Once the organization-wide defaults have been established, you can use a role hierarchy to ensure that managers can view and edit the same records as their line reports (or subordinates). Users at any given role level are always able to view, edit, and report on all data owned by or shared with users below them in the hierarchy, unless the OWD settings specify ignoring the hierarchies.
To view and manage your organization's role hierarchy, follow the path Your Name | Setup | (Administration Setup) | Manage Users | Roles:
Here you can choose to view the hierarchy in one of the following options:
This view displays a visual representation of the parent-child relationships between your roles. Click on Expand All to see all roles or Collapse All to see only top-level roles. To expand or collapse an individual role node, you may click the plus [+] or minus [-] icon as shown in the previous screenshot.
This view displays the roles as a list that you can sort alphabetically by role name, parent role (Reports to), or report display name. If your organization has a large number of roles, this view provides a far easier way to navigate the hierarchy.
To show a filtered list of roles, select a predefined list from the View drop-down list, or click on Create New View to define your own custom view of roles. To edit or delete any view you have created, select it from the View drop-down list and click on the Edit link. Once in the Edit View page you can click on the Delete button to delete the list view:
This view displays the roles as an indented list of roles and their child nodes, grouped alphabetically by the name of the top-level role:
To create a role, click on New Role or Add Role, depending whether your view of roles is using the list view or tree view, and enter the role fields as needed.
To edit a role, click on Edit next to a role name, then update the role fields as needed. You can delete a role, by clicking on Del next to the role name.
To assign other users to a role, click on Assign next to the role name and to view detailed information about a role, click on the role name.
Role hierarchies do not need to represent your company organization chart and instead, each role in the hierarchy should be considered as a level of data access that your users or groups in Salesforce require.
Depending on your sharing settings, roles can control the level of visibility that users have into your organization's data. Users at a particular role level can view, edit, and report on all data that is owned by or has been shared with users below them in the hierarchy. This is assuming your organization's sharing mechanism for that object type does not specify otherwise.
Specifically, in the Organization-Wide Defaults related list, if the Grant Access Using Hierarchies option is disabled for a custom object, say, then only the record owner and users granted access by the organization-wide defaults can access that custom object's records.
Although, it is possible to create a user record without a role, users would need to be assigned to a role, so that their records will appear in opportunity reports, forecast roll-ups, and any other display based on roles.
Users that are to have access to all records in Salesforce CRM should be set at the top-most position of the role hierarchy.
When you change a user's role, any relevant sharing rules are re-evaluated to add or remove access to records as necessary.
To view detailed information about a role, follow the path Your Name | Setup | (Administration Setup) | Manage Users | Roles, and click on the role name:
To view the role detail page for a parent or sibling role, click the role name in the Hierarchy or Siblings list.
To edit the role details, click on Edit.
To remove the role from the hierarchy, click on Delete.
Within the Users in Role related list you have options to:
When you edit roles, sharing rules are usually automatically re-evaluated to add or remove access to records as required. If these changes result in too many records changing at once, a message appears warning that the sharing rules will not be automatically re-evaluated, and that you have to manually recalculate them (as shown further below).Sharing rules should be used when a user or group of users needs access to records not already granted to them with either the role hierarchy setup or the organization wide default settings.
When you modify which users are in a role, any sharing rules are also reevaluated to add or remove access as necessary.
18.222.196.175