The user has only read access to Accounts still he is able to edit the Accounts.
Reproducing the Issue
- Log in with user ABC in the system.(ABC is the user ID with Access context=1015,read access=Unrestricted,write access=Restricted)
- Go to Customers work center.
- Go to Accounts view.
- Open Account 123.(123 is Account ID which is owned by a different user XYZ)
- Go to Account Team facet.
- Click on Edit and try changing the value from XYZ to ABC.
You are able to change the value successfully which is incorrect behavior as the user ABC has only Read Access to Accounts.
The user ABC is an Active Delegate for Employee XYZ which means which means that ABC will have the same access rights as XYZ.
The is expected and correct system behavior.
KBA , LOD-CRM-EMP , Employee , How To