Salesforce Developers

Thursday 4 September 2014

What are Roles in salesforce?

In Salesforce, Roles are the part of Administration Setup. Roles are defined to increase or decrease the authority of any user in terms of data visibility. The data visibility can also be managed by building role hierarchy or by using sharing rules. Defining role hierarchy permits the user at higher level to access the records owned by users at lower level in role hierarchy. It is not necessary that a user must have a role.
         Moreover, OWD are used to set the default access for objects, for example if, OWD has been set as private means that only the record owner can access the record. Additional access to the records owned by other users can be achieved by roles i.e. user with higher level in role hierarchy can access the records of the user at lower level in role hierarchy. Another way to achieve this is writing sharing rules, where we can specify the logic to which role user, which record should be shared. We can not specify this role hierarchy with standard objects as it is set by default, but we can set up this role hierarchy for any custom object. Defining role for users is not compulsory, but not defining roles may cause some problems in reports for that user.
 
 
Summarised view of above explanation:
1. It is not compulsory to define role for each and every user. 
2. We can write sharing rules to share records to a user with particular role and subordinates.
3. Roles are also helpful in Extending OWD settings.
4. Role hierarchy controls the access of record according to the user level.

What are Profiles in Salesforce?

In Salesforce, Profiles are mainly used to control the object level access. These are one of the most important things to create an application. We cannot have any user without profile. In Profile we defines the fields/objects permissions and also many other permissions. It states what a user can do and access in the org. Salesforce provide some standard Profiles itself which can be used as it is, and also we can create our own Profiles with required set of permissions. It is recommended that, new custom Profiles should be created by cloning of standard Profile.
By profiles we can define the following things:
1. Object CRUDE (create, read, update, delete & edit) Permissions.
2. Field - Level Security (view or edit).
3. Page Layouts for each and every object.
4. Visibility of Tabs.
5. IP addresses Restriction.
6. Login Hours can also be defined.
7. Record Type Permissions.
8. VF pages & Apex classes can also be defined that what should be visible to this profile user.