Salesforce From Scratch

AI-Assisted Salesforce Development Made Simple

Page 9 — Permissions and the Security Model

Viewer, Admin, and Approver — Who Can Do What

Series: Build a Salesforce Guide App with AI Page: 9 of 10 Time to complete: 20–30 minutes (all Setup UI — no code in this page) Prerequisites: Page 8 complete

What You’re Doing in This Page

Up to now you’ve been building and testing as a System Administrator. Before the app is ready for real users you need to define what everyone else can do. This page creates three permission sets and explains the reasoning behind each design decision.

The security model has four tiers:

System Administrators — handled by the System Administrator profile. Full access to everything. No permission set needed.

Guide Admins — designated team members who create and maintain guides. Can author, edit, delete, and manage topics. Their guides go through the approval queue before publishing.

Guide Approvers — designated reviewers who approve or reject guides submitted for publication. Read-only on guides themselves — their role is to review, not author.

Guide Viewers — everyone else. Read-only access to published guides. Can vote helpful/not helpful. Cannot see drafts, pending guides, or admin-audience guides.

💡 One important point: The permission sets control object-level access. The Apex service layer adds a second layer of enforcement — getGuides() filters to Status = Published and Audience = User regardless of what the running user’s permissions allow. Even a misconfigured permission set can’t expose draft or admin guides to viewers.

Create the Three Permission Sets

Guide_Viewer — assign to all internal users

  1. Setup → Permission Sets → New
Field Value
Label Guide Viewer
API Name Guide_Viewer
Description Read access to published guides. Assign to all internal users.

  1. Object Settings → Guides → Edit

    • Tick Read only
    • Tick Read Access on all fields
    • Click Save

  2. Repeat Read-only access for:

    • Guide Topics
    • Guide Topic Assignments
    • Guide Videos

  3. Assigned Apps → Edit — add Guide Hub → Save

Guide_Admin — assign to guide authors

  1. Setup → Permission Sets → New
Field Value
Label Guide Admin
API Name Guide_Admin
Description Full authoring access. Can create, edit, and delete any guide. Assign to designated content authors.

  1. Object Settings → Guides → Edit

    • Tick Read, Create, Edit, Delete, and Modify All
    • Tick Read Access and Edit Access on all fields
    • Click Save

  2. Object Settings → Guide Topics → Edit

    • Tick Read, Create, Edit
    • Click Save

  3. Object Settings → Guide Topic Assignments → Edit

    • Tick Read, Create, Edit, Delete
    • Click Save

  4. Object Settings → Guide Videos → Edit

    • Tick Read, Create, Edit, Delete
    • Click Save

  5. Assigned Apps → Edit — add Guide Hub → Save

💡 Why Modify All on Guide__c? The org-wide default for Guide__c is Public Read Only. Without Modify All, a Guide Admin can only edit and delete records they personally created — they can’t edit a colleague’s guide. Modify All overrides ownership restrictions for that object, allowing any Guide Admin to edit or delete any guide. This matches the intended behaviour for a collaborative content team.

Guide_Approver — assign to designated reviewers

  1. Setup → Permission Sets → New
Field Value
Label Guide Approver
API Name Guide_Approver
Description Read access to all guides including drafts. Can approve and reject guides via the approval queue. Does not have authoring access.

  1. Object Settings → Guides → Edit

    • Tick Read only
    • Tick Read Access on all fields
    • Click Save

  2. Read-only access on Guide Topics, Guide Topic Assignments, Guide Videos (same as Viewer)

  3. Assigned Apps → Edit — add Guide Hub → Save

  4. Go to Setup → Queues → Guide Approvers → Edit

    • Under Queue Members, add any users who have this permission set
    • Click Save

💡 The queue connection matters. The permission set gives access to the app and records. The queue membership is what causes approval requests to appear in that user’s approval queue. Both are needed — a user with the permission set but not in the queue won’t receive approval requests.

Assign Permission Sets for Testing

For testing in a single-user org, assign all three to yourself:

  1. Permission Sets → Guide Viewer → Manage Assignments → Add Assignments → select your user → Assign
  2. Repeat for Guide Admin and Guide Approver

In production, assign Guide_Viewer broadly (all internal users), Guide_Admin to a small group of content owners, and Guide_Approver to whoever is responsible for quality-checking guides before they go live.

Check Your Work

  • ✅ Guide_Viewer permission set created with Read access on all four guide objects
  • ✅ Guide_Admin permission set created with Modify All on Guide__c
  • ✅ Guide_Approver permission set created with Read-only access
  • ✅ Guide Approvers queue has at least one member
  • ✅ All three permission sets assigned to your user for testing

What’s Next

One page left. In Page 10 you’ll connect existing Salesforce Knowledge articles to the guide library — so content you’ve already written doesn’t have to be duplicated.

← Previous: Page 8 — Video Support and the Visualforce Bridge Next → Page 10 — Knowledge Integration and Polish