I'm looking into controlling record visibility. I'd like to use one business object (like Incident) and allow its records to visible to some groups, but not others. I'm basically creating multitenancy. Has anyone done this? If so, how did you implement it?
What are your "groups" based on? Security groups, roles, teams?
I'd think it would be simplest to have separate teams.
Phil, do you want certain groups (teams) to not see Incident management at all?
Yes, some teams should not see Incident records at all. My question is more geared towards how to give access to the Incident business object, but not all the records of that object.
For example, if I’m on the Help Desk team, and create ticket #1; Dave is on the HR team, and he creates ticket #2. If I create another ticket, it’ll be #3, etc. I have no visibility in ticket #2, and Dave cannot see tickets 1 and 3.