About Access of Role to Object rules
|
|
Access Manager simplifies the process of granting authorization and as a best practice should be used instead of working directly with Access of Role to Object rule forms. In the Studio Designer, click > Org & Security > Access Manager. See Org and Security category - Access Manager landing page for more information.
You can also use this form to create or modify an Access of Role to Object rule for each class on which you want to set new or additional access permissions based on access role (Rule-Access-Role-Name rule type).
To specify new or different access to a class than provided by standard Access of Role to Object rules, create an access role (Rule-Access-Role-Name rule type) and then create an Access of Role to Object rule for the appropriate classes.
Access of Role to Object rules are not subject to rule resolution and affect all users on a system. As a best practice to avoid confusion and difficult-to-debug security configurations, place each Access of Role to Object rule in the same RuleSet as the RuleSet of the Access Class — the second key part.
In the Studio Designer, click > Org & Security > Tools > Security > Allow Access to a Class to list Access Definitions by Class. (The Records Explorer lists only those in your own RuleSet list, not all Access of Role to Object rules.)
Access of Role to Object rules are instances of the Rule-Access-Role-Obj class. They belong to the Security category.
Atlas — Standard Access of Role to Object rules |