Newer Version Available
Securing and Sharing Data
In the last chapter, we expanded the Recruiting app to include advanced fields and complex object relationships. The new Candidate object tracks information about prospective employees, recruiters can relate candidates to positions through the new Job Application object, and interviewers can add assessments and ratings of the candidates on the new Review object. That's a pretty robust app! The enhanced data model also lays the groundwork for adding powerful functionality like workflow and approvals and reporting, which we'll cover in later chapters.
Now that we've got all of our object relationships in place, it's time to start thinking about who's actually going to be using the app and how much access they should have to its data. As with many apps, our Recruiting app exposes sensitive information, like social security numbers, salary amounts, and applicant reviews that could really come back to haunt us if the wrong people saw them. We need to provide security without making it harder for our recruiters, hiring managers, and interviewers to do their jobs.
Here we're going to see another one of the huge benefits that the Force.com platform has to offer. You get simple-to-configure security controls that easily allow us to restrict access to data that users shouldn't see, without a lot of headaches. Similar to Access Control Lists or Windows folder permissions, the Force.com platform allows us to specify who can view, create, edit, or delete any record or field in the app. In this chapter, we'll see how we can use the Force.com platform to implement those rules.