Methods to validate Sharing and Visibility :
- From System Admin perspective:
We can Add “Sharing” button on Record/Object’s Pagelayout. We will be able to see Type of USER/GROUP who are having access to record along with reason of the sharing.
- On Click on “EXPAND LIST”, We will be able to see all the users who are having access to the object with Detail Information.
- On Click of WHY, User will be able to see the details reason for the access
System Admin can query SHARE record for each object to find out the access level of the record.
- objectNameAccessLevel–The level of access that the specified user or group has been granted for a share sObject. The name of the property is AccessLevel appended to the object name. For example, the property name for LeadShare object is LeadShareAccessLevel. Valid values are:Edit,Read,All.
- This field must be set to an access level that is higher than the organization’s default access level for the parent object.
- ParentID – The ID of the object. This field cannot be updated.
- RowCause – he reason why the user or group is being granted access. The reason determines the type of sharing, which controls who can alter the sharing record. This field cannot be updated
- UserOrGroupId – The user or group IDs to which you are granting access. A group can bea public group or a sharing group associated with a role
- a territory group if you use the original version of Territory Management, but not with Enterprise Territory Management. This field cannot be updated.