RestrictionRule
Supported SOAP API Calls
create(), delete(), describeSObjects(), query(), retrieve(), update(), upsert()
Supported REST API Methods
DELETE, GET, HEAD, PATCH, POST, Query
Special Access Rules
Only users with the View Restriction and Scoping Rules permission can view restriction rules and scoping rules via the API. Only users with the Manage Sharing permission can view, create, update, and delete restriction rules and scoping rules.
Fields
| Field | Type | Properties | Description |
|---|---|---|---|
| Description | textarea | Filter, Group, Nillable, Sort | Required. The description of the rule. |
| DeveloperName | string | Filter, Group, Sort | The unique name for the RestrictionRule object. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. This field is automatically generated, but you can supply your own value if you create the record using the API. Only users with View DeveloperName OR View Setup and Configuration permission can view, group, sort, and filter this field. |
| EnforcementType | picklist | Defaulted on create, Filter, Group, Restricted picklist, Sort | Required. The type of rule. Possible values are: FieldRestrict—Don't use, Restrict—Restriction rule, or Scoping—Scoping rule. |
| FullName | string | Create, Group, Nillable | Required. The full name of the associated RestrictionRule in Metadata API. The full name can include a namespaceprefix. Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance. |
| IsActive | boolean | Defaulted on create, Filter, Group, Sort | Indicates whether the rule is active (true) or not (false). The default value is false. |
| Language | picklist | Defaulted on create, Filter, Group, Nillable, Restricted picklist, Sort | The language of the rule. The value for this field is the language value of the org. |
| MasterLabel | string | Filter, Group, Sort | Label for the rule. |
| Metadata | mns:RestrictionRule | Create, Nillable, Update | The restriction rule's metadata. Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance. |
| RecordFilter | textarea | Create, Filter, Group, Sort, Update | Required. The criteria that determine which records are accessible via the rule. |
| TargetEntity | picklist | Filter, Group, Restricted picklist, Sort | Required. The object for which you're creating the rule. We recommend that you don't edit this field after the rule is created. |
| UserCriteria | textarea | Create, Filter, Group, Sort, Update | Required. The users that this rule applies to, such as all active users or users with a specified role or profile. |
| Version | int | Filter, Group, Sort | Required. The rule's version number. |
If EnforcementType is set to Restrict, custom objects, external objects, and these objects are supported:
- Contract
- Event
- Quote
- Task
- TimeSheet
- TimeSheetEntry
If EnforcementType is set to Scoping, custom objects and these objects are supported:
- Account
- Case
- Contact
- Event
- Lead
- Opportunity
- Task
Usage
The following is an example of a RestrictionRule representing a restriction rule.
1{
2 "FullName":"restriction_rule_tasks_you_own",
3 "Metadata": {
4 "active":true,
5 "description":"Allows users of a specific profile to see only tasks that they own.",
6 "enforcementType":"Restrict",
7 "masterLabel":"Tasks You Own",
8 "recordFilter":"OwnerId = $User.Id",
9 "targetEntity":"Task",
10 "userCriteria":"$User.ProfileId = '00exxxxxxxxxxxx'",
11 "version":1
12 }
13}The following is an example of a RestrictionRule representing a scoping rule.
1{
2 "FullName":"Department A contact scoping rule",
3 "Metadata": {
4 "active":true,
5 "description":"View contacts from Department A.",
6 "enforcementType":"Scoping",
7 "masterLabel":"SR for Department A",
8 "recordFilter":"Department=$User.Department",
9 "targetEntity":"Contact",
10 "userCriteria":"$User.UserRoleId = '00Exxxxxxxxxxxx'",
11 "version":1
12 }
13}