TAPSS-2188 Activity and Details Visibility - TAP wide

Target release	Q42024
Epic	TAPSS-2039 - Getting issue details... STATUS
Document status	DRAFT
Document owner	rommel.ngo
Designer	rommel.ngo
Tech lead	rommel.ngo
Technical writers	rommel.ngo
QA	Sushma Ramachandrappa

🎯 Objective

As a Jarvis user I want that everyone(TAP & Outside of TAP such as Trust, CCE, Audit) can see activity data, but only TAP team can see the contents of it. So that TAP team can see all the Activities and the details of those activities but Outside TAP team can only see that there are activities.

\uD83D\uDCCA Acceptance Criteria / Requirements

Requirement

User Story

Importance

Notes

AC1

Given I am a TAP team member

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities with the details (contents)

TAPS-2188

HIGH

AC2

Given I am a Outside TAP team member (CCE, Trust, Audit)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can see all activities without the details (contents)

TAPS-2188

HIGH

AC3

Given I am not TAP user at all (future organisation who wishes to join in Jarvis)

When I look at activities (all items in Activity timeline, Task, Event, EamailMessage)

Then I can not see any records at all

TAPS-2188

HIGH

\uD83E\uDD14 Assumptions

Wellbeing is already out of the Jarvis by Go Live / User Acceptance Testing
TAP Members are defined by

\uD83C\uDFA8 User interaction and design

Open Questions

Question

Answer

Date Answered

How doe we control EmailMessage visibility.

It does not have OWD settings

It does not have Restriction rule unlike Task and Event

Out of Scope

As we do not know who in the future will be joining Jarvis, it should be noted that they need to actively exclude Non TAP users from ever having access to any TAP Activities. Using Restriction rule have its consideration, one of which is :
Before creating restriction rules, we recommend that you Turn Off Salesforce Classic for Your Org. Salesforce can't guarantee that restriction rules work as intended for end users who are in the Salesforce Classic experience.

🪶Impact Analysis

TAP Activities - Private (AS IS)

Only the activity owner (labeled as Assigned To) and users above the activity owner in the role hierarchy can edit and delete the activity.

TAP Activities - Controlled by Parent (TO BE)

A user can perform an action (such as view, edit, transfer, and delete) on an activity based on whether he or she can perform that same action on the records associated with the activity.

TAP Users

This limits cross team collaboration.
Risk of reduced operational efficiency if data is not visible to teams that need it.

When Activities are parented to private objects such as Case, this also still limits cross team collaboration
Potential security concerns since there is no data segregation within TAP

Non Tap Users (current or future)

No Impact, unless the user is put above TAP users in Role Hierarchy

As Accounts, Contacts, and Opportunities are public records, all activities related to these objects inherently becomes public thus potentially exposing sensitive Activities (i.e. emails, events, tasks, call conversations)

Proof of Concept : Making Task OWD Sharing to Controlled by Parent,

Change OWD
create a task using WB user
Login as TAP User, activity created by WB user is not visible
Create a Task whilst logged on as TAP user
Log back in as WB user. TAP task is not visible
Login as Admin, as a TAP admin, restriction rule still persist
Disable Restriction Rules
Both TAP and WB Task are visible
Enable back the restriction rules
change contact owner to WB user
Log back in as WB user, on WB task is visible still