Object Level Security In Salesforce
What is object permissions?
In salesforce we can grant permissions to an object at profile or permissions sets level. You can grant read, create, edit, delete, view all and modify all permission to an Object from the Profile or Permission set level.
- Read: Person can only view/read records.
- Create: Person can create & read records.
- Edit: Person can edit and read the records.
- Delete: Person can delete, read and Edit records.
- View All: Person can view all records in the object irrespective of sharing settings of the organization.
- Modify All: Person can read, edit, delete, view all & modify all (can transfer, approve) irrespective of sharing settings of the organization.
Please note ‘Modify All’ doesn’t allow to change Ownership of Records for Case/Lead objects’.
Above defined 6 permissions we can set at object level from profiler permission set. Read, Create, Edit, and Delete respects sharing settings. But View all & Modify all overrides sharing settings of your organization.
Navigation to provide object permissions
Setup > Administer > Manage Users > profiles > Choose the profile where you want give object permissions and go to object permissions and provide required object permissions (Read/Create/Edit/Delete/View All/Modify All) to profile.
See the below screen for reference.