Restriction Rules, as the name implies, limit what records users can see and improve security by allowing specific users to access only particular records. Restriction Rules help you filter the data accessible by the user so that you can only access those records that match the criteria specified.
In the past, we would start with the most restrictive setting (i.e., setting OWD to Private for an object) and then gradually open up access utilizing tools like role hierarchy, sharing rules, using teams, etc., to limit the visibility of data in Salesforce.
Take a look at the diagram below. Before restrictions, we started with the most restrictive configuration before gradually allowing access utilizing other features.
However, with Salesforce’s Winter ’22 Release, we can now establish a rule to limit the visibility of records. For instance, we can now apply Restriction rules to hide specific records from specific users even if we have configured the OWD to Public Read or Public Read/Write on an object.
In this post, we will provide insights on the configuration of Restriction Rules, steps to create Restriction Rules, how sharing rules differ from Restriction Rules, and where Restriction Rules exist.
Configuration of Restriction Rules
You can set up these restrictions using the Salesforce Organization Setup, the RestrictionRule Tooling API, or the RestrictionRule Metadata API. In the Developer and Enterprise Editions, as of the Salesforce Winter 22 release, we can establish a maximum of two active restriction rules per object; however, in the Performance and Unlimited Editions, we may create a maximum of five active restriction rules per object.
Steps to Create Restriction Rules
1. Open the Object Manager and choose an object.
2. Click on Restriction Rules > New Rules.
3. Enter the Rule Name and select the active checkbox
4. Choose the users to whom this restriction rule applies in the User Criteria section.
5. Select which records certain users are permitted access to under Record Criteria and click Save.
How are Sharing Rules Different from Restriction Rules?
Sharing Rules are used to grant more comprehensive access to data. Limiting data access with Sharing rules below organization-wide defaults is not possible. In contrast, restriction rules prohibit users from accessing records that include sensitive information or information not necessary for their task.
Where Do Restriction Rules Exist?
The Enterprise, Performance, Unlimited, and Developer Salesforce Editions each have access to Restriction rules.
Objects, tasks, contracts, events, timesheets, and timesheet entries can be restricted with Salesforce Restriction rules. The following Salesforce features are subject to restriction guidelines.
- List Views
- Related Lists
We use Restriction rules to limit what users can see and enhance security by allowing specific users to access only particular records. Using the Restriction rule, we can block access to specific types of records containing sensitive or unnecessary information for their task.
The records a user has access to are filtered by Restriction rules so that they can only access the records that meet the criteria you define.
Do you want to improve security by allowing specific users to access only particular records? Cloud Analogy, one of the best Salesforce Consulting companies, with a team of Competent, Certified Salesforce professionals, can provide affordable Salesforce Consulting Services to grow your business in various ways and act as your trusted Salesforce consulting partner. Reach out to our expert and certified team at Cloud Analogy and start your project today.