Pages

Tuesday, November 13, 2018

Salesforce: Enhanced Email

With Enhanced Email, emails sent from Salesforce are logged as Email Messages and Tasks, read this as: Salesforce create 2 records: 1 record in EmailMessage (02s) and 1 record in Task (00T). There is a field in EmailMessage point to Task called ActivityId. EmailMessage is a standard Salesforce object, and that’s how you get all of these great new email features.

Check this SOQL for the object structure:
SELECT Id, ActivityId, CreatedDate, FromName, Subject FROM EmailMessage ORDER BY CreatedDate DESC


To enable Enhanced Email, go to setup menu, search for Enhanced Email, and click Enable button. All existing email sent prior enable enhanced email will NOT change.

Let's see the different of email sent before and after enable Enhanced Email in the Past Activities panel.

yellow = before; green = after


Now let's click the email.
Before:
URL: https://ap1.lightning.force.com/lightning/r/Task/00T9000004pFPcXEAW/view



After
URL: https://ap1.lightning.force.com/lightning/r/EmailMessage/02s90000019V78ZAAS/view



Unlike the Task object which is editable, Email Messages cannot be edited through the User Interface or the API.

One more thing to notice, after enable Enhanced Email, you can track if the recipient have open the email.

 

You also can check when the email first and last opened.




ReferenceEnhanced email and the Email Message object



Monday, November 12, 2018

Salesforce: Case and Lead Team Report

We discussed about Account Team Report and Opportunity Team Report more than two years ago. In this blog, we would share on Case and Lead team report.

Let us start with Case, when you check options under "Show Me" filter, here are the options:


In the samples below, we'll login as Maria Ann:

My cases: ONLY cases that you OWNED.



User owned cases: all cases owned by a user (not a queue)



Queue owned cases: all cases owned by a queue (not a user)



My case team's cases: ONLY cases where you are on the Case Team, this NOT includes where users under your role hierarchy added as Case team.



My role-based team's casesCases you OWNED & cases owned by all of your subordinates in the role hierarchy.


** this is all cases owned by Maria Ann and her subordinates.


Now, let us look at "Show Me" filter available in Lead, here are the options:


We'll not discuss again for: My leads, User owned leads, Queue own leads, and All leads, but let us see what is the result for My team's lead.


** this is all leads owned by Maria Ann and her subordinates.





Sunday, November 4, 2018

Salesforce: easier way to see what is inside a Permission Set

When you enable a permission using permission set or profile, Salesforce will automatically enable other permissions needed to enable that permission. Salesforce will tell you what permissions will be enabled when you enable a permission, however, it will not tell you other permissions will be enabled by enabling the required permissions. Imagine this, to enable permission A, the system will tell you that it will enable permission B as well, however, to enable permission B, it needs to enable permission C and D, so you are not aware that C and D actually enabled by a Permission Set.

For this example, I create a permission set to enable a permission called "Activate Contracts".


From the above screenshot, you aware that, by enabling Activate Contracts, it will enable Edit Order and Edit Contract, and not more than that. But, let's check with Setup Audit Trail.


Let us see each line from the above audit trail screenshot:
5th - create the permission set
4th - enable read and edit for Contract object, this makes sense that to edit, the user needs to read
3rd - enable read for Account object, this is because Contract record accessibility depends on Account.
2nd - enable read and edit for Order object, this makes sense that to edit, the user needs to read
1st - enable the permission set

Because the permission set is just created, we can monitor it from the audit trail, but for the existing permission sets, you can't find the history after 6 months. So, you need to open each tab in the permission set - that's not ideal :(

Also for the scenario where you have many admins and the documentation practice is not strong, some admin adding permissions without other admin awareness, so you have no visibility of what is inside the permission set.


Is there an easy way to tell what is "inside" a permission set?
Yes, as Salesforce awesome admin, you are supposed to fill in the "Description", this will help yourself in the future, or your successor. However, Description only can have maximum 255 characters.


Check with Metadata
Because of all extra permissions in the permission set are written as metadata, you can download the permission set metadata and "see" all permissions enabled for the permission set with a simple text editor.

Salesforce inspector comes to help, it is pretty handy and nothing needs to be installed to your Salesforce org., just follow the step to download permission set metadata into a zip file.

Salesforce inspector panel

select permissionsets and click Download metadata

wait for a few seconds to download the metadata

Extract the zip file, each permission set will be stored as a file with the extension ".permissionset". Open the file with a text editor, such as Notepad++, now you have full visibility the content of that permission set, it will tell field permission, object permission, custom permission, apex class, tab setting, apex page, user permission. etc.

<?xml version="1.0" encoding="UTF-8"?>
<PermissionSet xmlns="http://soap.sforce.com/2006/04/metadata">
    <fieldPermissions>
        <editable>true</editable>
        <field>Account.Acc_Percent__c</field>
        <readable>true</readable>
    </fieldPermissions>
    <fieldPermissions>
        <editable>false</editable>
        <field>Account.Active__c</field>
        <readable>true</readable>
    </fieldPermissions>
    <hasActivationRequired>false</hasActivationRequired>
    <label>Activate Contract 2</label>
    <objectPermissions>
        <allowCreate>false</allowCreate>
        <allowDelete>false</allowDelete>
        <allowEdit>false</allowEdit>
        <allowRead>true</allowRead>
        <modifyAllRecords>false</modifyAllRecords>
        <object>Account</object>
        <viewAllRecords>false</viewAllRecords>
    </objectPermissions>
    <objectPermissions>
        <allowCreate>false</allowCreate>
        <allowDelete>false</allowDelete>
        <allowEdit>true</allowEdit>
        <allowRead>true</allowRead>
        <modifyAllRecords>false</modifyAllRecords>
        <object>Contract</object>
        <viewAllRecords>false</viewAllRecords>
    </objectPermissions>
    <objectPermissions>
        <allowCreate>false</allowCreate>
        <allowDelete>false</allowDelete>
        <allowEdit>true</allowEdit>
        <allowRead>true</allowRead>
        <modifyAllRecords>false</modifyAllRecords>
        <object>Order</object>
        <viewAllRecords>false</viewAllRecords>
    </objectPermissions>
    <userPermissions>
        <enabled>true</enabled>
        <name>ActivateContract</name>
    </userPermissions>
</PermissionSet>


PermComparator
Another option is to use PermComparator, however you need to switch between User Permissions, Object Permissions, and Setup Entity Permissions to see all extra permissions added in the permission set.


However, from my experience, PermComparator does not list all permissions, probably it has not been updated for a while, example: Allow View Knowledge, Subscribe to Reports.