/
TAPSS-2188 Activity and Details Visibility - TAP wide

Attention: Confluence is not suitable for the storage of highly confidential data. Please ensure that any data classified as Highly Protected is stored using a more secure platform.
If you have any questions, please refer to the University's data classification guide or contact ict.askcyber@sydney.edu.au

TAPSS-2188 Activity and Details Visibility - TAP wide

Owned by rommel.ngo
Last updated: Dec 16, 2024
4 min read

Target release

Q42024

 

Epic

https://sydneyuni.atlassian.net/browse/TAPSS-2039

 

Document status

DRAFT

 

Document owner

@rommel.ngo

 

Designer

@rommel.ngo

 

Tech lead

@rommel.ngo

 

Technical writers

@rommel.ngo

 

QA

@Sushma Ramachandrappa

 

 Objective

As a Jarvis user I want that everyone(TAP & Outside of TAP such as Trust, CCE, Audit) can see activity data, but only TAP team can see the contents of it. So that TAP team can see all the Activities and the details of those activities but Outside TAP team can only see that there are activities.

 Acceptance Criteria / Requirements

Requirement

User Story

Importance

Notes

Requirement

User Story

Importance

Notes

AC1

Given I am a TAP team member

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities with the details (contents)

TAPS-2188

HIGH

 

 AC2

Given I am a Outside TAP team member (CCE, Trust, Audit)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities without the details (contents)

 TAPS-2188

 HIGH

 

AC3

Given I am not TAP user at all (future organisation who wishes to join in Jarvis)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can not see any records at all

TAPS-2188

HIGH

 

 Assumptions

  • Wellbeing is already out of the Jarvis by Go Live / User Acceptance Testing

  • TAP Members are defined by

    image-20241001-042724.png

 User interaction and design

 

 Open Questions

Question

Answer

Date Answered

Question

Answer

Date Answered

How doe we control EmailMessage visibility.

It does not have OWD settings

It does not have Restriction rule unlike Task and Event

 

image-20241001-040559.png

 

 

 Out of Scope

  • As we do not know who in the future will be joining Jarvis, it should be noted that they need to actively exclude Non TAP users from ever having access to any TAP Activities. Using Restriction rule have its consideration, one of which is :
    Before creating restriction rules, we recommend that you Turn Off Salesforce Classic for Your Org. Salesforce can't guarantee that restriction rules work as intended for end users who are in the Salesforce Classic experience.

 

🪶Impact Analysis

 

TAP Activities - Private (AS IS)

Only the activity owner (labeled as Assigned To) and users above the activity owner in the role hierarchy can edit and delete the activity.

TAP Activities - Controlled by Parent (TO BE)

A user can perform an action (such as view, edit, transfer, and delete) on an activity based on whether he or she can perform that same action on the records associated with the activity.

The "parent" of the activity record is:

  • Who Id (Name): Contact and Lead

  • What Id (Related To): Account, Opportunity, Case, Campaign, Asset, and custom objects with Allow Activities enabled.

TAP Users

  • This limits cross team collaboration.

  • Risk of reduced operational efficiency if data is not visible to teams that need it.

  • When Activities are parented to private objects such as Case, this also still limits cross team collaboration.

  • Potential security concerns since there is no data segregation within TAP

  • As most of our objects are public (Account, Contact, Opportunity), Activities parented to these records are also going to be public which could potetnt

Non Tap Users (current or future)

  • No Impact, unless the user is put above TAP users in Role Hierarchy

  • As most of our objects are public such as Accounts, Contacts, and Opportunities, all activities related to these objects inherently becomes public as well where a Non-TAP user could potentially get access to more sensitive information on Activities (i.e. emails, events, tasks, call conversations)

Proof of Concept : Making Task OWD Sharing to Controlled by Parent,

  1. Change OWD

  2. create a task using WB user

  3. Login as TAP User, activity created by WB user is not visible

     

  4. Create a Task whilst logged on as TAP user

  5. Log back in as WB user. TAP task is not visible

     

  6. Login as Admin, as a TAP admin, restriction rule still persist

  7. Disable Restriction Rules

  8. Both TAP and WB Task are visible

  9. Enable back the restriction rules

  10. change contact owner to WB user

  11. Log back in as WB user, on WB task is visible still

 

Related content

Considerations for using Salesforce Activity
Considerations for using Salesforce Activity
TAP - Advancement Portfolio Product
Read with this
TAPSS Refinement Sessions
TAPSS Refinement Sessions
TAP - Advancement Portfolio Product
More like this
TAPSS-2411 Gift/Pledge Opportunity Fields display per Stage
TAPSS-2411 Gift/Pledge Opportunity Fields display per Stage
TAP - Advancement Portfolio Product
Read with this
TAP Product Enhancements Log
TAP Product Enhancements Log
TAP - Advancement Portfolio Product
More like this
Gift/Pledge Opportunity Planning Stage Change
Gift/Pledge Opportunity Planning Stage Change
TAP - Advancement Portfolio Product
Read with this
Configuration Required for Adopting Activity
Configuration Required for Adopting Activity
TAP - Advancement Portfolio Product
More like this