Custom Deal Teams: Tailoring Access for Managers

June 11, 2016
Read

Account Teams offer a convenient way to dynamically manage user access based on their involvement. But what if you need similar functionality for custom objects like Deals? This post explores how to build a "Deal Management Team" feature, empowering managers to grant and revoke access for specific users on deals they created.

Step 1: Building the Team Management Object

  1. Create a child object: We'll create a custom object named "Deal Management Team" with a Master-Detail relationship to the Deals object. This links each team member to a specific deal.
  2. User lookup: Include a lookup field referencing the User object, allowing you to assign users to specific deals.
  3. Access Level: Add a picklist field named "Access Level" with options like "Read", "Read/Write", and potentially others to define the user's permission level for the associated deal.
  4. Optional Role: If desired, you can add a picklist field named "Role" to further categorize team members within the deal context.

Step 2: Triggering Dynamic Access with Apex Sharing

  1. Trigger on Team Management Object: Create a trigger that fires on the "before insert" or "before update" events of the Deal Management Team object. (Code sample below)
  2. Sharing Logic: Within the trigger, use Apex Sharing methods to grant or revoke access to the parent Deal record based on the "Access Level" field value.
  3. Private Ownership: Remember, object sharing only works when the Deal object's Ownership Sharing Setting is set to "Private". This ensures access control is managed through the team mechanism.

Benefits of Custom Deal Teams:

  1. Granular Control: Managers can finely control user access on a deal-by-deal basis, promoting data security and collaboration.
  2. Dynamic Updates: Access levels can be easily adjusted as team composition or user roles change.
  3. Improved Visibility: Users can readily identify their access level and team roles within each deal.

Additional Considerations:

  1. Validation Rules: Consider implementing validation rules to ensure proper team configuration, like preventing duplicate assignments or invalid access levels.
  2. Workflows: Leverage workflows to automate actions related to team changes, like sending notifications or updating internal systems.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
/*
Use insert,update and delete trigger event,so that access level is modified 
when ever a record is created,edited and deleted.

*/
trigger AccessModifier on Deal_Management_Team__c (After insert,After Update,before delete) {
    
    List ListOfDealShares=new List();
    List ListOfDealSharestoDelete=new List();
    List ListOfDealmanagementteams=new List();
    List IDstoDelete = new List();  
   
    //for insert or update
    if(trigger.isInsert || trigger.isupdate){
    //query for all the required fields    
    ListOfDealmanagementteams=[SELECT id,Deal__r.Id,Deal_management_team_member__r.Id,Access_Level__c from Deal_Management_Team__c where ID IN :trigger.new];    
   
    For(Deal_Management_Team__c DTC:ListOfDealmanagementteams){
    // Create new sharing object for the custom object Job.    
    Deal__Share DealShare = new Deal__Share();
    
    // Set the ID of record being shared.
    System.debug(DTC.Deal__r.Id);    
    DealShare.ParentId = DTC.Deal__r.Id;   
        
    // Set the ID of user or group being granted access.
    DealShare.UserOrGroupId = DTC.Deal_management_team_member__r.Id;
    
    
    // Set the access level.
        if(DTC.Access_Level__c =='Read')
    DealShare.AccessLevel = 'Read';       
    if(DTC.Access_Level__c =='Read/Write')    
    DealShare.AccessLevel = 'Edit';
        
    // Set rowCause to 'manual' for manual sharing.
    // This line can be omitted as 'manual' is the default value for sharing objects.
    DealShare.RowCause = Schema.Deal__Share.RowCause.Manual;
        
    //Insert the Records
    ListOfDealShares.add(DealShare);
    }
    upsert ListOfDealShares;
    }  
    //for delete operation delete share records so that the access is revoked.
    if(trigger.isDelete){
     ListOfDealmanagementteams=[SELECT id,Deal__r.Id,Deal_management_team_member__r.Id from Deal_Management_Team__c where ID IN :trigger.old];  
     For(Deal_Management_Team__c DTC:ListOfDealmanagementteams){
     IDstoDelete.add(DTC.Deal__r.Id); 
     }    
     ListOfDealSharestoDelete= [SELECT id from Deal__Share where ParentId  IN :IDstoDelete  AND RowCause = 'Manual'];  
     Delete ListOfDealSharestoDelete;   
    }
}
Tags :

No comments:

Post a Comment

Powered by Blogger.