[This article is for version 1.15 or later. For permission sets in version 1.14 please see this article]
The app includes the following permission sets:
Decisions on Demand Administrator
For users who need full management access to business policies (except delete, see note 2 below)Decisions on Demand Author
For users who need to view and edit selected business policiesDecisions on Demand User
For users who need to apply business policies to their owned records, or view policy execution records
These permission sets can be used to grant access to individual users at any time after installation.
Permissions to modify metadata, customize application, and modify all data.
Certain operations like activating triggers and scheduled or periodic invocations require permission to modify metadata. This permission, and the others listed below, are not included in the Decisions on Demand Administrator Permission Set, because it would also grant significant access to features outside of Decisions on Demand.
Users must have the Customize Application permission to create, update, and delete metadata records. To allow users to create Decisions on Demand invocation settings, you will need to grant them the Modify Metadata Through Metadata API Functions permission. Without this permission, users with the Decisions on Demand Administrator Permission Set will not be able to modify invocation settings. They will still be able to run manual batch jobs, but not store them for reuse. To run the Scheduled and Periodic Invocations it is necessary to grant Modify All Data.
Use of sharing rules
Access to individual policies for Author users can be controlled using standard Salesforce sharing rules. See tables below for details.
Permissions Overview
Details of the access granted is shown in the tables below.
Assigned Apps
Administrator | Author | User | |
DecsOnD.Decisions on Demand (DecsOnD__Decisions_on_Demand_Lightning) | Yes (1) | Yes (1) | No |
| DecsOnD.Decisions on Demand (DecsOnD__Decisions_on_Demand) | Yes (1) | Yes (1) | No |
Object Settings
Administrator | Author | User | |
Assignment Business Hours | Full Access | Read | Read |
| Business Policies | Full Access | Read-Edit | Read |
Invocation Records | Full Access | Read | N/A |
Policy Execution Records | Full Access | Read | Read |
Application components
Administrator | Author | User | |
Decisions on Demand Setup tab | No (1) | No | N/A |
Assignment Business Hours tab | Yes | Yes | |
| Business Policies tab | Yes | Yes | |
Policy Execution Records tab | Yes | Yes | |
Welcome tab | Yes | No |
Functionality
Administrator | Author | User | |
Install template | Yes | No | No |
| View policy | Yes | Sharing (RW) | No |
| Edit policy | Yes | Sharing (RW) | No |
| Export policy | Yes | No | No |
| Clone or import policy | Yes | No | No |
Change active version | Yes | Sharing (RW) | No |
View policy meta-data | Yes | Sharing | Sharing |
View policy execution log | Yes | Sharing | Sharing |
View policy audit trail | Yes | Sharing | No |
View policy content | Yes | Sharing | No |
Apply policy | Yes | Yes | Yes |
Archive/restore policy | Yes | No | No |
Delete policy | No (2) | No | No |
| Create Assignment Business Hours | Yes | No (R) | No (R) |
| View Decisions on Demand reports | Yes | Sharing | Sharing |
| Run Batch Job | Yes | No | No |
| Create, edit, or delete Triggers | Yes | No | No |
| Create, edit, or delete Periodic Invocations | Yes | No | No |
| Create, edit, or delete Scheduled Invocations | Yes | No | No |
| Download Policy as Excel | Yes | Yes | No |
| Upload Policy from Excel | Yes | Yes | No |
In the table above, ‘Sharing’ means that the access to individual policies is controlled by standard Salesforce sharing rules. By default the Sharing Settings are set to 'Private'.
(1) Only a Salesforce Administrator can access this tab
(2) Only a Salesforce Administrator can delete a policy – but a Decisions on Demand administrator can archive it.