Record Access Permissions

Record access:

In general, any user who can access an object can view all of the records it contains. (To access the object, they must be granted access to an application that contains it.) One special case occurs when a record is owned by some other member of their team. In that case, the record becomes invisible, unless View permission has enabled in their Role Permissions, or unless their Access Profile gives them Global View permission. Another special case occurs when Record Level Visibility has been enabled for an object, and visibility criteria has been specified for an individual record. In that case, a user who can see the record only when (a) They have been granted access to an application that contains the object, and (b) They match the visibility criteria specified for that record. Users with Add permission enabled in Role Permissions or the Access Profile can add records Users with Update permission enabled in Role Permissions or the Access Profile can update records Users with Delete permission enabled in Role Permissions or the Access Profile can delete records

Access to records owned by other team members:

Read: View permission enabled in Role Permissions unless Record Level Visibility has been enabled, and visibility criteria has been specified for a record. (In that case, only users who match the criteria can read the record.) Update: Update permission enabled in Role Permissions Delete: Delete permission enabled in Role Permissions

This page is transcluded into the record-processing API pages. See also: Data Access Permissions for the GUI notes.