Private Objects / Sharing Rule

Question

Private Objects / Sharing Rule

rosems2 opened this issue 10 years ago · 8 comments

I am currently trying to roll up Opportunity Amounts (Opportunities are Private) to a custom object (ABC__c is public). Because a user can maybe only see 2 of the 5 opportunities its only rolling up the ones they have access to but I really need it to run as system (without sharing). Is this possible if not would it be possible to add to a new release? Maybe a picklist "With Sharing", "Without Sharing" in the Lookup Rollup Summary record.

Is there a workaround or suggestion?

Answer 1 · 2015-05-28T14:00:27.000Z

Seems like a solid use case to me. But it would have to be feature-centric like you're proposing. We can't change this without establishing defaults that are the same as the current functionality.

@afawcett you on board with a picklist on the DLRS records to define sharing model?

Answer 2 · 2015-05-29T07:00:14.000Z

Yes totally, makes sense to me, marking as agreed enhancement.

Also see this issue, which i will close out in preference to this one.

Answer 3 · 2015-05-30T10:15:52.000Z

OK here are a few pics of the new field, let me know what you think...

Answer 4 · 2015-05-30T14:49:00.000Z

Looks good! Can't wait until it's available

This is such a great tool, thanks for all your hard work and continued development!!

Answer 5 · 2015-05-30T16:26:24.000Z

Thanks, nearly done with it, actually took around 45 mins to do the code, so far been around 3 hours to write the tests, and still going with some challenges testing sharing rules in an Apex test context... 👍

Answer 6 · 2015-05-30T20:22:42.000Z

Completed in v1.20.

Answer 7 · 2016-06-23T19:13:59.000Z

My opportunities, accounts and contacts are private. I have a sharing rule in place to share certain accounts and contacts, and I want a rollup field to calculate the sum for opportunities under the account, but only those that are visible to the user looking at the account. I set the calculation sharing rule to User when I set up the rollup field, and when I login as another user who does not have access to view the opportunities on the account, they are still able to see the calculated rollup for all of the opportunities, including those they do not have access to read. What am I doing wrong here?

Answer 8 · 2016-06-23T22:00:27.000Z

Yeah so i can see now why you would think it works this way, but sadly its not the way it works. The rollups are calculated once and not per user. So with user, its the last user that edited, which in most cases is probably not what you want, but is there for backwards compatability. If your using sharing rules and don't care about the rollup containing child records the user cannot see, its best to use System. The only workaround i can think is to perhaps have multiple rollups each set to User and then schedule them under that user / group. Then use profiles to show the approprite field. Obviously this really only works for logical groups of users not individual users.