Newer Version Available
Create a Branch Management Scoping Rule Using the Tooling API
| Available in: Lightning Experience in Performance and Unlimited Editions |
| User Permissions Needed | |
|---|---|
| To create and manage scoping rules: | Manage Sharing |
| To view scoping rules: | View Setup & Configuration AND View Restriction and Scoping Rules |
This example uses the SOQL operator in its recordFilter. Check out the Branch Management data model to understand the objects used in this example and how they relate to each other.
-
Use the RestrictionRule object to create and manage both restriction rules and scoping
rules. Include the FullName value and all required fields. For more
information, see the reference topic RestrictionRule.
In this example, we used these values.
1{ 2 "FullName": "BranchRuleOnAccount", 3 "Metadata": { 4 "active": true, 5 "description": "Scoping rule where users can scope account records by the user’s current 6branch", 7 "enforcementType": "Scoping", 8 "masterLabel": "BranchRuleOnAccount", 9 "recordFilter": "SOQL(Id, SELECT AccountId FROM BranchUnitCustomer USING SCOPE 10EVERYTHING WHERE BranchUnitId IN(SELECT CurrentBranchId From Banker WHERE 11UserOrContactId = $User.Id))", 12 "targetEntity": "Account", 13 "userCriteria": "$User.IsActive = true", 14 "version": 1 15 } 16}This example also uses objects from the Branch Management data model and sets a scoping rule that shows users lead records related to the user’s current branch location.
1{ 2 "FullName": "BranchRuleOnLead", 3 "Metadata": { 4 "active": true, 5 "description": "Scoping rule where users can scope lead records by the user’s current 6branch", 7 "enforcementType": "Scoping", 8 "masterLabel": "BranchRuleOnLead", 9 "recordFilter": "SOQL(Id, SELECT RelatedRecordId FROM BranchUnitRelatedRecord USING SCOPE 10EVERYTHING WHERE BranchUnitId IN(SELECT CurrentBranchId From Banker WHERE 11UserOrContactId = $User.Id))", 12 "targetEntity": "Lead", 13 "userCriteria": "$User.IsActive = true", 14 "version": 1 15 } 16}To create a similar scoping rule for a different object, adjust the targetEntity field to include case, contact, or another supported standard or custom object.
-
To create the scoping rule, use a POST request in the tooling API.
POST /services/data/v59.0/tooling/sobjects/RestrictionRule
- Copy your scoping rule definition into the request body.
-
Execute your request. Copy the ID returned for the scoping rule for later reference.
Let’s take a closer look at the Branch Rule On Account example’s SOQL operator.
SOQL(Id, SELECT AccountId FROM BranchUnitCustomer USING SCOPE EVERYTHING WHERE BranchUnitId IN(SELECT CurrentBranchId From Banker WHERE UserOrContactId = $User.Id))- The SOQL statement takes the Id from the account object, which is the target entity whose records the scoping rule filters, and selects AccountId from the BranchUnitCustomer object.
- The where clause gets the BranchUnitId, which is a unique identifier of each branch, from a nested query. The nested query finds each banker’s current branch from the Banker object by matching the UserOrContactId to the currently logged-in user.
When writing scoping rules using SOQL, follow these guidelines.- In SOQL operators, the SOQL query object and the scoping rule target entity can’t be the same object. In this example, the SOQL query object is BranchUnitCustomer and the scoping rule object, called the targetEntity, is account.
- In the SOQL type RecordCriteria, the left operand must query a single ID (primary key) or reference (foreign key) field. In this example, the left operand is a field on the target entity called Id.
For more tips about writing scoping rules using a performant SOQL operator, see Scoping Rules Considerations. The SOQL operator is supported for scoping rules only.