Issue with security profiles and territories

  • we have a requirement and is wondering how can we achieve this. What I am trying to achieve is that I can have a user who can only see inside his territory but only the clients that are assigned to them. I am having some trouble getting my head around it. what i can do is below but it is not working. 1. Assigned user Susan Maye to newly created territory called "Australia" 2. Susan Maye is also assigned Operations profile 3. Create a opportunity test1 with oppo_assigneduserid to "Susan Maye" and territory to "Australia" 4. Create a second opportunity test2 with oppo_assigneduserid to "System Administrator" and territory to "Australia" 5. log in as susan maye and find opportunity 6. you will see both opportunity test1 and test2 the client just needs to have rights for users under their own teritory and also assigned to them so the user susan maye should only see test1 and not test2. we can add operations profile to profiles rights for assigned to and not giving any CRUD rights to company and person or for all entities but the home territory will super seed it and still we will have two companies. we have also tried removing all the rights for company and person from home territory except insert and given rights to read, update and delete to assigned to still the same issue. can you please advise if this is possible and how??
  • Parth

    Have you looked at

    1) Granting insert rights on the territory, but view rights only if they created or are assigned the record?

    2) Looked at Company teams as a simple way of blocking access to some sensitive information where people are in the same territory.