Security Roles - Temporarily Sharing Between Two with Owner Rights Only

If two users at the bottom rung of your security chart (ie, they only have ower rights to records) collaborate, how can one manually share their record with another user?

For example, salespeople only have access to their own records. One salesperson has an opportunity and they want to collaborate on this one opportunity with another salesperson. Normally, one would not be able to see the other, but in this case, they want the opportunity to be shared between them along with the ability to edit and access submodules to that opportunity (documents, tasks, logging history, notes, etc).

So salesperson A shares the opportunity with salesperson B. We want salesperson B to get access to salesperson A’s opportunity AND the associated records (the contacts involved, etc) BUT only to the contacts associated with the opportunity, not to salesperson A’s entire set of contacts… AND when the opportunity closes, so does salesperson B’s access.

I am not finding an explanation on how this can be done… can anyone either explain it or point to reference material on this scenario?

Thanks

I am not a specialist with security settings, these things can be quite confusing. But this is what I try:

  • set up a group for each Sales person: SalesPersonA, SalesPersonB, etc. The group contains only that person.

  • on the records that you need to cooperate on, add one of those groups to it. One person is the owner, so they have access as owner; the second person gets access via the group.

This is a lot of work and not very elegant, but if you only need to use this sporadically it might work.

OK, so basically when we create a new user we also create a new security group - assigning that user as the owner of the Security group. If we have 50 people, we would have 50 security groups, each one individually created for each user. No big deal, but just a part of the admin process of giving access initially.

When User A initially creates a record, automatically that record is a part of User A Security Group.
When user A wants to bring user B into the project, user A goes to the record’s subpanel for security groups and adds User B Security Group
– now user B has access to this particular record

Is this correct?

Assuming that it is correct, say the record we are talking about here is an opportunity.

Typically, user B cannot see user A opportunities, nor user A’s contacts.

If we give user B access to user A’s opportunity manually (by user A going to the opportunity’s subpanel and adding user B ) , does user B ALSO get access to any of user A’s contact records that have been associated with that opportunity?

Or, does user A have to go to each of those contact records manually and in each contact record’s subpanel also add User B Security Group in order for user B to see the people involved in the opportunity? Would user A also have to do the same for any document, task, or any other module that is utilized with the opportunity?

I’m afraid I am not sufficiently knowledgeable of the security settings to answer those kinds of questions. I doubt many people are.

I was just trying to give you a possible direction of experimentation, the only advice I can give you is: try it. See how it works.

Remember you can use custom code or maybe even Workflows to assign the security groups in a more practical manner for your way of working.

Good luck, and share your results when you find a solution that works for you!

1 Like