Data Security, Reports & Dashboard

 

Data Security

 

1.What is Profile?

Ans: A Profile is a Collection of settings and permissions that determines the user functional access(apps,tabs,object level permission), and how the information is displayed(page layout,record types, field level security) and wide range of other permissions.

A profile controlls the following permissions and settings.

  • App setting 
  • Tab settings
  • Page layout settings 
  • Record type settings
  • Field level security
  • Administrative permissions
  • General user permissions
  • Object permissions
  • Session settings
  • Password policies
  • Login hours
  • Login IP ranges
  • Enabled apex class access
  • Enabled visualforce access
  • Named credentials
  • Custom Permissions
  • Enabled service presence status access
  1. One profile can be assigned to multiple users, but one user can have only one profile.
  2. Profile can not be deleted if it is assigned to a user.
There are two types of Profiles :-
Standard Profile: The Profile which are already available in salesforce created by salesforce by default. 

* Standard profiles can not be deleted.

*  We can change standard profile settings like App settings and  Tab settings only.

* We can not change any other permission like Administrative permission , general user permissions etc. 

List of Some Standard Profiles 

    • System Administrator
    • Standard Platform User
    • Standard Platform One App user
    • Standard User
    • Customer Community User
    • Contract Manager
    • Read Only
    • Solution Manager
    • Work.com Only User
    • Identity User
    • Partner Community User
    • Partner Community Login User

Custom Profile: The Profile which is created by the System Administrator is called Custom Profile

* Custom profiles can be edited and deleted.

* Permissions(functionalities) availability in the custom profile is based on the selected salesforce license.

Standard and Custom Object Permissions:

Create: Users can create records

Read: Users can view their own records only

Edit: Users can edit their own records only

Delete: Users can delete their own records

View All:  Users can view entire data in the object

Modify All : Users can edit entire data in the object

View All Data(Administrative Permissions) : Users can view entire Salesforce Data.

 Modify All Data(Administrative Permissions) : Users can edit entire Salesforce Data. 

2. What is Role?

Ans: A Role is level designation in the Role hierarchy. A role shows the level of accessbility that has given to users. "Role"  plays the important role to access the data in Salesforce.

* In Salesforce roles are defined so as to increase the data visibility a particular user has.

* In OWD we have an option called "Grant Access Using Hierarchies" which is by default enabled to Standard objects we can not change it, but we can change(Enable and Disable) for Custom objects. If you check that checkbox then only the records will be shared to superiors else records will not be shared.

* Role hierarchy  could not be used to restrict the access level instead it is used to extend the access level to superiors from subordinates.

 

3. What is Permission Set?

Ans: Permission Set is a group of settings and permissions which is used to extend the functionality of Profile. Lot of functions in Profile can be found in Permission Set as well.

*  We can Provide more functionalities to group of users which are not provided in their Profile.

* One Permission Set can be assigned to multiple users.

* One user can have multiple Permission Sets

* Using Permission Set we can only extend the functionality, but we can not restrict the Permission.

4. User in Salesforce?

Ans: User is a Person or an Organization who has valid credentials to login into salesforce.

* While creating a user Profile is mandatory but Role is not mandatory.

* Without a profile user cannot be created. 

* User should be active to login into Salesforce.

* A user can have multiple Permission Sets.

* Organization should  have available licenses to create a user.

We have 4 types of Status to a User in Salesforce 

Active: If user is active then he will be able to login and access the Salesforce Application.

Inactive: If the User is inactive, the License will be removed and the user can not access the application. 

Freeze : If the User is in Freeze he will not able to access the application but his License will not be removed.  

Unfreeze: If user is unfreezed he will be able to access the application. 

5. What is OWD?

Ans: OWD means Organization Wide Defaults. Whenever a user login into the salesforce what are the default access we have to provide to that user can be maintained in this OWD.

  • Organization Wide Defaults(OWD) in salesforce is the baseline level of access that the most restricted user should have.
  • OWD are used to restrict the access. You can grant access through other means like(Sharing rules, Role hierarchy, Manual sharing, Apex sharing).
  • In Simple words OWD specify the default level of access users have to each other's records.

OWD has different types access for objects

  • Private: Only the record owner, and users above that role in the hierarchy, can view, edit, and report on those records.
  • Public Read Only: All users can view and report on records, but only the owner, and users above that role in the hierarchy can edit them. 
  • Public Read/Write: All users can view, edit, and report on all records. 
  • Public Read/Write/Transfer: It is only available for Leads and cases. 
  • Use, No Access, View Only for Price book. 


 Note: Object level Permissions determine the baseline level of access for all the records in an Object.

           OWD modify those permissions for records a users doesn't own.

  • Profile and Permission Set are   Object Level access.
  • OWD and Role-Hierarchy are    Record Level access    
6. What is Group?
Ans: A group is a set of users. We have two types of groups 
  1. Public Group : Groups which are created by administrators and this groups can be available for entire organization. Everyone in the organization can use this Public group                                         
  2. Private Group: Groups which are created by users for their personal use. For example certain records are always shared within A specified workgroup.
* In Groups we can add other members like
  • Roles(Users who has specific role).
  • Roles and Subordinates(Manager and Subordinates).
  • Users(Individual Users).
  • Public Groups(Which are already exist).
* We can use Groups for
  • To set up default sharing access through a Sharing Rule.
  • Groups are used in Sharing Rules, Apex sharing, Manual sharing.
  • Groups are mainly used to share data to group of members.
7. What is Queue?
Ans:  Queues are a collection of Records that doesn't have any owner. Queues in Salesforce help to prioritize, distribute, and assign records to teams who share workloads. Users who have access to the queue can examine every record and claim ownership 
  • Queue has a list of specified objects and users where queue can be assigned as a owner for those specified objects.
  • Queues are used in Assignment Rules.
  • Queue cannot be deleted if  it is assigned as owner for any record.
* In Queues we can add other members like
  • Roles
  • Roles and Subordinates
  • Users
  • Public Groups

8. What is Manual Sharing?
Ans: When there is restricted level of permission other than Public Read/Write for a specific object at OWD level, then its record accessibility is limited. If we want to share that records at that time we use Manual sharing.
  • Sharing button would  be enabled on Page layout to share the records.
* We can share records to 
  • Roles
  • Roles and Subordinates
  • users
  • Manager Groups
  • Manager Groups and Subordinates.
9. What is Sharing Rule?
Ans:A Sharing rule is an automated flow which is used to provide record access to users or group of users based on the condition or criteria. Sharing rules give particular users greater access by making automatic exceptions to your org-wide sharing settings.

* Sharing rules are of two types
  • Criteria Based Sharing rule
  • Owner Based Sharing rule
* We can share the records with 
  • Public Groups
  • Roles
  • Roles and Subordinates
  • Manager Subordinate Groups
* If a parent is shared in MDR its child record also will be shared automatically as it is " Controlled by Parent"

* We use Sharing Rules to grant wider access to data. We cannot restrict access below our OWD levels.


10.What is Assignment Rule?
Ans: Assignment rules are the way of assigning the records automatically to an individual user or queue.
 
* We have Lead Assignment Rules and Case Assignment Rules. Also Topic Assignment Rules.

  • Do Not Reassign Owner : Specifies that the current owner on a lead or case will not be reassigned to the lead or case when it is updated.
11. What is Approval Process?
Ans: An Approval process is an automated process implemented to approve the records in Salesforce.
  • An Approval Process specifies the steps necessary for a record to be approved and who must approve at each step.
  • An Approval Process also specifies the actions to take when a record is Approved, Rejected, Recalled, or First submitted for Approval.
  • We can create Approval Process in Two Steps.
    • Use Jump Start Wizard(Single step Approval Process)
    • Use Standard Jump Wizard(Multi Step Approval Process).                                                                                                          
  • Approval Process has some actions which are
    • Initial Submission actions.
    • Approval actions
    • Rejection actions
    • Final Approval actions
    • Final Rejection actions
    • Recall actions       
  • We can have 4 actions at each step.
    • Email alert
    • Field Update
    • Task Creation
    • Outbound Message
* Every Approval Process should have atleast one approval step or more.

12. What is Import Wizard?
Ans: Import Wizard is a tool which is used to insert, Update and Upsert the records into salesforce.

* It supports only few Standard Objects like Accounts, Contacts, Leads, Solutions and Campaign, but supports for all Custom Objects.
  • We can upload upto 50000 records using Import Wizard.
  • We can Turn-off  Triggers and Workflows while uploading the data 
  • It allows only CSV(Comma Separated Value) to upload.
IMP POINTS
  • In Import Wizard, It is not possible to Insert a record in two Objects, We can Insert record only in Single Object but in the combination of Accounts and Contacts we can Insert.
  • Trigger Workflow and Process  is the check box for skipping triggers and workflows.
  • One more advantage in Import Wizard is we can select the Record type(for which record type we can insert the records) as well.
13. What is Data Loader?
Ans:  It is a tool which is used to Import, Export and Delete the records in Salesforce.
  • It is used to upload the data more than 50000 records.
  • We can set the batch size from 1 to 2000, by default it takes the size of 200.
  • If we choose Bulk API option then batch size is 10000
  • Using Data Loader we can upload upto 5lakh records.
* In Data Loader we have 
Export: From any object we can export the data, but we cannot export the records which are in Recycle bin.
Export All: We can export record from any object along with deleted records which are in Recycle bin.

14.What is Report?
Ans: To summarize the information of an object we use Reports.
     A report is a list of records that meet the criteria we define. It's displayed in Salesforce in rows and columns, and can be filtered, grouped, or displayed in a graphical chart.
  • Reports can run on both Standard objects and Custom objects.
  • Reports can be stored in folders, users with access to this folders can run the reports.
  • Folders can be public, hidden or shared and we can set report Read only or Read/Write.
  • We can make a folder available for your entire organization, or make it private so that only the owner has access.
* We have 4 types of  reports.
  • Tabular Report: This is the most basic report. It displays just the row of records in a table like format with grand total.
  • Summary Report: This is the most commonly type of report. It allows grouping of rows of data.
  • Matrix Report: It allows records to be grouped by both columns and rows.
  • Joined Report: It is the combination of both Summary Report and Matrix report.                               
Report provide two options for exporting data into Excel.
  • Printable View: Export report with formatting into Excel.
  • Export Details: Export raw data.
* We can display upto 2000 records n a page. If more records are there to display we cannot see through user interface. If you export the records to a excel sheet then you can export upto 50000 records.

Sharing folders in Reports and Dashboards.
     
    Folder Sharing in Salesforce allows us to restrict access to reports and dashboards by users, roles, roles and their subordinates, and public and private groups.
    
Access : 
        View : Users with View access can see the data in report or dashboard, but they can't make any changes. All users have at least Viewer access to report and dashboard folders that are shared with them.
        Edit : when we have edit access to folder, we can view and modify the reports and dashboards.
        Manage: Users with manage access to the folder can have view, edit and also have access to control the folders like changing the folder properties and deleting the folders.


15. What is Dashboard?
Ans:  A dashboard is a visual display of key metrics and trends for records in our org. The relationship between a dashboard and report is, for each dashboard component, there is a single underlying report.
  • We can use the same report in multiple dashboard components on a single dashboard(Eg: use of same report in both pie chart and bar chart).
  • Like reports, dashboards are stored in folders, which control who has access. If you have access to a folder, you can view its dashboards. 
  • To view the dashboard components, we need access to the underlying reports as well.
  • Dashboard display data as per last time report was run.
Static Dashboard: Run as specific user.
Dynamic Dashboard: Run as logged in user.
                 Dynamic dashboards are dashboards for which the running user is always the logged-in user. This way, each user sees the dashboard according to his or own access level.
  • We cannot schedule Dynamic dashboard.
  • A dashboard can have up to 20 components.
  • Per Organization we can have 5 Dynamic Dashboards. 

Dynamic dashboards are real-time, personalized, multi-user platforms that enable organizations to add new business intelligence content and update existing data seamlessly.

16. What is Report type?
Ans: A report type is like template which makes reporting easier. The report type determines which fields and records are available for use when creating report. This is based on relationships between a primary object and its related objects.
 Eg: "Contacts and Accounts" report type.  Contact is Primary Object and Account is related Object.

* Salesforce provides some Standard Report types. If we need our own we can create custom report types as well. Reports display only records that meet the criteria defined in the report type. 

Graphical Representation.
    
In Report type we have 
    
  • Primary object with related object—Records returned are only those where the primary object has at least one related object record. In our example of Opportunities with Products, the only records that would be displayed on the report would be opportunities that have at least one related product record.
  • Primary object with or without related object—Records returned are those where the primary object may or may not have a related object record. If we were to create a custom report type, Opportunities with or without Products, then opportunities would be displayed whether or not they have a related product record.


17. What is Duplicate rule?
Ans: A duplicate rule defines what happens when a user views a record with duplicates or starts creating a duplicate record. Salesforce provides standard duplicate rules for business and person accounts, contacts, and leads. You can also create duplicate rules for your own custom duplicate rules.
    
Matching Rule: A matching rule defines how duplicate records are identified in duplicate rules jobs. Salesforce provides standard matching rule for business and person accounts, contacts, and leads. You can create your own custom matching rule.

18. What is difference between Validation rule and Duplicate rule?
Ans:
  • If we write a validation rule then it is applicable only when you are creating or editing, validation rule won't check for previous records.
  • If we write Duplicate rule then it check for previous records also, which are in database.
  • There is limitation for duplicate rule, when we are inserting records through import wizard, Dataloader in bulk at that time it won' work.
19. What is Bucket field?
Ans: Bucket field quickly categorize report records without creating a formula or custom field by bucketing them. when you create a bucket column, you define multiple categories(buckets) used to group report values. Like any other column in your report, you can sort filter, and group by bucket columns
  • Bucket field can group only three data types of fields
    • Picklist
    • Number
    • Text
  • It supports only Tabular, Summary and Matrix reports. It does not support for Joined reports.
IMP POINTS
  • Let us consider i have 500 records, i need to insert records from 501. Through data loader we can insert from 501 we have start row in dataloader.
  • In Dataloader if you use bulk API, then triggers, workflows, process builders and all will be skipped automatically.

No comments: