Permissions Reference
Custom Permissions
Seven custom permissions are defined in the package. All are prefixed CallCore_.
| Display Name | API Name | Purpose |
|---|---|---|
| CallCore - Integration | CallCore_Integration |
Allows calls to the REST API endpoints. Required for the external call system. |
| CallCore - Listen To Handled Call Recordings | CallCore_ListenToHandledCallRecordings |
Can play recordings for calls where the user is the matched handler. The single permission that gates all own-call access. |
| CallCore - Listen To All Call Recordings | CallCore_ListenToAllCallRecordings |
Can play recordings for any call within permitted scope. |
| CallCore - View All Calls | CallCore_ViewAllCalls |
Can see all call records within permitted scope (no summaries, transcripts, or recordings implied). |
| CallCore - View All Call Summaries | CallCore_ViewAllCallSummaries |
Can see AI-generated summaries for all calls within permitted scope. |
| CallCore - View All Call Transcripts | CallCore_ViewAllCallTranscripts |
Can view full transcripts for all calls within permitted scope. |
| CallCore - Debug Mode | CallCore_DebugMode |
Exceptions are rethrown rather than gracefully handled. Debug metadata is included in timeline responses. |
Permission Hierarchy
Permissions form an implication chain. Holding a higher permission automatically satisfies all checks below it. This is implemented explicitly in CallCoreSecurity — there is no platform-level inheritance.
CallCore - Listen To All Call Recordings (CallCore_ListenToAllCallRecordings)
└── implies CallCore - View All Call Transcripts (CallCore_ViewAllCallTranscripts)
└── implies CallCore - View All Call Summaries (CallCore_ViewAllCallSummaries)
└── implies CallCore - View All Calls (CallCore_ViewAllCalls)
In other words: a user who can listen to all recordings can by definition see all transcripts, summaries, and call records.
canViewAllCallTranscripts() → canListenToAllCallRecordings() OR has CallCore_ViewAllCallTranscripts
canViewAllCallSummaries() → canViewAllCallTranscripts() OR has CallCore_ViewAllCallSummaries
canViewAllCalls() → canViewAllCallSummaries() OR has CallCore_ViewAllCalls
Own-Call Access
"Own call" means the user is the Salesforce user matched to the call's PhoneCallHandler__c. Own-call access is gated by a single permission: CallCore_ListenToHandledCallRecordings. Holding this permission grants the ability to view, see summaries, see transcripts, and listen to recordings for calls where the user is the handler.
Per-Item Permission Checks
Passing the permission gate does not mean the user can see all content on every call. Per-item checks compare the running user's ID against the handler's linked user ID:
- Summary: visible if
(userIsHandler AND canViewOwnSummaries) OR canViewAllSummaries - Transcript link: visible if transcript is Available AND
(userIsHandler AND canViewOwnTranscripts) OR canViewAllTranscripts - Recording player: visible if recording locator exists AND
(userIsHandler AND canListenToOwnRecordings) OR canListenToAllRecordings
Permission Sets
Eight permission sets are shipped with the package. Admins assign these to users via Profiles or Permission Set Groups.
| Display Name | API Name | Custom Permission Granted | Intended Audience |
|---|---|---|---|
| CallCore TX - Integration | CallCore_TX_Integration |
CallCore - Integration | Integration user / connected app |
| CallCore TX - Handled Calls Access | CallCore_TX_HandledCallsAccess |
CallCore - Listen To Handled Call Recordings | Standard agents — own calls only |
| CallCore TX - View All Calls | CallCore_TX_ViewAllCalls |
CallCore - View All Calls | Supervisors who need call volume visibility |
| CallCore TX - View All Summaries | CallCore_TX_ViewAllCallSummaries |
CallCore - View All Call Summaries | Managers reviewing AI summaries |
| CallCore TX - View All Call Transcripts | CallCore_TX_ViewAllCallTranscripts |
CallCore - View All Call Transcripts | QA / compliance — full text |
| CallCore TX - Listen To All Call Recordings | CallCore_TX_ListenToAllCallRecordings |
CallCore - Listen To All Call Recordings | QA / compliance — audio |
| CallCore TX - Debug | CallCore_TX_Debug |
CallCore - Debug Mode | Developers / implementation engineers |
| CallCore TX - Call Activity Reporting | CallCore_TX_CallActivityReporting |
(none — object/field access only) | Reporting users who need read access to call activity log data |
Permission sets are additive. A typical agent gets CallCore TX - Handled Calls Access. A supervisor might get that plus CallCore TX - View All Calls. A QA analyst gets CallCore TX - Listen To All Call Recordings (which implicitly covers everything beneath it).
Restriction Strategies
Custom permissions control what type of data a user can see. Restriction strategies control which subset of that data they can see. The two layers are independent and both must pass.
Two restriction strategies are evaluated at the start of every timeline query:
RestrictSources — returns an IdRestriction representing which Source__c records the user may access. If the default implementation is in use (or no override is configured), it returns IdRestriction.allowAll() and sources are not filtered. A subscriber org might override this to restrict users to only the phone lines relevant to their department.
RestrictCallHandlers — returns a set of allowed User__c IDs (the Salesforce users linked to handlers the running user may see). Used to filter the query to only segments handled by permitted users. Like RestrictSources, defaults to allow-all if not overridden.
The convention for restriction strategies:
| Return value | Meaning |
|---|---|
null |
Allow all — do not filter the query |
Non-empty Set<Id> |
Allow only these IDs |
Empty Set<Id> |
Allow none — query returns nothing |
Both restrictions are applied as SOQL filters inside PhoneCallQueryStore. They are evaluated once per timeline request and passed into the query, not checked per-row after the fact.