This article explains Salesforce default access permissions to calendar activities and how CalendarAnything LWC users can extend access to their calendar activities.
Default activity permissions
Salesforce stores Activity records (Events and Tasks) in standard objects and sets sharing access on those records to Private. The Private setting allows access to only the record owner and those higher on the role hierarchy. Sharing to those outside the role hierarchy becomes problematic, as Salesforce does not permit disabling role hierarchy on their standard objects.
This article explains some changes that can be made to CalendarAnything LWC to make it possible for activity record owners to share access with those lower on the role hierarchy.
Workarounds to default access
Solutions to the default access restrictions to calendar records do exist.
The Dummy Parent Account Solution
One solution is to create a “dummy” parent account and give access to this account to the users with whom activity records need to be shared. When the record owner creates the account, they select the dummy account as the “Related To” object, thereby giving access to the intended users.
Follow these steps to implement the parent account approach:
- Update the sharing setting on the Activity object as follows:
- From the Salesforce Setup menu, in the Quick Find box, enter Sharing Settings.
- Select Sharing Settings.
- Click Edit in the Organization Wide Defaults section.
- For the Activity object, select Controlled by Parent for the Internal Sharing Rule setting.
- Click Save.
- Create the dummy account as follows:
- Bring up the Accounts list.
- Click New.The New Account popup appears.
- Enter the new account information. It is recommended to choose a name representative of how the account will be used.
- Click Save.
- Ensure the Related To field is present on activity creation popups that will be using the new parent account.
- View the newly created account in the Account page.
- Click New Event.
- Ensure that the Related To field shows on the page. The field must be added if it is not there.
- For each calendar that will be used to generate activities under the new parent account:
- Check the Create and Edit Popup to see whether it contains the Related To field.
- If the popup does not contain the Related To field, add it using the Create and Edit Popup step of the Create and Edit calendars wizard.
The Dummy Parent Contact Solution
The dummy contact solution is very similar to the dummy account solution, only you create a dummy contact to serve as activity parent instead of an account.
The Custom Object Solution
Another solution is to create and use custom objects. You would use these objects to store CalendarAnything LWC calendar activities. You will want to remove role hierarchy from the custom objects. Role hierarchy is enforced by the Grant Access Using Hierarchies option, which can only be disabled for custom objects. Deselecting this option on a custom object removes automatic access for those higher than the owner on the role hierarchy.
Note that users will still have access if they are assigned View All and Modify All object permissions and the View All Data and Modify All Data system permissions.
To disable Grant Access Using Hierarchies for a custom object, follow these steps:
- From the Salesforce Setup menu, in the Quick Find box, enter Sharing Settings.
- Select Sharing Settings.
- Click Edit in the Organization Wide Defaults section.
- On the row with the custom object, deselect (clear) the Grant Access Using Hierarchies setting.
- Click Save.
Sharing settings
Sharing rules exist for both standard Salesforce objects and custom objects. Those for standard objects are limited. For example, only two options—Private and Controlled by Parent.—exist for the standard Activity object.
This list defines sharing rule options:
- Controlled by Parent: Users can perform actions (such as view, edit, delete) on a record on the detail side of a master-detail relationship if they can perform the same action on all associated master records.
- Private: Only the record owner, and users above that role in the hierarchy, can view, edit, and report on those records.
- Public Read Only: All users can view and report on records but not edit them. Only the owner, and users above that role in the hierarchy, can edit those records.
- Public Read/Write: All users can view, edit, and report on all records.