Friday, May 13, 2016

Salesforce Interview Questions-Data Management Part-2

6. Can we avoid duplicates using apex data loader which we can do through import wizard?

7. What is Bulk API?
The Bulk API is used to upload high volume of data (millions of records).
The Data Loader uses the SOAP-based Web Services API by default. To use the Bulk API instead, check “Bulk API” checkbox in apex data loader settings page.
When you check Bulk API checkbox, increases the batch (upto 10000 records) which is usually 200 in normal upload.
Hard delete bypasses the Recycle Bin, so deleted records do not consume storage space and there is no way to retrieve them.

8. What is difference between “Export” and “Export All” in apex data loader?
Export: It will fetch only active records from salesforce.
Export All: It will fetch active as well as records from recycle bin.

9. True or False: Users can mass transfer records to which they do not have read access?

10. What is DateTime format supported in .csv file for upload in salesforce?

11. Is there is any option to specify time zone for uploading records in apex data loader?
Yes. Present in settings page of apex data loader.

12. When “Hard Delete” button will be enabled in apex data loader?
When you enable Bulk API setting in apex data loader.

Salesforce Interview Questions-Data Management Part-1

1. Is it necessary to define an explicit primary key in custom objects?
No. Every object has a standard field called id. There is no need to define an explicit primary key in custom objects. The standard id field can be used as primary key.

2. In which order, we upload data in salesforce for related objects?
When loading data into a salesforce application dependencies between objects determine the order in which objects are loaded. If there is a one-to-many relationship between A and B, the data for A should be loaded before the data for B.

3. What is Upsert and how external id are beneficial?
Upsert is an API function that combines insert and updates into a single call. Upsert uses an indexed custom field or external ID to determine whether to create a new object or update an existing object.
-If the external ID is not matched, then a new object is created
-If the external ID is matched once, then the existing object is updated
-If the external ID is matched multiple times, then an error is reported
Use Upsert when importing data to prevent the creation duplicates.

4. What is import wizard?
It is easy to use tool to load Accounts, Contacts, Leads, Solutions, or Custom Objects.
-Load 50,000 records or less.
-Prevent duplicates
-Doesn’t support all standard object but supports all custom object

5. Which is API based tool supported by Salesforce and what are its advantages?
Apex Data Loader

Advantages are:-
-Is a fully supported product.
-Supports import from CSV or export to CSV.
-Can be used to import or export more than 50,00 records.
-Supports loading from or exporting to a database via JDBC.
-Supports custom relationships for upsert.
-Can be run from command line.

Salesforce Interview Questions-Reports & Dashboards Part-2

6. What is a Custom Report Type?
Custom report types allow you to build a framework in the report wizard, from which users can create and customize reports. You build custom report types off of the relationships (master-detail and lookup) between objects so that you can:
  • Choose which standard and custom objects to display to users creating and customizing reports
  • Define the relationships between objects displayed to users creating and customizing reports
  • Select which objects' fields can be used as columns in reports
Note that the visibility of custom report types in the report wizard is controlled by users' access to the objects in the report type.
You may define which related records from other objects are returned in report results by choosing a relationship to another object.
You can associate up to four objects to a custom report type.

7. What is difference between custom report types and standard report types?
Standard report types are report types which salesforce create itself when we create objects and relationship between them.
Custom report types allow admin to specify what all fields will be available to user while creating a report. Also its provide functionality to associate up to 4 objects.

8. How access to reports and dashboard is controlled in Salesforce?
Access to reports and dashboards are controlled by folder in which they are stored. If user has access to folder then they can run reports present in that folder.
In reports data displayed is as per running user's security access. Reports can be run on both standard and custom objects.
Reports data is always generated in real time. When a report is saved, reports configuration parameters are stored but the generated data is not stored.

9. What is analytical snapshot?
Analytical snapshot allows reports run at scheduled time to be stored as objects. Analytical snapshots are used to perform trend analysis. As an example if we want to view how monthly sales are growing, fields in a report with sales figure can be stored in a custom object every month using Analytical snapshot. Data in this custom object can then be used to perform trend analysis.
Analytical snapshot are available from the Data Management menu option. Source report in Analytical snapshot can be of the type Tabular or Summary.
Setup Analytical reports require a four step process
  • Select source report
  • Select custom object
  • Map source report fields to custom object fields
  • Schedule the frequency for taking the snapshots
10. What is dashboard?
Dashboards are graphical representation of reports. Dashboards can be generated for summary or matrix reports (and not for tabular reports). Dashboards display data as per last time report was run.
A dashboard can have upto 20 components.

11. Is it possible that data you see on dashboard and data you see on report after drilling down the report on dashboard are different?
When a user views the drill-down report for a dashboard component, running user's access permissions determine what data is displayed on the drilldown report. Hence it is possible that data in the drill down report does not match the cumulative dashboard data.
Remember report runs based on current or logged in user and display real time data but dashboard store the information from reports when you refresh dashboard. In order to see real time data on dashboard, refresh the dashboard.
Also dashboard can run based on logged in user or specified user but reports always runs based on logged in user.

12. What are different chart types available for dashboards?
  • Vertical column
  • Horizontal bar
  • Line
  • Donut
  • Funnel
  • Pie
Funnel is used to show proportion of values against each other.
Pie is used to demonstrate proportion of single value against total.
Donut is used to demonstrate proportion of single value against total and also show the total value.

13. What are limitations of salesforce reports?
  • Support for trend analysis in Salesforce is fairly limited.
  • User Interface of Salesforce reports and dashboards is fixed. Salesforce does not support pixel perfect report.
  • Salesforce reports do not support importing data from other sources
  • When displaying objects and their children, Salesforce does not support reporting on objects that do not have any children.
  • If an object has two different related lists, then Salesforce reporting does not support displaying both these related lists together.

Reports & Dashboards-Part 1

Salesforce Interview Questions-Reports & Dashboards Part-1

1. What are different types of reports?
  • Tabular report. This is the most basic report. It displays just the row of records in a table like format with grand total. Tabular reports cannot be used for generating dashboards.
  • Summary report. This is the most commonly type of report. It allows grouping of rows of data. It supports sorting and displaying subtotals. For example in a recruiting app, a summary report could be used to display open positions classified by department name.
  • Matrix report. This is the most complex report format. Matrix report summarize information in a grid format. Matrix reports allows records to be grouped by both columns and rows.
  • Joined Reports: Joined reports let you create multiple report blocks that provide different views of your data. Each block acts like a “sub-report,” with its own fields, columns, sorting, and filtering. A joined report can even contain data from different report types.
2. What all reports can be used to generate dashboards?
Summary and Matrix reports

3. What all things are not supported in joined reports?
The following items aren’t supported in joined reports, and aren’t converted:
  • Bucket fields
  • Cross filters
  • The Rows to Display filter
4. What are bucket fields?
Bucketing lets you quickly categorize report records without creating a formula or a custom field. For example, create a bucket field named Size based on the # Employees field. Then, create buckets that group records into “Large,” “Medium,” or “Small” ranges that you define. Bucket fields can be used like any other field to sort, filter, and group your report.
You can add up to five bucket fields per report, each with up to 20 buckets. Only numeric, picklist and text field can be used for bucketing. Other data types are not supported.

5. Can we create a formula type in reports?
Formula are not available in tabular reports but available for other report types.
Formula can be only in number, currency and percent format.

                                                                                Reports & Dashboards-Part 2

Salesforce Interview Questions-Workflow & Approval Process Part-2

6. Difference between workflow rule and approval process?
Workflow Approval
They are activated when a record is saved. Approval process are triggered by explicitly clicking the "Submit for Approval" button.
Workflow consists of single step and different action Approval process consists of multiple steps. Also different action is taken based upon whether the record is approved or rejected.

7. Is it possible to start approval process after records is created in salesforce without clicking on submit for approval button?
Yes. Process builder or apex trigger can be used to initiate approval process when record is created.

8. How we can achieve dynamic approval process like approve of position record should be user defined in hiring manager field of position?
It is possible through apex triggers because in standard approval process, you need to define approver while creating approval process.

9. Is it possible to skip steps in approval process?
In processes that have steps that are optional depending on criteria, use the skip step feature.
To skip steps, use filter criteria or formula, then choose what should happen to records that do not meet the criteria. The options are:
- Approve Record (approves the request and performs all final approval actions).
- Go to Next Step (skips this step and goes to the next step).

10. Can we implement multilevel approval process in salesforce?
Yes. Define different steps in approval process.

11. Can we update parent record with workflow field update?
Yes, only if relationship is master detail. If it is look-up relationship, then it is not possible.

Salesforce Interview Questions-Workflow & Approval Process Part-1

1. What is workflow rule and Workflow actions?
Many of the tasks you normally assign, the emails you regularly send, and other record updates are part of your organization's standard processes. Instead of doing this work manually, you can configure workflow to do it automatically.
Workflow automates the following types of actions based on your organization's processes:
  • Tasks—Assign a new task to a user, role, or record owner.
  • Email Alerts—Send an email to one or more recipients you specify.
  • Field Updates—Update the value of a field on a record.
  • Outbound Messages—Send a secure, configurable API message (in XML format) to a designated listener.
Before adding new action you need to deactivate workflow rule and do the changes and then again activate it.

2. A workflow already exists on object. Now user want to add time dependent workflow action to it but not able to get an option to select time dependent action. What might be issue?
Evualation criteria is set to “created, and every time it’s edited”
3. What is queue?
A queue can hold a predefined set of objects and consists of a set of users. Any of the queue members can pick up tasks assigned to the queue. Users or Queues can be owners of records.
While adding queue members to queue, you can add users, public group, partner users, specify role of users etc.

4. What are approval process?
Salesforce supports wizard based easy to configure approval process. After an object is selected, the wizard guides the user through a step-by-step setup. Approval process is triggered when a user clicks on the "Submit for approval" button.
The approval process consists of the following steps -
  • Process definition
  • Initial submission actions
  • Step definitions
  • Final Rejection actions
  • Final Approval actions
Final Recall actionsIn workflow rule,action is triggered when a record meets an evaluation criteria. Workflow rules definition does not impact existing records. Workflow rule gets applied to new record creation or edits.

5. Is it possible to create parallel approval process (ability for multiple user to approve or reject a record)?
Yes. Parallel approval process allows specifying (upto 25) multiple approvers. The approver setting could be set to unanimous, or first action. In unanimous parallel approval process, all approvers must approve a request, before it is considered as approved.

Refer Below Links for Salesforce Interview Questions

Thursday, May 12, 2016

Salesforce Interview Questions-Process Builder

1. What is process builder?
The Process Builder is a workflow tool that helps you easily automate your business processes by providing a powerful and user-friendly graphical representation of your process as you build it. The Process Builder’s simple and powerful design allows you to:
  • Create your processes using a convenient layout with point-and-click efficiency.
  • Create your whole process in one place rather than using multiple workflow rules.
  • Create processes by collaborating with different teams in your business.
  • Stop using Apex code to automate simple tasks.
Automated processes in the Process Builder are based on records and consist of:
  • Criteria that determine when to execute action groups.
  • Immediate and scheduled actions to execute when those criteria are met.
Any change that causes a record to match the criteria can automatically trigger the action group.
You can use the more powerful and flexible Process Builder to perform the same actions as workflow. The process builder doesn’t support outbound messages, but you can easily create one yourself with Apex. With the Process Builder, you can:
  • Create a record
  • Update any related record—not just the record or its parent
  • Use a quick action to create a record, update a record, or log a call
  • Launch a flow—you can’t schedule this action with workflow
  • Send an email
  • Post to Chatter
  • Submit for approval
2. What should be the condition we need to specify in process builder to specify schedule actions?
Below are 2 conditions:
  • Only when record is created
  • When record is created or edited and while define criteria select the checkbox for below setting
    • Do you want to execute the actions only when specified changes are made to the record?
3. Is it possible to edit the process once it is activated?
No, You need to clone and while cloning you can create new process or create new version.

4. How to troubleshoot the errors if any issue comes in process builder?
Use the error messages that appear in the Process Builder and the emails you receive when a process fails to help solve problems that arise when you’re working with processes. When all else fails, look at the Apex debug logs for your processes.
  • Identifying Errors in the Process Builder
The API names for criteria nodes and actions are created in the background. When you create or update processes, you might see error messages that reference those names to help you identify specifically where the problem occurred.
  • Errors Received after a Process Starts Evaluating a Record
When a user performs an action that triggers a process (such as creating a record) and that process fails, the user sees a page with this error: “Workflow Action Failed to Trigger Flow.” In addition, the administrator who created the process receives an email with more details.
  • Using Debug Logs to Troubleshoot Processes
Use debug logs to find detailed information about your running processes after they finish running. For example, if a process doesn’t seem to trigger when a record meets the process’s criteria, or if you want to understand the sequence of processes being executed.

5. What user permission is required to create edit and view process?
“Manage Flow” AND “View All Data” in profile.

Salesforce Interview Questions-Validation Rules

1. What are validation rules?
Validation rule contains an error condition and error message. If evaluation of error condition results in true value, record is not saved, and the error message is generated. Validation rules can be attached to fields. They are executed when a record is created or updated.

2. Can we avoid deletion of records through validation rules?
No. Validation rules fire in insert and update operation.

3. Can we bypass validation Rules?
Validation rules can never be bypassed. If we have upload records and need to bypass validation, then deactivate validation rule and upload records. After upload, again activate validation rule.

4. Is it possible to fire validation only for records which is being getting updated not to newly inserted records?
Yes, We can use ISNEW() function which will return true whenever new record is getting created in validation rule. We can use this function and check our criteria only if ISNEW() function is returning false(means record is being updated).

5. Is there is any way through which validation rule is bypassed while doing upload through data loader  but not when user is creating record from user interface?
Yes. Create a checkbox field as API upload and make this field hidden in page layout. Create a validation rule and in evaluation criteria first check if checkbox is false and then check other validation criteria.
Whenever user upload record through data loader, specify value for this checkbox as true in .csv file and then upload it to salesforce. While upload, validation rule will fire and will find checkbox value as true so it will not check other criteria and system will allow to upload records.

6. What is the difference between ISBLANK() AND ISNULL()?
ISNULL() works only for number data type fieds, if we don't populate with value for number fields it will return true.
ISNULL() won't support TEXT data type fields because text fields never become null.
ISBLANK() supports both number as well as text data types.

7. What are cross object formula fields?
Cross-object formulae span two or more objects by referencing merge fields. By using this you can refer parent fields from child record.

8. What are different ways to make field required in salesforce?
  1. While field creation, specify required field as true.
  2. Through page layouts
  3. Validation rule
  4. Apex trigger
9. Admin wants to avoid the deletion of child records in master detail relationship. Is it possible to achieve this using point and click functionality?
Yes. First create a roll up summary field on parent which calculates the total count of child records. Now write a validation rule on parent object which checks if previous value of total count is less than new value. If yes, then display error message.
Suppose field name is total_count__c in parent object then validation rule criteria will be:
Priorvalue(total_count__c) <total_count__c
When we delete the child record then roll up summary field value will get reduced by 1. System will update the parent record roll up summary field which will fire the validation rule and avoid user from deleting child record.

Create sObjects Dynamically in Apex

If you need to create record dynamically, then use below code:

For example, we are creating a contact record. 

String typeName="Contact";
Schema.SObjectType objToken = Schema.getGlobalDescribe().get(typeName);
sobject con= objToken.newSObject();
con.put("firstname","Sunil");  //first parameter is field API name and second is its value
insert con;

You can create any object record dynamically.

If you want to insert many records through list, you can store sObjects in list of sObjects and perform DML on list. 

Wednesday, May 11, 2016

Salesforce Interview Questions-Objects & Fields Part-4

16. Is it possible to change master-detail relationship to lookup relationship?
If the parent object doesn’t have Roll up Summary fields for the child object then we can convert.

17. Is it possible to create the Master – Detail Relationship field for the child object which is having existing records?
No, we cannot create directly. To create first we should create Look up relationship then populate the field value for all the records and then convert the look up relationship to master detail relationship.

18. What will happen if we undelete junction object and normal object from recycle bin?
Master – Detail Relationship data types will be converted to look up relationship data types.
If we undelete any object from recycle bin, then all master detail relationship will be changed to lookup relationship.

19. What will happen if we delete child object in case of look up relationship and master detail relationship?
In case of lookup relationship, we can delete parent object or child object. When parent object will be deleted, the value of lookup relationship field in all child records will become blank.
In case of master-detail relationship, if parent object contain roll up summary, then system will not allow you to delete child object.Also you cannot delete parent object in master detail relationship.

20. Is it possible to filter the records which are coming in look-up window when we click on lookup icon?
Yes, define filter criteria while defining the look up relationship.

<<Objects & Fields Part-3                        Sharing & Security Part-1>>

Salesforce Interview Questions-Objects & Fields Part-3

11. What is difference between lookup and master details?
Look-up Master
•Up to 25 allowed per object
•Parent is not a required field
•No impact on security and access
•No impact on deletion
•Can be multiple layers deep
• Lookup field is not required
•Up to 2 allowed per objects.
•Parent field on child is required
•Access to parent determines access to children.
•Deleting parent automatically deletes children(cascade delete)
•Can only be multiple layers deep, the number depends on whether master object is a standard or custom object
•Lookup field on page layout is required.

12. What are roll up summary fields?
Rollup-summary fields are supported in master detail relationship. The parent object can use roll-up summary field type to perform operations of sum, maximum, minimum, count among its children records.

13. What is junction object?
Junction object is an object which has master detail relationship with 2 different objects. Many-to-Many relationships are implemented using two master detail objects. One Junction object is used as the child of the objects between which many-to-many relationship needs to be established.

14. What is difference between self-relationship and hierarchical relationship?
Self-relationship is a lookup relationship to itself. For example a case record can be related to parent case record.
When there is self-relationship exist on user object, then it is called hierarchical relationship. For example, an employee's manager is also an employee.

15. Can we change already existing lookup relationship between 2 objects to master detail relationship?
System will allow changing relationship to master-detail only if all child records have value specified for parent as in master detail relationship, master is required.
If any of the child value doesn’t have parent value (means look up field is blank), then system will give validation error while changing the data type.
So if it is required to change relationship, them populate all blank values with some parent value and then change it to master detail.

<<Objects & Fields Part-2                           Objects & Fields Part-4>>

Salesforce Interview Questions-Objects & Fields Part-2

6. What all data type can be used as controlling fields?
Picklist and checkbox. Standard picklist cannot be dependent picklist. Custom fields can be controlling as well as dependent fields.

7. What are encrypted fields?
A field defined as encrypted is not visible to users. Typical usage of encrypted field is for password. Only users with "View Encrypted Data" can view the encrypted fields. Encrypted fields are editable.
Encrypted fields can not be used in where clause in SOQL. To check encrypted fields, Goto Setup > Security Control > PLatform Security > Encryption Policy > Encrypt Fields

8. What is difference between 15 digit and 18 digit Record id?
In Salesforce, whenever user create any component (Object, field, tab etc...) or record then salesforce will generate an unique id with which user can identify the record or component.
After creating the record, in the URL user can see the id of the record which is of 15 digits length.
15 digit id- It is case sensitive and can be seen in user interface in URLs and Reports
18 digit Id- It is case insensitive. APIs and Apex (SOQL) always return 18 digit Id. Even through apex dataloader, we get 18 digit Id.

First 3 digit of record Id specifies the object to which record belongs. For example account records starts with “001” & contact record start with “003”.

9. What are different types of relationship in salesforce?
Basically there are 2 types of relationship, lookup and master detail.
Other relationships are:
  • Self-relationship- When object is related to itself. For example a case can be related to parent case.
  • Hierarchical relationship- When user has relationship with user. For example we can have manager field in user object which is related to user object only.
  • Many to many relationship- When an object is having master detail relationship with 2 different objects.  The intermediate object is called as junction object. An object is called junction object only if it has master detail relationship with 2 different objects.
10. Can a standard object become child in master detail relationship?
No. Standard objects always remain master.

<<Objects & Fields Part-1                      Object & Fields Part-3>>

Salesforce Interview Questions-Objects & Fields Part-1

1. What is difference between standard objects and custom objects?
Standard are objects are predefined by Salesforce like Accounts, Case, Contact etc. Custom object are created by developers based upon application requirements.

2. What are system modifiable fields. Whether these fields can be modified?
Fields like createdby, createddate, modifiedby, modifieddate are system modifiable fields. These fields cann’t be modified. If you want to upload historical data and want to specify values for these fields, then you need to contact salesforce and they will make these fields available for certain duration.
Remember you can specify these fields while doing insert only. You cannot update these fields after insertion. System modifiable fields are available through API’s only not on UI. As a best practice always enable these fields only for initial data migration.

3. True or False: The Created Date can be updated for a record via the API as long as the Modifiable System Fields id turned on.
False. These fields are available for insert and cannot be updated once uploaded.

4. Does salesforce stores the deleted objects and fields?
Yes, salesforce stores the deleted objects and fields for 15 days in recycle bin. You can restore or undelete them from recycle bin.

5. What are external Ids? Does external ids are unique in salesforce?
A field of type external id is a unique id of records from another system. The performance of reports and SOQL is better for fields defined as external ids. Fields of type number, text and email can be set as external id. Each object can have upto three external ids.
External ids are not unique in salesforce. You need select unique and external id checkboxes while creating fields to make external ids unique.
Advantages of External Id:
-Increase report and API SOQL performance
-Used with upsert to easily integrate apps with other systems


                                                                                  Objects & Fields Part-2>>

Salesforce Interview Questions-Sharing & Security Part-4

16. True or False: A field hidden by field-level security is still visible through the API?

17. True or False: Child records in master-detail relationships have their own OWD?
False. In Master detail relationship, child inherit OWD from OWD. If you see OWD for child in master detail relationship, then system will display “Controlled by parent” in OWD settings page.
Child in look up relationship have different OWD as they are loose coupled.

18. If even one person in your organization is not allowed to see position data, what will be OWD ?

19. What is apex manage sharing?
Apex managed sharing is a type of "Programatic Sharing" which allows you to define a custom sharing reason to associate with your programatic share. Standard Salesforce objects support "Programatic Sharing" while custom objects support Apex managed sharing. More specifically, object shares can be written to both standard and custom objects, however custom sharing reasons can only be defined for shares written to custom objects.
apex manage sharing is used for custom objects as we can define apex sharing reason for custom objects. For standard object, apex sharing reason will be “Mannual”.
Salesforce create share table for all objects for which OWD is either public read only or Private. For standard object, share table name is table name followed by share word. For example: AccountShare, ContactShare, CaseShare
For custom object, it is followed by __share. For example : For Position__c, share table name is Position__share

20. How to create share table record using apex?
Share table contains four columns: ParentId, UserOrGroupId, RowCause, AccessLevel.
Below is code to create position__share record:
Position__share p = new Position__share();
p.parentId = ‘Position Record Id which needs to be shared’;
p.userOrGroupId= ‘User id or Group id with which we want to share record’;
p.RowCause=’ apex sharing reason defined for custom object, here for position__c’;
p.AccessLevel =’access level for record’; //can be Read or Edit
insert p;
Note: you cannot update share table record. System only allows insert or delete of records for share table. So if you have to change access for user, you have create new record and can delete already existing record if you want.

21. Can we define apex sharing reason for standard object?
No. We can define apex sharing reasons for custom object.
Apex sharing reasons are defined object by object. - so, positions might have different reasons than candidates.

<<Sharing & Security Part-3

Salesforce Interview Questions-Sharing & Security Part-3

11. What will happen if profile related to user U1 above in role hierarchy doesn’t have CRUD permission for object say A. User U2 below in his role hierarchy have CRUD permission to object A. Will user U1 will be able to see or edit record if Grant Access Using Hierarchies is checked for object A in sharing settings?

No.If a user does not have read or edit access to an object via OWD, a profile or permission set, they will have no visibility over an object regardless of their role and role hierarchy.
Always remember that User above in role hierarchy can see records of users below in hierarchy but operation which he can perform depends on permission on his profile (CRUD & View All & Modify All).

12. What is permission Set?

A permission set is a collection of settings and permissions that give users access to various tools and functions. The settings and permissions in permission sets are also found in profiles, but permission sets extend users’ functional access without changing their profiles.
For example, to give users access to a custom object, create a permission set, enable the required permissions for the object, and assign the permission set to the users. You never have to change profiles, or create a profile for a single use case. While users can have only one profile, they can have multiple permission sets.

13. Is it possible to restrict permission for users using permission set?
No. Permission Set always extends the permission.

14. If you have two record types for an object, do you need to have two page layouts for that objects?
No. It is not required but if user want different UI for different record type then we can create 2 different page layout and assign page layout to profiles based on record type.

15. If a user does not have access to a specific record type, will they be able to see the records that have that record type?
Yes. Record type controls only visibility of record on UI not its access to users.

<<Sharing & Security Part-2         Sharing & Security Part-4>>                              

Tuesday, May 10, 2016

Salesforce Interview Questions-Sharing & Security Part-2

6. When Share button will be available on record detail page?

When OWD for object is “Public Read Only” or “Private”.
If OWD is Public Read-Write, then everyone in org have access to all records of object.

7. How to check whether user has access to a particular record or not?

Query “userRecordAccess” to check whether has access to record or not.
For example:
SELECT RecordId, HasReadAccess, HasTransferAccess, MaxAccessLevel, HasAllAccess, HasDeleteAccess, HasEditAccess FROM UserRecordAccessWHERE UserId = “005xxxxxxxxx”AND RecordId = “001xxxxxxxx”
HasAllAccess Indicates whether a user has all access–read, edit, delete, and transfer—to the record (true) or not (false).
HasReadAccess, HasEditAccess , HasDeleteAccess ,HasTransferAccess return Boolean value.
MaxAccessLevel return access level like None, read, Edit,Delete,Transfer and All.

8. What will happen if a field is hidden through Field level security and user search a values in that field?

Field-level security doesn’t prevent searching on the values in a field. When search terms match on field values protected by field-level security, the associated records are returned in the search results without the protected fields and their values.

9. What does “View all” and “Modify all” permission do at object level?
  • When you grant “View All” or “Modify All” for an object on a profile or permission set, you grant any associated users access to all records of that object regardless of the sharing and security settings.
  • In essence, the “View All” and “Modify All” permissions ignore the sharing model, role hierarchy, and sharing rules that the “Create,” “Read,” “Edit,” and “Delete” permissions respect. Furthermore, “Modify All” also gives a user the ability to mass transfer, mass update, and mass delete records of that specific object, and approve such records even if the user is not a designated approver.
  • These tasks are typically reserved for administrators, but because “View All” and “Modify All” let us selectively override the system, responsibilities that are usually reserved for the administrator can be delegated to other users in a highly controlled fashion.

10. If object-level permissions conflict with record-level permissions, then what will happen?

If object-level permissions conflict with record-level permissions, Salesforce applies the most restrictive settings.
  • If a user’s profile grants him update permission on an object, he will not be able to edit records of that type owned by other users unless read/write record-sharing has been granted.
  • If read/write sharing has been granted, a user whose profile does not specify update permission will not be able to edit records of that type.

<<Sharing & Security Part-1                 Sharing & Security Part-3>>

Salesforce Interview Questions-Sharing & Security Part-1

1. What are different levels of security in salesforce?
  • Object level security
The bluntest way that we can control data is by preventing a user from seeing, creating, editing, and/or deleting any instance of a particular type of object, like a Position or Review. Object-level access allows us to hide whole tabs and objects from particular users, so that they don't even know that type of data exists.
On the platform, we set object-level access rules with object permissions on user profiles.
  • Field level security
A variation on object-level access is field-level access, in which a user can be prevented from seeing, editing, and/or deleting the value for a particular field on an object. Field-level access allows us to hide sensitive information like the maximum salary for a position or a candidate's social security number without having to hide the whole object.
On the platform, we set field-level access rules with the field-level security.
  • Record level security
To control data with a little more finesse, we can allow particular users to view an object, but then restrict the individual object records that they're allowed to see. For example, record-level access allows an interviewer like Melissa Lee to see and edit her own reviews, without exposing the reviews of everyone else on her team.
On the platform, we actually have four ways of setting record-level access rules:
  • Organization-wide defaults
  • Role hierarchies
  • Sharing rules
  • Manual sharing
2. What is Organization wide default?

OWD stands for Organization wide defaults. This setting is defined at object level. OWD defined the default record level sharing for objects. All profiles get at least the privileges defined in OWD. OWD takes three different values -
A. Private
B. Public Read only
C. Public Read-Write
To find out what should be set as OWD for an object, first find out which user requires least access to an object. OWD is set based upon this users access requirements.
Most restrictive record access is defined using OWD. Access to additional records is made available through Role hierarchy, Sharing rules, Manual sharing.

3. What is role hierarchy?

Role Hierarchy allows additional users access to records. A hierarchy of roles is defined based upon access requirements at record level. Each user belongs to a unique role. If a role has access to some record, than its parent and ancestors will also have access to this record. Roles can be created using the Manager Users menu. Roles are used to control record access, where as profiles are used to specify access at object and field level.

4. What is public group?

Public group consists of users, roles or "roles and subordinates". Sharing rule is defined using public groups. Record that match certain condition can be assigned to users in public groups using Sharing Rules. Sharing rules functionality is available via the menu Sharing Settings.

5. What is manual sharing (User Managed Sharing)?

Manual Sharing is used to grant one-off access. Manual sharing can be granted by record owner, any one above the owner in role hierarchy and System Administrator. Manual sharing is used to handle exception cases where access to a particular record needs to be given to a specific user. There is a Sharing button on the records page. This is used to provide manual sharing.

<<Objects & Fields Part-1         Sharing & Security Part-2>>