Restriction Rules enhance the security of our Salesforce org by allowing certain users to access only specified records. They can prevent record access of certain type which contains sensitive data. For some objects eg: Contact, Task, Event it’s hard to control access as once you have parent record access you can view child records. In the case of Parent-child relationship, sometimes we can not control the data access using existing options. So Restriction Rules provide more controls here. Restriction rules are available for custom objects, contracts, tasks, events, time sheets, and time sheet entries.
Impact of Restriction Rules On Other Sharing Settings
When we apply Restriction Rules it only display records which match the rule criteria. As it further restrict the records, so this is kind of similar of what we have in List view, Report or lookup filter. But this is more secure and work on per user basis.
How Can We Create Restriction Rules in Salesforce
Firstly, navigate to Object Manager in Setup. Select the object that we want to add a restriction rule. Click Restriction Rules. Name and describe the rule and activate it. Select a user field and choose filter settings to determine which users the rule applies to. Then, select a record field and choose filter settings to determine which records are accessible.
As we can see in above example we pass the rule details and made it active. After that we have added the user and finally we can add the record selection criteria.
As of Winter 22, we can create up to two restriction rules per object in Enterprise and Developer Editions and up to five restriction rules per object in Performance and Unlimited Editions.
Where Are Restriction Rules Available?
Restriction rules are available for custom objects, contracts, events, tasks, time sheets, and time sheet entries. Restriction rules are applied to the following Salesforce features:
- List Views
- Lookups
- Related Lists
- Reports
- Search
- SOQL
- SOSL
So Restriction rules in Salesforce are great enhancement. As they give us control to further restrict the data access. You can also check Salesforce Winter 22 release notes here for more such updates. What else you want to add in restriction rules, let me know in comments. Happy Programming 🙂