Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Security

A user can be granted access to an item or an entity type in several ways. Not all possible ways are currently included in the connector. The security is layered and the security overrides depend the individual Salesforce environment settings. Initial access can be given or denied for all entities of a certain type and later access can be granted or restricted for individual items of this entity type. Security permissions are given by Licenses, Organization-Wide Defaults, Profiles, Permission Sets, Public Groups, User and Group Sharing (Direct Sharing), Roles, Sharing Rules (Object Sharing), Inherited Access (for managers), Sharing by parent object and Field Accessibility.


The current user security access is implemented in the connector.

  • User access is given by the user Id.
  • Group access is given from user roles and inherited sub roles
  • Entity access given to access all objects of one type - like all accounts. This is found by layering of License, Organization-Wide Defaults and Profile information. 
  • Permission to view all data, if the profile has this access.
  • Permission to view all users, if the profile has this access.


Security settings not implemented in the connector.

  • Permission Sets.
  • Sharing Rules (Object Sharing).
  • Inherited Access. Currently only roles will inherit permissions from sub roles. 
  • Sharing by parent object. Currently only exists for the well-known entity types with preselected metadata fields. 
  • Field Accessibility. No field restrictions for any of the index entities. 

Authentication

At search time users needs to log into their Salesforce accounts in ViaWorks. This authentication is done under Account & Settings and Source Credentials.


Identification


Authorization

Items are marked with a list of Salesforce groups and user SIDs at fetching time. At search time, users are given SIDs based on the Salesforce account associated with the ViaWorks login.
Example:

  • Salesforce_999 005A0000004wzojIAA (User)
  • Salesforce_999 00GA0000001LnPuMAK (Group)
  • Salesforce_999 Account (View all account - from user settings)
  • Salesforce_999 AllData (View all data - from profile settings)
  • Salesforce_999 Users  (View all users - from profile settings)


  • No labels