I was looking at the object settings in a profile in my organization and I noticed that for some objects have both the read and view all permission, while some other objects have only the view all permission. I did my own research by looking at the Salesforce documentation on object permissions.
I found this table at that page.
According to the table, it says that the main difference between 'Read' permission and 'View All' permission is that for 'Read' permission, users can only view records of this type and that it respects sharing. The 'View All' permission, users can view all records associated with the object, regardless of sharing settings. If that is the case, wouldn't that make the 'Read' permission redundant if an object already has the 'View All' permission?
What would be a situation in which a profile would need both the read and view all permission on an object, instead of just the view all permission?
Best Answer
The Read permission grants the ability to view the object. Without Read, a user cannot see its tab, view its list views and reports, perform any queries against the object, or view any individual record, even if you have a link to that record and would otherwise be allowed to see it (e.g. because of sharing rules).
The View All permission bypasses the sharing calculations when querying records. Assuming the user can view the object at all (e.g. you have Read permission), they are able to view every single record of that type in the database, even if sharing would otherwise restrict access to the record.
Some objects are automatically readable, so you can't set Readable on those objects. Regardless, you must have Read access if you have View All access. It's not possible to have VAD without having Read.