Q: 12
Universal Containers (UC) has a mostly Private organization-wide default, as it's a core principle of
UC to respect client data privacy, UC has implemented complex processes for granting access to
Opportunity dat
a. A few key members of the sales reporting team need to always be able to see, but not change,
Opportunity data for all opportunities.
What should an architect recommend as an approach to meet these requirements?
Options
Discussion
Option C not A. "View All Data" is overkill, only object-level View All needed for Opportunity.
Makes sense to pick C for this one.
Option C is the way to go here since "View All" on Opportunity gives those users just read-only access to all Opps, without opening up other data. Keeps it scoped and follows least privilege. Pretty sure that's what Salesforce recommends in this scenario.
C . Had something like this in a mock and 'View All' on Opportunity via permission set nailed it-keeps access scoped to just what they need, not system-wide. Profile-level (A/B) is overkill. Anyone see it done differently?
Seriously, wish Salesforce made this less confusing for partial access needs. Going with C.
A or B, seen similar in practice tests. 'View All Data' on the profile (A) sometimes used if you want to avoid extra permission sets. Might be risky but some orgs do it.
Why would B be better than C for this? "View All Data" feels riskier than just "View All" on Opportunity only.
B tbh, since View All Data in a permission set could also grant the needed access without changing the whole profile. Pretty sure it's more access than necessary though, but feels right for always-visible reporting needs. Correct me if I'm missing something.
I don’t think it’s A, C is correct here. Granting View All Data at the profile is too broad, permission set with View All for Opportunity avoids the trap.
C imo. 'View All' on just the Opportunity object via a permission set gives targeted read-only access, limiting risk compared to org-wide permissions. Keeps things least privilege. Someone disagree?
Be respectful. No spam.
Question 12 of 15