Luckily we're not talking about lost biological father or shared custody. Those could be worse battles, but this one isn't easy to deal with either. If you have an elaborate sharing scheme set up in Salesforce.com with roles and sharing rules in Salesforce.com, and you feel very safe about it, you may be in a surprise when accidentally exposed - by ImplicitParent. That's a rowCause in tables like AccountShare. The Reason in the documentation (APEX Dev Guide) for the rowCause is "Associated record owner or sharing", which isn't quite clear to understand what it means. This link may explain it better. Basically that indicates the Account record is being shared out to users who have access to Opportunities or Cases on the account by ownership or sharing rules. Now you see the danger?
I had just such a case happened to me. A business unit is isolated by sharing model and rules so their records can't be seen by other users. Then an admin imported some opportunities under that unit's master Account record with himself as owner. Shortly after his role was changed for testing things - that change added 4 ImplicitParent rows to the AccountShare for the master Account record, because other than himself, there're sharing rules defined for the new role to give more access to others. All of a sudden the master Account unit and all its Contacts children with sensitive data were exposed to a whole lot new audience (Contacts are "Controlled by Parent"). Luckily all of this were caught in a dry run. Scary!
Update: now the documentation doesn't even mention the ImplicitParent RowCause.
ReplyDeletehttp://www.salesforce.com/us/developer/docs/api230/Content/sforce_api_objects_accountshare.htm
Also in OpportunityShare, the same scenario will give a RowCause of ImplicitChild, i.e., the opportunity's Account has an opportunity that is owned by the user as indicated by UserorGroupId.