Skip to content

User Permissions and Security Models

Jump to bottom
Kara McIntyre edited this page May 25, 2019 · 2 revisions

Delivered Permission Set

Interactions for Student Recruitment comes with the permission set “Create Interactions.” This permission set includes access to the app, objects and fields a user needs to create Interaction records in a standard way. The permission set also includes access to view (not edit or create) Interaction Mapping records. Feel free to edit this permission set, assign it to users on a case-by-case basis, or use it as a starting point for creating or adding to a user profile.

Follow these steps to access the permission set:

  1. Go to Setup > Users > Permission Sets
  2. Select Create Interactions
  3. Review or make updates and Save

How Interactions Handles Your Security Models

Different universities have different needs when it comes to data security. The way this package uses the Opportunity object, for example, could pose security concerns for some universities because these records hold information concerning the potential student’s recruitment interests and, possibly, sensitive personal information. The departments within your university may be open to sharing their Opportunity data or they may want to keep it to themselves.

The Interaction Processor has full access to all records in Salesforce. This means if an Interaction is created by a user that matches a Contact they cannot see because of sharing settings, that Contact will still be updated. The out-of-the-box design assumes if a person has access to edit an Interaction field and that field is mapped to another field in the system, it has permission to write to it.

If this design does not meet your security requirements, you will need to update the way the Apex code is written to consider field-level security as well as sharing rules for the user who kicks off the Interaction Process. You may instead want to limit the users who have access to update Interactions, or at least remove their edit access to Interaction fields that are mapped to sensitive fields.

For more information on Security in Salesforce, see the Data Security Trailhead Module.

Clone this wiki locally