What is the use of writing sharing rules? Can you use sharing rules to restrict data access?

Hi Prachi,

Top 50 Salesforce Interview Questions And Answers
This list of Salesforce interview questions is divided into 9 sections, each for different aspects of Salesforce. #8 has answer to your question.

Salesforce fundamentals
Declarative features
Audit & reporting features
Data modeling and data management
Logic & process automation
Software testing
Debug & deployment tools
Integration features
Programmatic features

A. Salesforce Fundamentals – Salesforce Interview Questions
1. Can two users have the same profile? Can two profiles be assigned to the same user?
Profiles determine the level of access a user can have in a Salesforce org.

As far as the first part of the question is concerned, Yes. One profile can be assigned to any number of users. Take the example of a Sales or Service team in a company. The entire team will be assigned the same profile. The admin can create one profile: Sales Profile, which will have access to the Leads, Opportunities, Campaigns, Contacts and other objects deemed necessary by the company.

In this way, many users can be assigned the same profile. In case the team lead or manager need access to additional records/ objects then it can be done by assigning permission sets only for those users.

Answering the second part of the question, each user can only be assigned 1 profile.

2. What are Governor Limits in Salesforce?
In Salesforce, it is the Governor Limits which controls how much data or how many records you can store in the shared databases. Why? Because Salesforce is based on the concept of multi-tenant architecture. In simpler words, Salesforce uses a single database to store the data of multiple clients/ customers. The below image will help you relate to this concept.
To make sure no single client monopolizes the shared resources, Salesforce introduced the concept of Governor Limits which is strictly enforced by the Apex run-time engine.

Governor Limits are a Salesforce developer’s biggest challenge. That is because if the Apex code ever exceeds the limit, the expected governor issues a run-time exception that cannot be handled. Hence as a Salesforce developer, you have to be very careful while developing your application.

Different Governor Limits in Salesforce are:

Per-Transaction Apex Limits
Force.com Platform Apex Limits
Static Apex Limits
Size-Specific Apex Limits
Miscellaneous Apex Limits
Email Limits
Push Notification Limits

3. What is a sandbox org? What are the different types of sandboxes in Salesforce?
A sandbox is a copy of the production environment/ org, used for testing and development purposes. It’s useful because it allows development on Apex programming without disturbing the production environment.

When can you use it?
You can use it when you want to test a newly developed Force.com application or Visualforce page. You can develop and test it in the Sandbox org instead of doing it directly in production.

This way, you can develop the application without any hassle and then migrate the metadata and data (if applicable) to the production environment. Doing this in a non-production environment allows developers to freely test and experiment applications end to end.

Types of Sandboxes are:

Developer
Developer Pro
Partial Copy
Full

4. Can you edit an apex trigger/ apex class in production environment? Can you edit a Visualforce page in production environment?
No, it is not possible to edit apex classes and triggers directly in production environment.

It needs to be done first in Developer edition or testing org or in Sandbox org. Then, to deploy it in production, a user with Author Apex permission must deploy the triggers and classes using deployment tools.

However, Visualforce pages can be created and edited in both sandbox and in production.

Only if the page has to do something unique (different values), it would have to be developed via Sandbox.

5. What are the different data types that a standard field record name can have?
A standard field record name can have data type of either auto number or text field with a limit of 80 chars.

For generating auto numbers, the format needs to be specified while defining the field and after that for every record that is added, the number will get auto generated. For example:-
Sr No-{1}
Sr No-{2}
Sr No-{3}

6. Why are Visualforce pages served from a different domain?
Visualforce pages are served from a different domain to improve security standards and block cross-site scripting. Take a look at the highlighted portion in the below Visualforce page:-

B. Declarative Features – Salesforce Interview Questions

7. What is WhoId and WhatId in activities?
WhoID refers to people. Typically: contacts or leads. Example: LeadID, ContactID

WhatID refers to objects. Example: AccountID, OpportunityID

8. What is the use of writing sharing rules? Can you use sharing rules to restrict data access?
Sharing rules are written to give edit access (public read and write) or public read-only access to certain individuals in Salesforce Org. A classic example is when:- only your managers or superiors need to be given extra credentials to your records in objects as compared to your peers.

By default, all users in your organization will have organization-wide-default sharing settings of either Public Read Only or Private.
To give access to more records, which users do not own, we write sharing rules.
Example: Sharing rules are used to extend sharing access to users in public groups or roles. Hence, sharing rules are not as strict as organization-wide default settings. They allow greater access for those users

Thanks.

Adding more points:

Sharing rules to extend sharingaccess to users in public groups or roles. As with role hierarchies, sharing rules can never be stricter than your org-wide default settings. They just allow greater access for particular users. You can share records owned by certain users or meeting certain criteria.

Thanks