidelines for Success with Roles
• Public Group Considerations
• Manual Sharing Considerations

Exceptions to Role Hierarchy-Based Sharing

Users can always view and edit all data owned by or shared with users below them in the role hierarchy. Exceptions to role hierarchy sharing include:

• Disabling the Grant Access Using Hierarchies setting in your organization-wide default settings allows you to ignore the hierarchies when determining access to data. You can only modify this setting for custom objects.
• Contacts that aren’t linked to an account are always private. Only the owner of the contact and administrators can view it. Contact sharing rules don’t apply to private contacts.
• Opportunities can be marked as private via the Private checkbox. Only the record owner, users above that role in the hierarchy, and admins can view, edit, or report on private opportunities. Opportunity sharing rules don’t apply to private opportunities.
• Notes and attachments marked as private via the Private checkbox are accessible only to the person who attached them and to administrators.
• Events marked as private via the Private checkbox are accessible only by the event owner. Other users can’t see the event details when viewing the event owner’s calendar. However, users with the View All Data or Modify All Data permission can see private event details in reports and searches, or when viewing other users’ calendars.
• Visibility to users as a result of the Site User Visibility preference isn’t inherited through the role hierarchy. If a manager in the role hierarchy isn’t a member of a site, but their subordinate is, the manager doesn’t gain access to other members of the site. This only applies if Salesforce Experiences are enabled in your organization.

Deleting Records

• The ability to delete individual records is controlled by administrators, the record owner, users in a role hierarchy above the record owner, and any user who has the Modify All Data permission for Modify All Records for the given object.
• If the org-wide default is set to Public Read/Write/Transfer for cases or leads, only the record owner or administrator can delete the record.
• Knowledge users with the Transfer Record permission can delete draft articles owned by other users.

Adding Related Items to a Record

• You must have Read/Write access to a record to be able to add notes or attachments to the record.
• You must have at least Read access to a record to be able to add activities or other associated records to it.

Adding or Removing Sharing Access Manually

• The ability to manually extend the sharing access of individual records is controlled by administrators, the record owner, users in a role hierarchy above the record owner, and any user that has the Modify All Data permission for Modify All Records for the given object.
• If you’re manually sharing an opportunity, contact, or case, the users you share it with must have at least Read access to the associated parent account via sharing features or you must have the ability to also share the account. You have the ability to share the account if you are the account owner, are a Salesforce admin, are above the account owner in the role hierarchy, and or have the Modify All Records permission on accounts. If you have the ability to share the account itself, the users you share the opportunity, contact, or case with are automatically given Read access to the parent account.
• If a user transfers ownership of a record, Salesforce deletes any manual shares created by the original record owner, which can cause users to lose access. When account ownership is transferred, manual shares created by the original account owner on child records, such as opportunities and cases, are also deleted.

Changing Record Owners

• To transfer ownership of a case, contact, or opportunity record, either:
  • The new owner must already have at least Read access to its associated parent account via sharing features.
  • The user who is transferring the record must have the ability to share the associated parent account. The account owner, Salesforce admins, users who are above the account owner in the role hierarchy, and users with the Modify All Records permission on account have this ability.
  Otherwise, the ownership transfer can’t be completed.

Availability

In Professional Edition, sharing is available only for accounts, assets, campaigns, and contacts.

User and Object Permissions

While your sharing model controls visibility to records, user and object permissions control what users can do to those records.

• Regardless of the sharing settings, users must have the appropriate object permissions. For example, if you share an account, those users can only see the account if they have the Read permission on accounts. Likewise, users who have the Edit permission on contacts aren’t able to edit contacts they don’t own if the org-wide default for contacts is Private.
• Administrators, and users with the View All Data or Modify All Data permissions, have access to view or edit all data.

Apex Sharing

The organization-wide default settings can’t be changed from private to public for a custom object if Apex code uses the sharing entries associated with that object. For example, if Apex code retrieves the users and groups who have sharing access on a custom object Invoice__c (represented as Invoice__share in the code), you can’t change the object’s organization-wide sharing setting from private to public.

Account Sharing

• To restrict users' access to records they don’t own that are associated with accounts they do own, set the appropriate access level on the role. For example, you can restrict a user's access to opportunities they don’t own yet are associated with accounts they do own using the Opportunity Access option.
• When you create account sharing rules, you also configure the recipient's access to the account's child contacts, cases, and opportunities.

Campaign Sharing

• In Professional, Enterprise, Unlimited, Performance, and Developer Editions, designate all users as Marketing Users when enabling campaign sharing. This designation simplifies administration and troubleshooting because access can be controlled using sharing and profiles.
• To segment visibility between business units while maintaining existing behavior within a business unit, set the campaign organization-wide default to Private. Create a sharing rule to grant marketing users Public Full Access to all campaigns owned by users within their business unit. Then create a sharing rule to grant all non-marketing users in a business unit Read Only access to all campaigns owned by users in their business unit.
• When a single user, such as a regional marketing manager, owns multiple campaigns and must segment visibility between business units, share campaigns individually instead of using sharing rules. Sharing rules apply to all campaigns owned by a user and don’t allow segmenting visibility.
• Create all campaign sharing rules before changing your organization-wide default to reduce the effect the change has on your users.
• To share all campaigns in your organization with a group of users or a specific role, create a sharing rule that applies to campaigns owned by members of the “Entire Organization” public group.
• Minimize the number of sharing rules by using the “Roles and Subordinates” option instead of choosing a specific role.
• If campaign hierarchy statistics are added to the page layout, a user can see aggregate data for a parent campaign and all the campaigns below it in the hierarchy regardless of whether that user has sharing rights to a particular campaign within the hierarchy. Therefore, consider your organization's campaign sharing settings when enabling campaign hierarchy statistics. If you don’t want users to see aggregate hierarchy data, remove any or all of the campaign hierarchy statistics fields from the Campaign Hierarchy related list. These fields are still available for reporting purposes.
• If the sharing model is set to Public Full Access for campaigns, any user can delete those types of records.
• Campaign member sharing is controlled by campaign sharing rules. Users that can see a campaign can also see associated campaign members.

Contact Sharing

See: Business Contact Sharing for Orgs That Use Person Accounts

Price Book Sharing

• Sharing on price books controls whether users can add the price book and its products to opportunities.
• User permissions control whether users can view, create, edit, and delete price books.