Question:

Admins enable Use Action security to control Sharing Settings and grant users Edit permission inside the object's lifecycle state. But why users still can not edit the sharing settings?

Answer:

To be able to edit object sharing settings, two levels of permission are required.

• Profile Security: Allows users to control access to the Sharing Settings action, with the View and Execute permissions, at the object level by the user’s security profile. Vault automatically grants the Execute permission on the object action if the permission set has the Edit privilege on the object. If the object has the Read permission, Vault automatically grants the View permission on the action. You can further configure custom permission sets after enabling security on sharing settings.
• Atomic Security: Allows users to secure the Sharing Settings action by individual lifecycle states, with the Hide, View, and Execute permissions, and the ability to override settings for specific application roles.

Related Documentation:

Vault Help: About the Secure Sharing Settings Action