Restriction Rules Developer Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
About This Guide
Restriction Rules
Quick Start: Control Which Tasks the Sales Team Can Access
Considerations
Example Scenarios
Tooling API Reference
RestrictionRule
Metadata API Reference
PDF

RestrictionRule

Represents a restriction rule or a scoping rule. A restriction rule has EnforcementType set to Restrict and controls the access that specified users have to designated records. A scoping rule has EnforcementType set to Scoping and controls the default records that your users see without restricting access.
This object is available in API version 52.0 and later.

Supported SOAP API Calls

create(), delete(), describeSObjects(), query(), retrieve(), update(), upsert()

Supported REST API Methods

DELETE, GET, HEAD, PATCH, POST, Query

Special Access Rules

Only users with the View Restriction and Scoping Rules permission can view restriction rules and scoping rules via the API. Only users with the Manage Sharing permission can view, create, update, and delete restriction rules and scoping rules.

Fields

Field Details
Description
Type
textarea
Properties
Filter, Group, Nillable, Sort
Description
Required. The description of the rule.
DeveloperName
Type
string
Properties
Filter, Group, Sort
Description
The unique name for the RestrictionRule object.
This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. This field is automatically generated, but you can supply your own value if you create the record using the API.

Only users with View DeveloperName OR View Setup and Configuration permission can view, group, sort, and filter this field.

Note
EnforcementType
Type
picklist
Properties
Defaulted on create, Filter, Group, Restricted picklist, Sort
Description
Required. The type of rule.
Possible values are:
  • FieldRestrict—Don’t use.
  • Restrict—Restriction rule.
  • Scoping—Scoping rule.
FullName
Type
string
Properties
Create, Group, Nillable
Description
Required. The full name of the associated RestrictionRule in Metadata API. The full name can include a namespaceprefix.
Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance.
IsActive
Type
boolean
Properties
Defaulted on create, Filter, Group, Sort
Description
Indicates whether the rule is active (true) or not (false). The default value is false.
Language
Type
picklist
Properties
Defaulted on create, Filter, Group, Nillable, Restricted picklist, Sort
Description
The language of the rule. The value for this field is the language value of the org.
MasterLabel
Type
string
Properties
Filter, Group, Sort
Description
Label for the rule.
Metadata
Type
mns:RestrictionRule
Properties
Create, Nillable, Update
Description
The restriction rule’s metadata.
Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance.
RecordFilter
Type
textarea
Properties
Create, Filter, Group, Sort, Update
Description
Required. The criteria that determine which records are accessible via the rule.
TargetEntity
Type
picklist
Properties
Filter, Group, Restricted picklist, Sort
Description
Required. The object for which you're creating the rule. We recommend that you don’t edit this field after the rule is created.
If EnforcementType is set to Restrict, custom objects, external objects, and these objects are supported:
  • Contract
  • Event
  • Task
  • TimeSheet
  • TimeSheetEntry
If EnforcementType is set to Scoping, custom objects and these objects are supported:
  • Account
  • Case
  • Contact
  • Event
  • Lead
  • Opportunity
  • Task
UserCriteria
Type
textarea
Properties
Create, Filter, Group, Sort, Update
Description
Required. The users that this rule applies to, such as all active users or users with a specified role or profile.
Version
Type
int
Properties
Filter, Group, Sort
Description
Required. The rule's version number.

Usage

The following is an example of a RestrictionRule representing a restriction rule.

{
    "FullName":"restriction_rule_tasks_you_own",
    "Metadata": {
        "active":true,
        "description":"Allows users of a specific profile to see only tasks that they own.",
        "enforcementType":"Restrict",
        "masterLabel":"Tasks You Own",
        "recordFilter":"OwnerId = $User.Id",
        "targetEntity":"Task",
        "userCriteria":"$User.ProfileId = '00exxxxxxxxxxxx'",
        "version":1
    }
}

The following is an example of a RestrictionRule representing a scoping rule.

{
    "FullName":"Department A contact scoping rule",
    "Metadata": {
         "active":true,
         "description":"View contacts from Department A.",
         "enforcementType":"Scoping",
         "masterLabel":"SR for Department A",
         "recordFilter":"Department=$User.Department",
         "targetEntity":"Contact",
         "userCriteria":"$User.UserRoleId = '00Exxxxxxxxxxxx'",
         "version":1
    }
}