Since then, I received several emails, from my readers,requesting me to show how to auto assign Permission Set to new users using Process Builder.
So, here it is! In this article, we will discuss how to assign a Permission Set to new users using Process Builder and Flow.
Salesforce allows you to add Permission Sets to users, to extend their functionalities without changing their profile. For example, if you want to grant Modify all access on Account objects to a set of users – without changing their profile or creating a new profile – then, consider using Permission Set.
Business Use case
Martin Jones is working as a System Administrator at Gurukul on Cloud (GoC). At GoC they have rolled out Lightning Experience for VP of Sales and VP of Marketing only. Martin has received a requirement to enable Lightning Experience for all new users and ensure that all new users undergo training on Lightning Experience.
Solution for the above business requirement
To solve this requirement we will use Visual Workflow and Process Builder. (#1) Process builder will fire when a new user gets setup and it will trigger the Flow. (#2) Visual Workflow will add permission set to the new user. Before proceeding ahead, you have to understandPermissionSetAssignment (It represents an association between a User and a PermissionSet)objects in Salesforce.
Field Name
Details
AssigneeId
ID of the user to assign the permission set.
PermissionSetId
ID of the PermissionSet to assign to the user.
First of all, we will create a new permission set called Lightning Experience.
Then assign the Lightning Experience User systempermissionto it.
The next step is to grab the permission set Id, as shown in the following screenshot: The above screenshot shows how to grab Permission Set ID using Developer Console. Now, we need to create a Custom Label to store the aforementioned Permission Set Id.Read the rest of this entry!
Posted at 3:41 AM by Rakesh Gupta, on August 14, 2014
Permission Sets are helpful for providing a particular set of functionalities to a user in addition to the permissions provided to their Profile. For example, you may want to grant only a few of your sales users to convert leads or two-factor authentication access. In this case, rather than having a special sales profile with the convert lead permission or two-factor authentication permissions. You have to create a permission set with the lead conversion permission and assign it to a specific user. So most of the time you came around this situation mentioned below
Assign permission set to a user after 7 days from Today i.e. 21-Aug-2014 future date
Assign permission set for a specific time period 22-Aug-2014 to 30-Aug-2014 (Like you have defined start and end time)
Remove permission set from user on 31-Aug-2014 i.e. future date
Note: – Remember Today is 14-Aug-2014.
So what you will be done in these cases, wants’ to automate this process if yes then have a look at this article.
Business Use Case
Management in Universal Container wants to automate permission set assignment process so their admin workload will be reduced.
Solution for the above business requirement
In this article, I am going to discuss how to auto assign Permission Sets to a user and In the next articl I, will discuss about auto remove Permission Sets. First of all create few fields on theUser object to save condition to auto assign Permission Sets to the user. In this demo I will create few fields on the User object as shown in the below screenshot
Custom Fields on User object
To solve this requirement we will use Visual Workflow and Workflow Rule (i.e Headless Flow). Before going ahead with the solution you have to understand about PermissionSetAssignmentObject. It’s represents the association between a User and a Permission Set. Below are the key fields from PermissionSetAssignmentobject
Field Name
Details
PermissionSetId
ID of the PermissionSet to assign to the user specified in AssigneeId.
AssigneeId
ID of the User to assign the permission set specified in PermissionSetId.
To develop this application follow the below instructions
1) Click on Name | Setup | App Setup | Create | Workflows & Approvals | Flows
2) Click on New Flow, it will open flow canvas for you. Create Two Text type variable UserID (To pass User ID) and PermissionsetID (To pass permission set ID)
3) Drag and drop a Record Create ( Give the name Assign Permission Set) onto the window to assign permission set to userand map the fields according to below details
Select Object PermissionSetAssignment
AssigneeId= {!UserId}
PermissionSetId= {!PermissionSetID}, You can take help from the following screenshot
Assign Permission Set
4) Finally our Flow will look like the following screenshot
8) Save the flow with name Add Permission Set and close the canvas.
Create Workflow rule to fire our Flow
Our next task is to create a workflow on the User object on creation and every time it’s edited event. To create a workflow on the User object follow the below instructions
1) Click on Name | Setup | App Setup | Create | Workflows & Approvals | New Rule
2) Select object User from the drop-down
3) Enter Name, for Evaluate criteria select Created, and any time it’s edited to subsequently meet criteria ( To create a time dependent workflow), For Rule Criteria select From Date != False and Start= False as shown in the following screenshot
Workflow Rule1
4) Now Add a time trigger to to set Start flag True after 1hr of From Date. To do this click on Add Time Trigger button and Set the length after how many days/hours workflow will fire i.e. in hours and days, I selected 1hr after the From Date. Now add one field update action for time dependent workflow and set Start flag to True. You can take help from the following screenshot
Time based action
5) Save the workflow and activate it.
6) Create another workflow (i.e. workflow Rule2 ) on the same object to fire our Flow, set entry criteria of trigger is Start= True
Workflow Rule2
7) Add one Immediate Workflow Actions i.e.New Flow Trigger and Select Flow (Add Permission Set) and set Variable (UserID and PermissionSetID) value as shown in the following screenshot
New Flow Trigger Action
8) Add one Immediate Workflow Actions i.e.New Field Update and Set Start flag to False.
9) Save the workflow and activate it.
It’s time to test this feature
1) Go to the User’s detail page to whom you want to assign Permission Sets and fill the detail. In this demo I am going to assign Permission Sets with Name “Test“, it will look similar to below screenshot
Permission Set Assignment Detail
2) To check time dependent workflow queue Follow the path, Click on Name | Setup | Administration Setup |Monitoring | Time–BasedWorkflow and search the queue
Time-Based Workflow Queue
3) Below is the Proof of concept for your reference