platform-sharing-rules-generate
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseSharing Rules Generator
Sharing Rules生成器
Generate Salesforce Sharing Rules metadata to control record-level access beyond org-wide defaults. Supports criteria-based rules, role/group-based owner rules, and guest user rules for Experience Sites.
生成Salesforce Sharing Rules元数据,以控制超出组织级默认设置(OWD)的记录级访问权限。支持基于条件的规则、基于角色/组的所有者规则,以及适用于Experience Sites的访客用户规则。
Scope
适用范围
- In scope: Generating ,
sharingCriteriaRules, andsharingOwnerRulesmetadata; retrieving existing sharing rules from an org; appending new rules to existing files; configuring rules for Guest and Portal profiles.sharingGuestRules - Out of scope: Changing org-wide defaults (OWD/sharing model), creating Experience Sites, configuring permission sets or profiles (use ), territory-based sharing rules.
platform-permission-set-generate
- 包含范围:生成、
sharingCriteriaRules和sharingOwnerRules元数据;从组织中检索现有共享规则;将新规则追加到现有文件中;为访客和门户配置文件配置规则。sharingGuestRules - 排除范围:更改组织级默认设置(OWD/共享模型)、创建Experience Sites、配置权限集或配置文件(请使用)、基于区域的共享规则。
platform-permission-set-generate
Clarifying Questions
澄清问题
Before generating, confirm with the user if not already clear:
- Which object should the sharing rule apply to? (standard or custom object API name)
- What type of rule? (criteria-based, role/group-based owner rule, or guest user rule)
- Who should records be shared with? (role name, group, portal role, or guest user nickname)
- What access level? (Read or Read/Write)
- For criteria-based rules: what field conditions should match?
生成前,若用户未明确说明,请确认以下信息:
- 共享规则应应用于哪个对象?(标准或自定义对象API名称)
- 规则类型是什么?(基于条件、基于角色/组的所有者规则,或访客用户规则)
- 记录应共享给谁?(角色名称、组、门户角色或访客用户昵称)
- 访问级别是什么?(只读或读写)
- 对于基于条件的规则:应匹配哪些字段条件?
Required Inputs
必填输入
Gather or infer before proceeding:
- Object API name: The sObject the rule targets (e.g., ,
Account)Property__c - Rule type: One of ,
sharingCriteriaRules, orsharingOwnerRulessharingGuestRules - Shared-to target: Role, group, portal role, or guest user community nickname
- Access level: or
Read(maps to Read-Only or Read/Write)Edit - Criteria (for criteria/guest rules): Field name, operation, and value for each filter item
Defaults unless specified:
- Access level:
Read - :
includeRecordsOwnedByAllfor criteria rulestrue - :
includeHVUOwnedRecordsfor guest rulesfalse - Account sharing rules include with all sub-access levels set to
accountSettingsNone
在开始前收集或推断以下信息:
- 对象API名称:规则目标的sObject(例如:、
Account)Property__c - 规则类型:、
sharingCriteriaRules或sharingOwnerRules中的一种sharingGuestRules - 共享目标:角色、组、门户角色或访客用户社区昵称
- 访问级别:或
Read(对应只读或读写)Edit - 条件(适用于基于条件/访客规则):每个筛选项的字段名称、操作和值
默认设置(除非另行指定):
- 访问级别:
Read - 基于条件规则的:
includeRecordsOwnedByAlltrue - 访客规则的:
includeHVUOwnedRecordsfalse - 账户共享规则包含,所有子访问级别设置为
accountSettingsNone
Workflow
工作流程
All steps are sequential. Do not skip or reorder.
所有步骤按顺序执行,请勿跳过或重新排序。
Phase 1 — Discover
阶段1 — 发现
-
Resolve the SFDX project path — find the project'sand identify the package directory for
sfdx-project.json.sharingRules/ -
Check for existing sharing rules — look for. If found, read it to understand existing rules and avoid duplicates.
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml -
If no local file exists, retrieve from the org:sh
sf project retrieve start --metadata "SharingRules:<ObjectName>" --target-org <org>
-
解析SFDX项目路径 — 找到项目的,并确定
sfdx-project.json所在的包目录。sharingRules/ -
检查现有共享规则 — 查找。如果找到,读取文件以了解现有规则并避免重复。
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml -
如果本地文件不存在,从组织中检索:sh
sf project retrieve start --metadata "SharingRules:<ObjectName>" --target-org <org>
Phase 2 — Determine Rule Type
阶段2 — 确定规则类型
-
Select the rule type based on user intent. Readfor the complete schema of each type and its required elements.
references/rule-types.md -
For Account sharing rules: theelement is required. Default sub-access levels to
accountSettingsunless the user specifies otherwise.None -
For Guest rules: themust use
sharedTowith the site guest user's community nickname. Never use<guestUser>or<role>for guest rules.<group>
-
根据用户意图选择规则类型。阅读以了解每种类型的完整架构及其必填元素。
references/rule-types.md -
对于账户共享规则:必须包含元素。除非用户另行指定,否则默认子访问级别为
accountSettings。None -
对于访客规则:必须使用
sharedTo并指定站点访客用户的社区昵称。访客规则绝不能使用<guestUser>或<role>。<group>
Phase 3 — Generate
阶段3 — 生成
-
Construct the XML following the schema in. Key structure:
references/rule-types.md- One file per object
.sharingRules-meta.xml - All rules for the same object go in the same file
- If appending to an existing file, add the new rule element inside the existing root
<SharingRules>
- One
-
Name the rule — derivefrom the intent (PascalCase, no spaces, descriptive). Generate a matching
<fullName>in Title Case with spaces.<label> -
Write the file to.
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml
-
按照中的架构构建XML。核心结构:
references/rule-types.md- 每个对象对应一个文件
.sharingRules-meta.xml - 同一对象的所有规则都放在同一个文件中
- 如果追加到现有文件,将新规则元素添加到现有根元素内
<SharingRules>
- 每个对象对应一个
-
命名规则 — 根据意图生成(采用帕斯卡命名法,无空格,描述性命名)。生成对应的
<fullName>(采用标题大小写,带空格)。<label> -
写入文件至。
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml
Phase 4 — Verify
阶段4 — 验证
- Run the verification checklist below before presenting output.
- 在输出前运行以下验证清单。
Verification Checklist
验证清单
Universal Checks
通用检查
- Does the file have the XML declaration and root?
<SharingRules xmlns="http://soap.sforce.com/2006/04/metadata"> - Is there exactly one file per object with all rules inside it?
- Does use PascalCase with no spaces?
<fullName> - Is present and human-readable?
<label> - Is one of
<accessLevel>orRead?Edit
- 文件是否包含XML声明和根元素?
<SharingRules xmlns="http://soap.sforce.com/2006/04/metadata"> - 是否每个对象对应一个文件,且所有规则都在该文件内?
- 是否采用帕斯卡命名法且无空格?
<fullName> - 是否存在且易于理解?
<label> - 是否为
<accessLevel>或Read之一?Edit
Criteria Rule Checks
条件规则检查
- Is present (required boolean)?
<includeRecordsOwnedByAll> - Does each have
<criteriaItems>,<field>, and<operation>?<value> - Are picklist values valid for the target org?
- 是否存在(必填布尔值)?
<includeRecordsOwnedByAll> - 每个是否包含
<criteriaItems>、<field>和<operation>?<value> - 选择列表值对于目标组织是否有效?
Guest Rule Checks CRITICAL
访客规则检查 关键
- Does use
<sharedTo>(NOT<guestUser>or<role>)?<group> - Is present (required boolean)?
<includeHVUOwnedRecords> - Is ABSENT (only for criteria rules, not guest rules)?
<includeRecordsOwnedByAll>
- 是否使用
<sharedTo>(而非<guestUser>或<role>)?<group> - 是否存在(必填布尔值)?
<includeHVUOwnedRecords> - 是否不存在(仅适用于条件规则,不适用于访客规则)?
<includeRecordsOwnedByAll>
Owner Rule Checks
所有者规则检查
- Does the rule have both and
<sharedFrom>elements?<sharedTo> - Do both use valid ,
<role>, or<roleAndSubordinates>targets?<group>
- 规则是否同时包含和
<sharedFrom>元素?<sharedTo> - 两者是否都使用有效的、
<role>或<roleAndSubordinates>目标?<group>
Account-Specific Checks CRITICAL
账户专属检查 关键
- If object is Account, is present with all three sub-elements?
<accountSettings> - Are ,
<caseAccessLevel>,<contactAccessLevel>all set?<opportunityAccessLevel>
- 如果对象是Account,是否存在且包含所有三个子元素?
<accountSettings> - 、
<caseAccessLevel>、<contactAccessLevel>是否都已设置?<opportunityAccessLevel>
Rules / Constraints
规则 / 约束
| Constraint | Rationale |
|---|---|
One | Platform requirement — multiple files cause deployment errors |
Guest rules must use | Using |
Account rules require | Without it: "AccountSettings is required for account sharing rules" |
| Missing it causes: "Required field is missing: sharingCriteriaRules" |
| Missing it causes deployment failure |
| Criteria field values must exist as picklist values on the org | Invalid values cause: "Picklist value does not exist" |
Never hardcode file paths — resolve from | Customer projects use custom package directories |
| 约束 | 理由 |
|---|---|
每个对象对应一个 | 平台要求 — 多个文件会导致部署错误 |
访客规则必须在 | 使用 |
账户规则需要 | 缺少该元素会导致错误:"AccountSettings is required for account sharing rules" |
条件规则必须包含 | 缺少该元素会导致错误:"Required field is missing: sharingCriteriaRules" |
访客规则必须包含 | 缺少该元素会导致部署失败 |
| 条件字段值必须是组织中存在的选择列表值 | 无效值会导致错误:"Picklist value does not exist" |
切勿硬编码文件路径 — 从 | 客户项目使用自定义包目录 |
Gotchas
常见问题
| Issue | Resolution |
|---|---|
Guest rule uses | Replace with |
Account rule missing | Add |
Criteria rule missing | Add |
| Picklist value mismatch | Query the org for valid values before generating criteria |
| Appending duplicates existing rule name | Check existing |
| Guest user nickname not found | Query: |
| 问题 | 解决方案 |
|---|---|
访客规则使用 | 替换为 |
账户规则缺少 | 添加 |
条件规则缺少 | 添加 |
| 选择列表值不匹配 | 在生成条件前查询组织获取有效值 |
| 追加的规则与现有规则名称重复 | 在写入前检查现有 |
| 访客用户昵称未找到 | 执行查询: |
Output Expectations
输出预期
Deliverables:
- — complete sharing rules file for the target object
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml
交付成果:
- — 目标对象的完整共享规则文件
<packageDir>/sharingRules/<ObjectName>.sharingRules-meta.xml
Cross-Skill Integration
跨技能集成
| Need | Delegate to |
|---|---|
| Permission set configuration | |
| Custom object creation (if target object doesn't exist) | |
| 需求 | 委托至 |
|---|---|
| 权限集配置 | |
| 自定义对象创建(如果目标对象不存在) | |
Reference File Index
参考文件索引
| File | When to read |
|---|---|
| Phase 2 — before generating any rule, to get the complete XML schema for each rule type |
| 文件 | 阅读时机 |
|---|---|
| 阶段2 — 在生成任何规则之前,获取每种规则类型的完整XML架构 |