Filed under: Administration April 15, 2011

Occasionally you run into a situation where the click to configure sharing rules do not meet the requirements. You might wonder if something called, “Apex Managed Sharing,” could be used, but you just can’t figure out what it actually does.

All the articles and help topics you find are from a programmer’s perspective and you are a business analyst. There is a good reason for this. The click-to-configure sharing can already become very complex very quickly and understanding it completely requires getting into the weeds (1).

But, how do you even know to go in this direction if you can’t figure out what managed sharing is? Hopefully, this description will help get you far enough to determine if this is a viable path for your problem.

There are actually two kinds of sharing possible using Apex, although they are closely related.

Sharing A Record Using Apex

The first is more of a technique rather than an actual feature which we will call, “Sharing A Record Using Apex.” This technique effectively simulates manual sharing using the Sharing button.

This starts with understanding that each object has a corresponding table where the sharing rules are stored. For example, Account has a corresponding table called Account Share. When you use the Sharing button to get to the Sharing Details screen, you are seeing the records in this table.

You can also access the sharing table using Data Loader as well as update or add sharing records to it. You will see that any updates or inserts looks just like a manual sharing record on the Sharing Details screen. The Reason column actually shows, “Manual” (2).

By using a trigger to add or update records rather than do it manually, this technique becomes, “Sharing A Record Using Apex.”

Apex Managed Sharing

The second type of sharing using Apex is formally known as “Apex Managed Sharing,” even though this name commonly refers to the first type described above as well. However, this applies only to custom objects.

This feature uses the same technique as the one described above, but has two additional capabilities. The first is that the sharing reason can be defined. On the Sharing Details screen, the Reason column shows various reasons such as, “Account Sharing Rule” or “Owner.” Apex Managed Sharing allows you to define your own reasons to display on the screen.

The sharing reasons are defined on the details configuration screen of custom objects. The programmer can then refer to these when writing the trigger.

The second capability is to link in a recalculation Apex class. Sometimes the sharing rules for all the records need to be reprocessed. Perhaps there was an error that needed to be corrected or something else got corrupted. Rather than figure out some way to rerun the trigger for every record, a special Apex class can be written instead.

This class could be written for standard objects as well, but custom objects have a place on the custom object details page to link it in and run it. For standard objects, it would have to be run some alternate way.

Final Note

One thing that Apex sharing will not do is decrease the level of access. As always, the Organization-Wide Defaults set the base level of access and sharing rules can only increase it.

(1) Record Level Access: Under the Hood
(2) How do I create manual sharing rules with the Data Loader?

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2009-2015 Hayata Takeshita