Sharing rules help customize security. They can authorize object access to specific public groups and/or roles, based on record ownership or field criteria.
1. Setup --> Sharing Settings --> Manage Sharing Settings for: Object (e.g. Change)
2. Edit Organization-Wide Defaults
- For complete security, set Internal/External access to Private
- Only the record owner and users above that role in the hierarchy, can view, edit, and report on those records.
- For limited restrictions, set Internal/External access to Public Read Only
- All users can view and report on records but not edit them. Only the owner, and users above that role in the hierarchy, can edit those records.
Note: Editing Organization-Wide settings will initiate a change operation, restricting you from creating sharing rules until the operation has been completed. You will receive an email update when it has finished.
3. Click New under Sharing Rules
4. Enter Label
Rule Name should auto-populate
5. Select Rule Type
5-1. Rule Type Based on Record Owner
5-1a. Specify owner criteria (public groups, roles, or roles and subordinates)
Tip: To add users to a public group: go to Setup --> Users --> Public Groups --> click on your desired public group --> click on Edit --> add new user(s). For details on how to create a public group, see the following KB article: https://propelplm.zendesk.com/hc/en-us/articles/236114388-Create-Approval-Group
5-2. Rule Type Based on Criteria
5-2a. Specify Field, Operator, and Value criteria for the sharing rule.
5-2b. If desired, add Filter Logic to adjust the relationship between each filter (defaults to AND).
6. Specify users to share with (public groups, roles, or roles and subordinates)
7. Select Access Level for the users chosen in Step 6
8. Click Save. Your org should recalculate automatically, but if not click Recalculate to make sure all objects are updated.