Restricting record access through custom record privileges?

Discussion created by deanchampeau on Jan 27, 2017
Latest reply on Feb 14, 2017 by philmodjunk

Hi Everyone.


I’m developing a solution that will be strictly WebDirect and used by a wide variety of users that are not part of the same organization. My app needs to appear to each user as if she is the only user. In other words, the app needs to hide records associated with users other than the one that's logged in.


What’s the best way to accomplish this? I know that I could do this with relationship-graph definitions, but this particular solution will have lots of TOs and TOGs and I fear that approach would introduce a lot of needless complexity. I recall reading in these discussions that it’s possible to restrict access to a user’s own records simply by setting custom record privileges in the Manage Security dialog. Is this true? Does it work in a comprehensive manner so that once the custom privileges are set up, the developer doesn’t have to worry about contaminating a user's found sets and portals with records that don’t belong to her? I’d love to hear some advice about how this works in the real world.


Thanks everyone. You guys are great!