Newer Version Available
RestrictionRule (Beta)
File Suffix and Directory Location
RestrictionRule components have the suffix .rule and are stored in the restrictionRules folder.
Version
RestrictionRule components are available in API version 52.0 and later.
Special Access Rules
To enable restriction rules, contact Salesforce Customer Support. Only users with the Manage Sharing permission can create restriction rules.
Fields
| Field Name | Field Type | Description |
|---|---|---|
| active | boolean | Indicates whether the rule is active (true) or not (false). The default value is false. |
| description | string | Required. The description of the rule. |
| enforcementType | EnforcementType (enumeration of type string) | Required. The type of rule. Valid values are:
|
| masterLabel | string | Required. The name of the rule. |
| recordFilter | string | Required. The criteria that determine which records are accessible via the restriction rule. |
| targetEntity | string | Required. The object for which you're creating the rule. Custom objects and the Contract, Event, and Task objects are supported. We recommend that you don’t edit this field after the restriction rule is created. |
| userCriteria | string | Required. The users that this rule applies to, such as all active users or users with a specified role or profile. |
| version | int | Required. The rule's version number. |
Declarative Metadata Sample Definition
The following is an example of a RestrictionRule component.
1<?xml version="1.0" encoding="UTF-8"?>
2<RestrictionRule xmlns="http://soap.sforce.com/2006/04/metadata">
3 <active>true</active>
4 <description>Allows users with a specific profile to see only tasks that they own.</description>
5 <enforcementType>Restrict</enforcementType>
6 <masterLabel>Tasks You Own</masterLabel>
7 <recordFilter>OwnerId = $User.Id</recordFilter>
8 <targetEntity>Task</targetEntity>
9 <userCriteria>$User.ProfileId = '005xxxxxxxxxxxx'</userCriteria>
10 <version>1</version>
11</RestrictionRule>The following is an example package.xml that references the previous definition.
1<?xml version="1.0" encoding="UTF-8"?>
2<Package xmlns="http://soap.sforce.com/2006/04/metadata">
3 <types>
4 <members>*</members>
5 <name>RestrictionRule</name>
6 </types>
7 <version>52.0</version>
8</Package>Usage
You can create up to two restriction rules per object in Enterprise and Developer Editions and up to five restriction rules per object in Performance and Unlimited Editions.
Create only one restriction rule per object per user. In other words, for a given object, only one restriction rule at most should have the userCriteria field evaluate to true for a given user.
For more information on restriction rules, see the Restriction Rules Developer Guide (Beta).