Security groups - Mentor/Protege and Teams

I have four users Dave, Tim, Rick and Sue.

Dave needs to be able to see his own accounts and opportunities. He is also on a team with Sue so they should be able to view/edit each other’s accounts and opps. And Dave is a mentor to Tim, so Dave can view/edit Tim’s but Tim may not see anything belonging to Dave.

Rick has no relationship with anyone and may only view his own.

Here’s what I have so far. All four belong to their own security group, with corresponding roles for Group access. So for example, we can add Dave to a single opportunity belonging to Rick by assigning Dave’s security group to Rick’s opp.

For Dave’s team with Sue, should I create a new Security Group with members Dave & Sue, and a corresponding role for Group access? How can I guarantee that new accounts and opps added by Dave and Sue will be associated with this security group?

Similar question for the Dave’s mentor relationship with Tim.

Thanks for any help!

Security Groups questions are always a bit hard to answer since the issue is complex and I can only configure things by trial and error.

I would start from here:

This scheme uses stable roles (“Group only”, etc), and then plays with Groups to separate Teams. Your mentor relationships can be your Teams, it’s essentially the same thing. you can do this with several levels of hierarchy, if you need to.

Have a look at the inheritance options to see if you can make the new record go in the appropriate groups. If you can’t do it with an option, you can try to automate it with a Workflow or logic hook.

1 Like