Provide User Access With Multiple String or ID Values in Record Criteria

This restriction rule allows active users to see records whose Name__c field matches the rule’s record criteria value. The record criteria contains strings separated by a comma. ID values are also supported. Double-quotes specify that the value inside the quotes isn’t considered a delimiter.
Available in: Lightning Experience in Enterprise, Performance, Unlimited, and Developer Editions

This rule uses a custom object called Agent__c with a custom text field called Name__c.

Tooling API

1{
2    "FullName":"Agent records matching name field",
3    "Metadata": {
4        "active":true,
5        "description":"Show Records Matching Name__c field",
6        "enforcementType":"Restrict",
7        "masterLabel":"Records Matching Name__c field",
8        "recordFilter":"Name__c='Tom, Anita, “Torres, Jia”'",
9        "targetEntity":"Agent__c",
10        "userCriteria":"$User.IsActive=true", 
11        "version":1 
12    }
13}

Metadata API

1<?xml version="1.0" encoding="UTF-8"?>
2<RestrictionRule xmlns="http://soap.sforce.com/2006/04/metadata">
3    <active>true</active>
4    <description>Show Records Matching Name__c field</description>
5    <enforcementType>Restrict</enforcementType>
6    <masterLabel>Records Matching Name__c field</masterLabel>
7    <recordFilter>Name__c='Tom, Anita, “Torres, Jia”</recordFilter>
8    <targetEntity>Agent__c</targetEntity>
9    <userCriteria>$User.IsActive=true</userCriteria>
10    <version>1</version>
11</RestrictionRule>

This restriction rule allows active users to see records owned by two different managers. In this example, the rule’s record criteria contains IDs separated by a comma.

Tooling API

1{
2    "FullName":"Records Owned By Managers",
3    "Metadata": {
4        "active":true,
5        "description":"Displays records owned by two department managers",
6        "enforcementType":"Restrict",
7        "masterLabel":"RR for manager records",
8        "recordFilter":"Agent__c.Owner:User.ManagerId=001xx000003HNy7, 001xx000003HNut",
9        "targetEntity":"Agent__c",
10        "userCriteria":"$User.IsActive=true", 
11        "version":1 
12    }
13}

Metadata API

1<?xml version="1.0" encoding="UTF-8"?>
2<RestrictionRule xmlns="http://soap.sforce.com/2006/04/metadata">
3    <active>true</active>
4    <description>Displays records owned by two department managers</description>
5    <enforcementType>Restrict</enforcementType>
6    <masterLabel>RR for manager records</masterLabel>
7    <recordFilter>Agent__c.Owner:User.ManagerId=001xx000003HNy7, 001xx000003HNut</recordFilter>
8    <targetEntity>Agent__c</targetEntity>
9    <userCriteria>$User.IsActive=true</userCriteria>
10    <version>1</version>
11</RestrictionRule>