Restriction Rule Example Scenarios
Available in: Lightning Experience |
Available in: Enterprise, Performance, Unlimited, and Developer Editions |
To implement these examples, navigate to a supported object in the Object Manager and click Restriction Rules.
Allow Users to See Only Specified Record Type
This restriction rule allows the designated users to see only the records that have a specified record type.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].UserRoleId | Equals | ID | 00Exxxxxxxxxxxx | |
Record Criteria | [Object].RecordType.Name | Equals | String | Sample Record Type Name |
Allow Users to See Only Records That They Own
This restriction rule allows users with the designated profile to see only the tasks that they own.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].ProfileId | Equals | ID | 00exxxxxxxxxxxx | |
Record Criteria | [Task].Owner:User.Id | Equals | Current User | $User.Id |
Allow Users to See Only Records Owned by Same Role
This restriction rule allows active users to see only the events owned by users that have the same role.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].IsActive | Equals | Boolean | True | |
Record Criteria | [Event].Owner:User.UserRoleId | Equals | Current User | $User.UserRoleId |
Allow Users to See Only Records Owned by Same Profile
This restriction rule allows active users to see only the events owned by users that have the same profile.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].IsActive | Equals | Boolean | True | |
Record Criteria | [Event].Owner:User.ProfileId | Equals | Current User | $User.ProfileId |
Allow Users to See Records Based on a Custom Field
This restriction rule allows high-volume users to see only the contracts where the user's department matches the contract's department. This rule uses a custom field, Department__c that must have the appropriate value set through Apex, Process Builder, workflows, or flows.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].UserType | Equals | Picklist | High Volume Portal | |
Record Criteria | [Contract].Department__c | Equals | Current User | $User.Department |
Allow Users to See an External Object's Records
This restriction rule allows active Salesforce users to see the records of an external object called Purchase Order. The rule uses a field called IsClosed on Purchase Order records in its record criteria.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].Department | Equals | String | Accounting | |
Record Criteria | [PurchaseOrder__X].IsClosed__c | Equals | String | false |
Provide User Access With Multiple String or ID Values in Record Criteria
This restriction rule allows active users to see records whose Name__c field matches the rule’s record criteria values. The record criteria contains strings separated by a comma. ID values are also supported. Double-quotes specify that the value inside the quotes isn’t considered a delimiter.
This rule uses a custom object called Agent__c with a custom text field called Name__c.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].IsActive | Equals | Boolean | True | |
Record Criteria | [Agent__c].Name__c | Equals | String | Tom, Anita, “Torres, Jia” |
This restriction rule allows active users to see records owned by two different managers. In this example, the rule’s record criteria contains ID’s separated by a comma.
Criteria | Click Path | Field | Operator | Type | Value |
---|---|---|---|---|---|
User Criteria | [$User].IsActive | Equals | Boolean | True | |
Record Criteria | [Agent__c].Owner:User:ManagerId | Equals | ID | 001xx000003HNy7, 001xx000003HNut |