TaroWorks comes with two custom profiles. One has the minimum permissions required to work with TaroWorks in Salesforce or the back-end. This is the TaroWorks User profile. The other is to work with TaroWorks via your mobile device with the TaroWorks Android app. This is the TaroWorks Partner User profile.
Users that are assigned the TaroWorks Partner User profile are able to submit Jobs and track their Performance on their mobile device. This profile will come pre-configured with the permissions listed, so there is no action necessary on your part if you are assigning users to these profiles. However, if you add custom objects/fields that you would like users with this profile to view, create, or update, permissions will need to be added for those fields/objects.
Should you want to clone these into custom profiles, the information below is meant to be a reference for the minimum amount of access an individual would need on their security profile to use TaroWorks on their mobile device. Please note that if you create your own profile for your field officers using TaroWorks, the word "TaroWorks" must be included in the name of that profile.
The below permissions are for TaroWorks version 4.4.X. If you are on a previous version, you can skip any fields, objects, apex classes, or Visualforce pages that you are not available in the Profile.
- A. Field Level Permissions - Once a user has at least read access to an object, they need to be granted visibility to fields on that object.
- B. Administrative Permissions - this profile needs to be API enabled.
- C. Object Permissions - There are many objects that are unique to TaroWorks that TaroWorks Users will need access to, in order to work with TaroWorks in Salesforce.
- D. Apex Class Access - There are some functions unique to TaroWorks that the TaroWorks User will also require access to.
- E. Visualforce Page Access - There are some custom pages that TaroWorks Users will need to access.
- F. Permissions by Release - For those of you that are managing access to TaroWorks with permission sets, here are the new additional permissions by release.
Under Setup > Administer > Manage Users > Profiles > TaroWorks Partner User Profile, the minimal field level security settings are as follows.
Note: If you add any custom fields that you want the TaroWorks User profile to have access to, you'll need to give visibility to those fields as well.
All of the fields for all of the objects in the green box under Custom Field-Level Security will need to be set to visible with one exceptions which is pictured below (SObject Filter Condition).
All Custom objects in the green box above should have all fields set to visible when you click View. These include:
- Application Version
- Assigned Target
- Cascading Select
- Cascading Select Value
- Client Assignment
- Field Mapping
- Job Activity
- Mobile User
- Object Relationship Mapping
- Performance Target
- PPI Table
- PPI Table Data Set
- PPI Table Line
- Score Value
- Scoring Group
- Skip Condition
- Sobjects Contact Association
- Submission PPI Value
- Submission Score
- Survey Library
- Survey Mapping
- Survey Version
- Task Activity
The SObject Filter Condition object will only need the following fields set to visible:
- API Enabled
- Create and Own New Chatter Groups
- Select Files from Salesforce
- Send Outbound Messages
- Assign Topics
- Convert Leads
- Create Topics
- Edit Opportunity Product Sales Price
- Edit Tasks
- Edit Topics
- Run Reports
Assign the following Read (R), Create (C), Edit (E) or Delete (D) permissions:
- Answers - RCE
- Application Version - R
- Assigned Targets - RCE
- Cascading Levels - R
- Cascading Selects - R
- Cascading Select Values - R
- Client Assignments - R
- Devices - RCE
- Field Mappings - R
- Groups - R
- Jobs - RCE
- Job Activities - RCE
- Members - R
- Mobile Users - R
- Object Relationship Mappings - RED
- Options - R
- Performance Target - RE
- PPI Results - RCE
- PPI Tables - R
- PPI Table Data sets - R
- PPI Table Lines - R
- Questions - RE
- Score Values - R
- Scoring Groups - R
- Skip Conditions - R
- SObject Filter Associations - R
- Submissions - RCED
- Submission PPI Associations - RCE
- Submission PPI Values - RCE
- Submission Score - RCE
- Surveys - RE
- Survey Libraries - R
- Survey Mappings - R
- Survey Versions - RE
- Targets - R
- Tasks - RCE
- Task Activities - RCE
- TWErrorLog - RCED
Enable the following classes:
Enable the following pages:
- Field Level Permissions (Make visible)
- Question_c.ResponseValidation_c (Response Validation field on Question object)
- Question_c.SurveyVersion_c (SurveyVersion field on Question object)
- SurveyMapping_c.SurveyVersion_c (SurveyVersion field on SurveyMapping object)
- SurveyVersion_c.SurveyLibrary_c (SurveyLibrary field on SurveyVersion object)
- Administrative Permissions (Check)
- API Enabled
- Apex Class Access (Enable)
- Field Level Permissions (Make visible and editable)
- Apex Class Access (Enable)
- Custom Field Level Security - make Visible
- Question_c.Hidden_c (Hidden field on Question object)
- Question_c.DynamicOperation_c (Dynamic Operation field on Question object)
- Question_c. DynamicOperationType_c (Dynamic Operation Type field on Question object)
- Enable Object permissions - Check Create, Delete, Edit, Read, View All & Modify All object level permissions
- Custom Field Level Security - make Visible (Read and Edit) field level permission
- Answer_c. AnswerKeyMD5_c
- Job_c. JobActivityMD5_c
- Enable Tabs - Set Default On
- TWErrorLog__c needs to be default on.
- Layout Assignment
- Enable Apex Class Access - Set enabled as True
- Enable Apex Class Access - Set enabled as False
If you ever want to reference what the minimum access requirements are for a front-end TaroWorks Partner user you can revisit this article. For more information you can watch the security webinar we hosted with our customers.