Tuesday, February 16, 2016

Setting up sharing in Salesforce Communities

Requirement

How to enable some Community Users in an account to view and edit any Case created by anyone in their Account. Also, provide a way to group Community Users together so that Cases are editable only within the group

In Salesforce terminology this breaks down to:
  1. Within an Account, how to group users together for shared case access?
  2. How to allow some Customer Community users in an Account to see and edit all Cases across all groups (defined in point 1) above?
  3. Is it possible to control type of access (read/write) by user?

Salesforce Community Capabilities and constraints (aka what do we have to work with?)

  • Salesforce has a way to allow certain users to have read/write access to Cases irrespective of who filed them using the Community Plus license (see Salesforce documentation: Grant Super User Access to Customer Users in Your Community)
  • Case sharing model OWD is set to Private (internal and external)
  • Role based and Apex Sharing is not allowed for Customer Community license (see Salesforce documentation: Communities User Licenses)
  • Default owner is the person creating the Case
  • Only Contact or Account level sharing is allowed through Sharing Sets configured in community settings (See Salesforce documentation: Sharing Set Overview)
  • There is no way currently to control read or read/write access by community user :(

Solution

  • Setup an Account Hierarchy (You should already have this :)
  • Add a Parent Account attribute to the Contact (You might already have this too)
  • Assign the Case tab to your portal
  • Identify users who need to have access to all Cases filed under their Account (requirement 2 above)
    • Assign these users a Customer Community Plus license. Also create a permission set with one permission - Delegated External User Administrator - and assign it to them. 
  • Setup Sharing Sets
    • Go to Setup->Customize->Communities->Communities Settings
    • In the Sharing Sets section, click on New to create a new Sharing Set named "Share case within Account"
    • Select "Customer Community User" as the profile this Sharing Set will apply to
    • Select "Case" as the object this Sharing Set will apply to
    • Set the access rule to Grant Access where User.Account matches Target Case.Account, give Access Level Read/Write. (You can also give Read only here)
  • Now Contacts within the same Account will be able to view each others cases in the Community. (requirement 1)
    • Contacts under the same Parent Account, but not in the same Account will not be able to see Cases of Contacts in other Accounts
    • Example: Parent Account is A and there are two child Accounts B and C. 
      • Contacts belonging to B will see cases of other Contacts belonging to Account B.
      • Contacts belonging to C will NOT see cases of other Contacts belonging to Account B
      • Only Contacts belonging to either B or C having the Customer Community Plus will be able to see all Cases belonging to Account B and Account C



Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)