Objects created by sales-repA1

Login as User sales-repA1 and create a Contact. Navigate to the newly created contact and have a look at the security settings as shown in the figure below:

The security settings of the newly created Contact are in line with the rules given in Security Setting of New Objects:

• Owning User: Standard\\sales-repA1 (because the Contact was created by the User sales-repA1)

• Browse access level: [3] deep (default browse access level)

• Delete access level: [2] basic (default delete access level)

• Update access level: [2] basic (default update access level)

• Owning Groups: Standard\\SalesTeamA (because Standard\\SalesTeamA is the Primary User Group of the User sales-repA1 who created this Contact)

You can easily verify that the User sales-repA1 has full access (browse/delete/update) to this object.

Let us now verify what the situation is like for other Users. To do so, you need to start a new browser and login - for example - as User ceo. As you will find out, the User ceo also has full access (browse/delete/update) to this Contact. Similarly, full access (browse/delete/update) is granted to the other board members and the 2 Users head-sales and sales-repA2. Members of the User Group SalesTeamB are not granted access. Furthermore, our "Chinese walls" are firmly in place: User of the departments production and accounting are not granted access either. We would not expect it to be any different because that is how we configured our security setup. The following table shows the permissions granted for each User:

This corresponds exactly with our intentions as formulated in the section Sample Organization