Are account owners given edit access to related contacts implicitly, even if the contacts are owned by another user? - Answers - Salesforce Trailblazer Community
Trailblazer Community
Ask Search:
Tony KiddTony Kidd 

Are account owners given edit access to related contacts implicitly, even if the contacts are owned by another user?

Hi all, I am working on the below question from the admin cert practice test and I believe the answer to be D.

I set up two TPs and set the OWD for Account and Contact to "Public Read Only" Then ran tests and in both sites the account owner was able to edit the account's related contacts that were owned by another user.

I also found this article which seems to imply that this is correct and that edit access is given implicitly https://developer.salesforce.com/docs/atlas.en-us.draes.meta/draes/draes_object_relationships_implicit_sharing.htm
The reason for this post however is that all other answers I have found in other discussions about this question chose different options. Can someone please confirm that this is correct for me?


Universal Containers uses a hybrid sharing model where Accounts and Contacts are Read Only and Opportunities and Cases are Private. Account Executives (AE) own all the Accounts. Some Contacts are owned by AEs, and other Contacts are owned by support reps.
 
How should the System Administrator ensure the AEs can edit all the Contacts associated with their Accounts, no matter who owns the Contact?

A. Create a read/write Sharing Rule to share all related Contacts with the Account owner.
B. Use the Mass Transfer Tool to transfer ownership of all Contacts to the AEs.
C. Select the edit all associated contacts option for the AE Role in the Role Hierarchy.
D. Account owner privileges give the AE edit access to all related records by default.
Magulan DuraipandianMagulan Duraipandian
Answer is C. Account’s owner role defines the access.

Magulan Duraipandian
www.infallibletechie.com
Tony KiddTony Kidd
Thanks for the reply Magulan. However, Im not using any heirarchy in these sites that I am testing in and yet still the account owner has access to a related contact that is owned by another user. Would this not suggest that D is correct? 
Arianne Mae CruzArianne Mae Cruz
Hi Tony, based on my experience I can say that with the wait the question is phrased,Magulan is correct that C is the answer. In the environment you are testing on, an you verify if the account owner does not have any role assigned? 
Tony KiddTony Kidd
Hi Arianne, the two test environments I am trying in, neither of them have roles assigned. I just now created a new TP to test it on and now the account owner cannot edit the contact it does not own which is what you guys were saying.

But now Im trying to figure out which setting(s) in the two first environments is allowing this. There are no sharing rules.  I have tried a new user and a different profile and still the account owner can edit a contact related to the account but which they do not own.

Can you think of anything?
 
Ahmed Djallel BOUISRIAhmed Djallel BOUISRI

I know this is an old thread @Tony Kidd, but i'll answer it for future reference.

It is important to note that the question specifies that "sharing model where Accounts and Contacts are Read Only and Opportunities and Cases are Private", so in this case you would find checkboxes to precise access to Contacts, Opportunities and Cases related to Accounts you own in the edit page of a Role. But, if the sharing setting was selected to "Controlled by Parent" i.e: Account, you would have automatically access to any related records of the Accounts you own, which are Contacts, Cases and Opportunities. And that is probably what you have on your two TP orgs, or the owner has "Modify All Data" permission.

This is actually confirmed by the link (https://developer.salesforce.com/docs/atlas.en-us.draes.meta/draes/draes_object_relationships_implicit_sharing.htm) you shared on the column "Details".