One of my client has requirements to control record access by security groups and role management. Few day ago there was a post for such requirements.
I would like to share it with community.
XYZ company has two sales department. Each department has Divisional Manager (DM) and Sales Representatives (SR).DM report to General Manager (GM).
Following are requirements of management regarding access right of records to CRM users.
SR should not be able to see record of other SR and DM. DM should be able to see records of all SR working under him. DM should not be able to see record of other DM. GM must be allowed to see all records.
Steps to follow :
Create following groups for each division. Click a link – Security Group Management in Admin section. North Sales Division GM, DM (of north) and all SR must be member of this group. South Sales Division GM, DM (of south) and all SR must be member of this group. Create following roles. Click a link – Role Management in Admin section. Sales representative. Assign this role to groups – North Sales Division and South Sales Division. Select “owner” permission for Delete, Edit, List, View for selected modules. Division Manager. Assign this role only to DM. Do not assign it to any group. Select “group” permission for Delete, Edit, List, View for selected modules. General Manager. Assign this role only to GM. Do not assign it to any group. Select “All” permission for Delete, Edit, List, View for selected modules. Configure Security Group Settings from Admin panel. Click a link – SecuritySuite Settings in Admin section. User Role Precedence must be checked. Inherit from Assigned To User should be checked. The record will inherit all the groups of the user assigned to the record. Assign a record to SR. Select a group for SR in case Inherit from Assigned To User is not checked.
Test it. It should have fulfill requirements of XYZ company regarding access rights to CRM users.
Link to my blog -
Thanks and Regards,