[SalesForce] Profile-Based Rollout of Chatter- Find all users with access

I have the "Profile-Based Rollout of Chatter" feature enable in my org. Per this page users with certain permissions will automatically have Chatter enabled.

Naturally, I'd like to verify that the users who I do not want to have access to Chatter don't have access. I was thinking I could do some querying of the PermissionSet and PermissionSetAssignment objects, and came up with a query like:

select Assignee.name, Id, PermissionSet.name, SystemModstamp from PermissionSetAssignment where assignee.isactive = true and (permissionset.permissionsChatterOwnGroups = true OR permissionset.permissionsChatterFileLink = true or permissionset.permissionsChatterInviteExternalUsers = true or permissionset.permissionsManageChatterMessages = true or permissionset.permissionsModerateChatter = true or permissionset.permissionsViewAllData = true or permissionset.permissionsChatterEnabledforUser = true) order by permissionset.name, Assignee.name

However, I don't know if this query is thorough enough ensure I'm seeing all of the users who can currently access Chatter. So, how can I hunt down all users who have access to Chatter and determine why?

Best Answer

From the page you cited:

When Salesforce turns on profile-based rollout of Chatter for your organization, the Enable Chatter permission is added to all of your existing user profiles and permissions sets. This permission is automatically enabled for all standard profiles. It is also automatically enabled for all custom profiles, if any of the following user-level permissions were already enabled, either manually or as part of a license:

“Create and Own New Chatter Groups” (ChatterOwnGroups)

“Create and Share Links to Chatter Files” (ChatterFileLink)

“Invite Customers To Chatter” (ChatterInviteExternalUsers)

“Manage Chatter Messages” (ManageChatterMessages)

“Moderate Chatter” (ModerateChatter)

“Moderate Chatter Feeds” (ModerateNetworkFeeds)

“Use Case Feed” (ViewCaseInteraction)

“View All Data” (ViewAllData)

ChatterEnabledforUser will be enabled by Salesforce in the Profile of ALL Users who have any of the permissions enabled on the list above for them as part of a Standard or Custom Profile. As such, the additional permissions you're querying for are not necessary if you're trying to establish a baseline of who can access Chatter. This permission is added to ALL of your Standard profiles, Custom Profiles that contained one of the above permissions, and ALL permission sets when Salesforce turns on Chatter for you.

I'd think you'd want to know whether Chatter is enabled through a Profile as opposed to sharing through a permissionset. Consequently, I would add ProfileId to your query. Since it sounds as though you're a profile based Org as opposed to using groups and permission sets, you could create another query on User to select Id, Name where ProfileId in: list of ProfileId's returned in permission query. You could also try building your query starting from User rather than from permissionsets. That might make it easier to get a single result based on profiles along with any permissionsets you may have.

Best Answer

Related Solutions

[SalesForce] Adding users via Data Loader and activating them in one step

[SalesForce] How to give access to External users in salesforce

Related Topic