Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

Target release

Q42024

Epic

Jira Legacy
serverSystem Jira
serverIde9de0c6d-9ef6-3ada-b4ce-7168c44d7e8a
keyTAPSS-2039

Document status

Status
titleDRAFT

Document owner

rommel.ngo

Designer

rommel.ngo

Tech lead

rommel.ngo

Technical writers

rommel.ngo

QA

Sushma Ramachandrappa

🎯 Objective

As a Jarvis user I want that everyone(TAP & Outside of TAP such as Trust, CCE, Audit) can see activity data, but only TAP team can see the contents of it. So that TAP team can see all the Activities and the details of those activities but Outside TAP team can only see that there are activities.

\uD83D\uDCCA Acceptance Criteria / Requirements

Requirement

User Story

Importance

Notes

AC1

Given I am a TAP team member

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities with the details (contents)

TAPS-2188

Status
colourRed
titleHIGH

 AC2

Given I am a Outside TAP team member (CCE, Trust, Audit)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities without the details (contents)

 TAPS-2188

 

Status
colourRed
titleHIGH

 

AC3

Given I am not TAP user at all (future organisation who wishes to join in Jarvis)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can not see any records at all

TAPS-2188

Status
colourRed
titleHIGH

\uD83E\uDD14 Assumptions

  • Wellbeing is already out of the Jarvis by Go Live / User Acceptance Testing

  • TAP Members are defined by

    image-20241001-042724.pngImage Added

\uD83C\uDFA8 User interaction and design

(question) Open Questions

Question

Answer

Date Answered

How doe we control EmailMessage visibility.

It does not have OWD settings

It does not have Restriction rule unlike Task and Event

image-20241001-040559.pngImage Added

(warning) Out of Scope

  • As we do not know who in the future will be joining Jarvis, it should be noted that they need to actively exclude Non TAP users from ever having access to any TAP Activities. Using Restriction rule have its consideration, one of which is :
    Before creating restriction rules, we recommend that you Turn Off Salesforce Classic for Your Org. Salesforce can't guarantee that restriction rules work as intended for end users who are in the Salesforce Classic experience.

🪶Impact Analysis

Excerpt
nameActivities OWD Impact Analysis

TAP Activities - Private (AS IS)

Only the activity owner (labeled as Assigned To) and users above the activity owner in the role hierarchy can edit and delete the activity.

TAP Activities - Controlled by Parent (TO BE)

A user can perform an action (such as view, edit, transfer, and delete) on an activity based on whether he or she can perform that same action on the records associated with the activity.

The "parent" of the activity record is:

  • Who Id (Name): Contact and Lead

  • What Id (Related To): Account, Opportunity, Case, Campaign, Asset, and custom objects with Allow Activities enabled.

TAP Users

  • This limits cross team collaboration.

  • Risk of reduced operational efficiency if data is not visible to teams that need it.

  • When Activities are parented to private objects such as Case, this also still limits cross team collaboration.

  • Potential security concerns since there is no data segregation within TAP

  • As most of our objects are public (Account, Contact, Opportunity), Activities parented to these records are also going to be public which could potetnt

Non Tap Users (current or future)

  • No Impact, unless the user is put above TAP users in Role Hierarchy

  • As most of our objects are public such as Accounts, Contacts, and Opportunities, all activities related to these objects inherently becomes public as well where a Non-TAP user could potentially get access to more sensitive information on Activities (i.e. emails, events, tasks, call conversations)

Proof of Concept : Making Task OWD Sharing to Controlled by Parent,

  1. Change OWD

    image-20240723-041740.png

  2. create a task using WB user

    image-20240723-042323.png

    image-20240723-042437.png

  3. Login as TAP User, activity created by WB user is not visible

    image-20240723-042622.png

  4. Create a Task whilst logged on as TAP user

    image-20240723-042755.pngimage-20240723-042851.png

  5. Log back in as WB user. TAP task is not visible

    image-20240723-043016.png

  6. Login as Admin, as a TAP admin, restriction rule still persist

    image-20240723-043122.png

  7. Disable Restriction Rules

    image-20240723-043242.png

  8. Both TAP and WB Task are visible

    image-20240723-043323.png

  9. Enable back the restriction rules

    image-20240723-043556.png

  10. change contact owner to WB user

    image-20240723-043658.png

  11. Log back in as WB user, on WB task is visible still

    image-20240723-043751.png

...