There will be some scenarios where all records are privately owned, you want to share records based on some criteria with a specific user or group of users or to specific role. In such cases sharing automation should work on all records of that object. You can build a sharing rule which will handle such situation.
Consider a scenario where records should be shared based on continent field and those records should be shared with people of specific group or role. You can simple create sharing rules for each continent and share according to business requirement.
Go to Sharing setting section where you set OWD access on all objects. Scroll down to the Sharing rule section of the object where you want to set rule. In my example I will show you Sharing Rule section of a custom object.
Step 1: Go to Sharing Settings, scroll down the custom object where you want to set sharing rule.
Step 2: Click on New Button, System will direct you to Create page of sharing rule.
Step 3: Fill out appropriate information.
- Provide proper name
- Select rule type.
- Owner-Based Sharing Rules.
- An owner-based sharing rule opens access to records owned by certain users.
- Criteria-Based Sharing Rules.
- A criteria-based sharing rule determines with whom to share records based on field values.
- Owner-Based Sharing Rules.
- Define the criteria, here I want to share record based on criteria, which says share record if continent is Asia, you can define as per your business logic.
- Select the appropriate section in share with, like whether you want to share with a public group or a Role or Roles and Subordinates or territories.
- Define the access level (Read Only or Read/Write).
- Click on Save.
After saving the rule, System will take some time to process the rule, once it saves “Recalculate” button is enables. Click on recalculate.
When you make changes to groups, roles, and territories, sharing rules are reevaluated to add or remove access as necessary. Whenever you make changes to sharing rule, group, criteria click on Recalculate so that access is updated as per the new rule.
When sharing is recalculated, Salesforce also runs all Apex sharing recalculations. During sharing rule recalculation, related object sharing rules are calculated as well. For example, when recalculating sharing rule for opportunities, account sharing rules are recalculated since opportunity is a detail of an account object. You receive an email notification when the recalculation is completed for all affected objects.
- You can use sharing rules to grant wider access to data. You cannot restrict access below your organization-wide default levels.
- To create sharing rules, your organization-wide defaults must be Public Read Only or Private.
- If multiple sharing rules give a user different levels of access to a record, the user gets the most permissive access level.
- Sharing rules automatically grant additional access to related records. For example, opportunity sharing rules give role or group members access to the account associated with the shared opportunity if they do not already have it. Likewise, contact and case sharing rules provide the role or group members with access to the associated account as well.
- Users in the role hierarchy are automatically granted the same access that users below them in the hierarchy have from a sharing rule, provided that the object is a standard object or the Grant Access Using Hierarchies option is selected.
- Regardless of sharing rules, users can, at a minimum, view the accounts in their territories. Also, users can be granted access to view and edit the contacts, opportunities, and cases associated with their territories’ accounts.
- Developers can use Apex to programmatically share custom objects (based on record owners, but not other criteria). This does not apply to User Sharing.