Roles determine user access to Relationships and Contacts, regardless of who owns those records. The access level is specified on the Role Edit page. For example, you can set the contact access so that users in a role can edit all contacts associated with accounts that they own, regardless of who owns the contacts. And you can set the Contact access so that users in a role can edit all Contact associated with Relationships that they own, regardless of who owns the Contacts.
Salesforce offers Role hierarchy that you can use with Sharing Settings to determine the access levels users have to the Elements data. Roles within the hierarchy affect access on key components such as records and reports.
Below is an example Role hierarchy for a sample firm. Each level will determine who has access to data within Elements.
Users at any role level can view, edit, and report on all data that’s owned by, or shared with, users below them in their role hierarchy, unless your firm’s sharing model for an object specifies otherwise. Here are some additional best practices and notes about Roles:
- Every user must be assigned to a role, or their data will not display in reports, roll-ups, and other displays based on roles.
- All users that require visibility to the entire organization should belong to the highest level in the hierarchy.
- It is not necessary to create individual roles for each title at your company. Instead, define a hierarchy of roles to control access of information entered by users in lower level roles.
- When you change a user’s role, the sharing rules for the new role are applied.
- To avoid performance issues, no single user should own more than 10,000 records of an object. Users who need to own more than that number of objects should either not be assigned a role or placed in a separate role at the top of the hierarchy. It’s also important to keep that user out of public groups that might be used as the source for sharing rules.
- When an account owner is not assigned a role, the sharing access for related contacts is Read/Write, provided the organization-wide default for contacts is not Controlled by Parent. Sharing access on related opportunities is No Access.
In the Organization-Wide defaults related list, you can disable the 'Grant Access Using Hierarchies' option for a custom object. When disabled, only the record owner and users who are granted access by the organization-wide defaults receive access to the object’s records.
Only System Administrators have access to edit and assign Roles. Please contact your System Administrator with questions about your access.