Difference between revisions of "About Roles and Data Visibility"

Revision as of 21:29, 15 October 2012

Application Access determines who can use an application
Access Profiles specify administrative and global-access permissions
Roles specify high-level access rights to individual application objects
The privileges granted in Access Profiles and Roles are additive. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission.
Visibility Controls define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on Record Ownership
Team Data Sharing Policies enable users to share data across Teams. These settings override the record-level access permissions specified in the individual's Visibility Controls.
Field Visibility (Role Based Permission Control) can also be used data visibility rights at the Field level

@@ Line 5: / Line 5: @@
 :* The privileges granted in Access Profiles and Roles are ''additive''. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission.
 :*[[Visibility Controls]] define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on [[Record Owners|Record Ownership]]
-:* [[Team Data Sharing Policies]] enable users to share data across [[Teams]]. These settings override the record-level access specified in the [[Visibility Controls]] for an individual user.
+:* [[Team Data Sharing Policies]] enable users to share data across [[Teams]]. These settings override the record-level access permissions specified in the individual's Visibility Controls.
 :*[[Role Based Permission Control|Field Visibility (Role Based Permission Control)]] can also be used data visibility rights at the [[Fields|Field]] level