Sharing rules are a great way to make sure your records are accessible to groups of users (such as roles and public groups). Unfortunately, sharing rules cannot be used to share records dynamically, such as with a user in a lookup field on a record. Fortunately, this can be done declaratively using one of our favorite tools: Visual Workflow (with some assistance from its sibling, Process Builder!).
Our general approach to this is similar to the function of the Sharing button in Salesforce Classic – we will share a level of access to a specific record with a specific user. This is done through a separate object called objectNameShare for standard objects and customObjectName__Share for custom objects. As long as a share record exists for your user or for a group to which you belong, you’ll have that level of access on a record. Share records have 4 important fields that we’ll worry about:
- AccessLevel : this is the level of access granted to the user (picklist values are Read, Edit, and All)
- ParentId : this is the record ID of the record that is being shared
- RowCause : this is the reason for sharing the record; for custom objects, custom sharing reasons can be created
- UserOrGroupId : this is the ID of the group or user with which you are sharing the record
N.B. : for standard objects, the naming convention for these fields is slightly different; OpportunityShare, for example, uses OpportunityAccessLevel and OpportunityId instead of the above field. If you’re not sure what to use, navigate to the object in Workbench and click on the Fields folder for that record. Additionally, sharing is only available for objects where the sharing setting is not Public Read/Write.
Let’s get to sharing! Here’s our user story: our sales team often assigns a Subject Matter Expert (SME) on certain opportunities. These SMEs only need read access on the records they are assigned too, and our org does not use Opportunity Teams (see note). Our SMEs are discovering that they do not have access when they are initially assigned to the opportunity and the salesperson has to manually share the opportunity with the SME. Help the sales team share the opportunities with the assigned SME automatically!
First, we’ll create a flow that will create the sharing record. Using a record lookup block, we will look up an Opportunity where the ID is the same as the value we pass in through the process builder. We’ll call that variable OppVar (text variable, input only). We’ll store the ID of the SME in a variable called SMEVar (text variable, private).
Next, we’ll check to see if the user already has access to the record with another record lookup. We want to look up any OpportunityShare records where the UserOrGroupId is the same as SMEVar and the OpportunityId is equal to OppVar. Save the value of the OpportunityAccessLevel to a variable called Access (text variable, private). Make sure to check the box to Assign null values to the variable if no record is found.
Now that we’ve found any existing OpportunityShare records, we will add a decision block to check the value of Access; call that block “Does access exist?”. We’ll create an outcome called “Yes” where Access is not null. We can also rename the Default Outcome “No”.
Our last step for the flow is to create the share record if the decision block has the “No” outcome. We’ll give Read access, set OppVar as the OpportunityId, set Manual as the RowCause, and SMEVar as the UserOrGroupId.
We’ll save the completed flow as an Autolaunched flow so we can call it through Process Builder, activate the flow, and then create the process itself! We’ll create a process that runs when a record changes. Select Opportunity as the object and run the process whenever records are created or edited.
In the criteria, we’ll have this process run when the SME field is not null and changes values.
Our last step before activating is to add the Flow action. Select Flow as the action type, call the step “Share with SME”, and select your autolaunched flow. Set the variable OppVar to the value of the opportunity’s ID. Save the step and activate the flow!
Congratulations, you’ve accomplished your task! To test, you can populate the SME field on an opportunity, and then click the Sharing button. You can see a value for that user with Read Only access listed as Manual. Give yourself a pat on the back!
Thanks for reading the first post in our Visual Workflow series! Tune in next week for more on Flows!
Have another topic you’d like to see in the future? Send us a tweet! @BeardforceTyler