Inserting Person Account record does not create Person Implicit share on Contact due to owner sharing rule on Account.
Last updated 2022-02-10 ·Reference W-7610393 ·Reported By 3 users
When inserting Person Account record via API tool such as Dataloader or through the UI, Person Implicit share on Contact is not created which blocks access to Contact for users who are in target group of Account sharing rule.
This issue occurs when Account and Contact Org-Wide Default settings are both set to Private and Account sharing rule must be set to Owner-based.
1. Enable and configure Person Accounts
2. Assign the Person Account record type to user profiles.
3. Set Org-Wide Sharing Defaults to Private for both Account & Contact object.
4. Create CEO role
5. Assigned CEO role to SysAdmin user
6. Create a role that reports to CEO
7. Create a standard user
8. Assigned standard user a role that reports to CEO role
9. Create an Owner based sharing rule on Account
a. sharing Accounts owned by Role and Subordinates of CEO role to all users in Role and Subordinates of CEO Role
b. Access to Accounts is Read/Write
c. Access to Contacts is Read/Write
d. Access to Cases is Private
e. Access to Opportunities is Private
Reproduce the issue:
1. Log in as the SysAdmin user through an API tool or the UI.
2. Create new Person Account record
3. Check Workbench for account shares: you will see owner share and a rule share as expected
4. Check Workbench for account you just created and pull id of Contact (SELECT PersonContactId FROM Account WHERE Id = '<account id you created>')
5. Check Workbench for contact shares for contact you found above - there will be only one share. The target of that share will be account owner. This means that the Implicit Person share corresponding to rule share on account is not created.
6. Log in as Standard user (in role that reports to CEO) and access Contact record created. Insufficient Privileges error is displayed
Use Criteria-Based Sharing for Account Sharing Rules.
Is it Fixed?
Any unreleased services, features, statuses, or dates referenced in this or other public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make their purchase decisions based upon features that are currently available.