[SalesForce] make Account Owner read only

This is my issue

Users assigned to a particular profile who cannot change the account owner.

I went into the profile to set OwnerId to readonly and cant do it at profile level for some reason.

The other way i used was to go to the object account > Account Owner > set field level security which i cant

So i opted to write validation rule

AND ( ISCHANGED( OwnerId), 

RecordType.Id = "000D0000000xxxx",

RecordType.Id = "000D0000000xxxx", 

$Profile.Id <>'000D0000000xxxx')

This is not working as well. can anyone suggest me how can i assign readonly permission on a single profile

Thanks In advance

Best Answer

You can make the Account Owner field as Read only in the page layout assigned to those profiles.

enter image description here

But the recommended approach is to use a validation rule, like this:

AND ( 
  ISCHANGED( OwnerId), 
  OR(
    RecordType.Id = "000D0000000xxxx",
    RecordType.Id = "000D0000000xxxx" 
  ),
  $Profile.Id <>'000D0000000xxxx'
)

Because then even if the user triggers the change through the API, for example, the platform will validate this change. Doing the "lock" just on the page layout does not prevent this.

Related Solutions

[SalesForce] How would sharing rule work in the below scenario

Imagine you have two users. Both are in the same profile, which allows them to Create, Edit object XYZ. But these two users are in different parts of the role hierarchy.

If User A Creates an XYZ, can user B edit it? The answer is only if the record is shared with him. If the Org Wide Default is Private then he will not even be able to see the record that User A has created (unless it is explicitly shared with him). He can still create his own XYZ records, and edit those. Likewise if the Org Wide Default is public read only, User B could see it, but not edit it despite what his profile allows. He can edit only his own records or those shared with him.

Sharing also works up the role hierarchy. So User A's boss can see the XYZ record that User A created. If his profile allows, he can edit it, but his profile may not.

You can think of the profile as "What can a user do with the XYZ object" and the sharing as "Which particular XYZ records can he or she do it with"

Does this help clarify?

EDIT--- Answering your additional questions

If OWD is Public Read / Write but the profile does not have access to Read or to Edit then you cannot Read or Edit.
If OWD is Public Read / Write on object XYZ and profile has Read permission but not Edit, then the user with that profile can only Read XYZ (all of them)
If a user doesn't even have Read access to object XYZ then they cannot see any object XYZ regardless of the Org Wide Default.
Not correct - the owner who is higher on the role hierarchy has sharing access to all the XYZ that his subordinates own. However, if the higher user has a profile which doesn't include read or edit then he cannot read or edit those records.

[SalesForce] How to make a field editable only if a checkbox is checked

You cannot allow them to edit this text field if you make it unallowed by removing access to profiles.

What you can do though, is allow them to edit by profile, but use a VF page in order to display this field. You can then put this VF page on the page Layout for the object. Use the VF page and/or Controller in order to control access to that variable.

<apex:page standardController="Account">
  <apex:inputField value="{!Account.MyTextVal__c}" rendered="{!Account.IsEditable__c}" />
  <apex:outputField value="{!Account.MyTextVal__c}" rendered="{!!Account.IsEditable__c}" />
</apex:page>

Best Answer

Related Solutions

[SalesForce] How would sharing rule work in the below scenario

[SalesForce] How to make a field editable only if a checkbox is checked

Related Topic