Roles

Roles introduce hierarchy into a Salesforce org. They control access at the record level based on where the user sits on the hierarchy pyramid. It achieves this by overriding the access settings defined in the Organization Wide Defaults (OWD).

Previous article, Salesforce Admin tutorial – 11, explains about Permission Sets.

For example, let’s consider the following organizational hierarchy. It follows a structure where Sales Directors operate under the CEO and Sales Reps operate under the Directors. 

With the use of roles, you can prevent one Sales Rep from viewing the records added by another under a different Director. They can also ensure that a Director is able to see only the records added by Sales Reps working under them. 

Before assigning roles to users, you should first do a little modification to the existing OWD settings. You can access them by searching for Sharing Settings. 

In these settings, currently, the Account and Contract object has Public Read/Write access by default. We need to change this to Private since we are going to rely on roles to determine user access settings from now on. You can simply click the Edit option and add this modification to the object on this page. 

When this is completed, no user will be able to any records on the Accounts object other than the ones they create. You can test this out on your application if you want. 

Next, let’s assign roles to enable certain users to see others’ records if they reside higher in the hierarchical chain. 

You should search for “roles” and go to the Roles pane to start this process. 

Here, select the Set Up Roles option, and it will show you the standard role hierarchy Salesforce has given to us by default. 

You can Edit, Delete, and Add roles to this hierarchy as you wish to fit your organizational needs. After clearly defining the hierarchy structure, you can assign these roles to different users in your org.  

For example, let’s assign the CFO and CEO roles in this hierarchy to two users. 

Now, when you log in as the CEO user to the system, you’ll be able to see the records created by the CFO user on the Accounts table.

Next article, Salesforce Admin Tutorial – 13, explains about Data Management.