Applying Role-Based Restrictions to Custom Records

On a role record, you can restrict the access of users with that role to standard records, based on these records' values for department, class, location, employee, and subsidiary (OneWorld) fields. For example, you could set an employee-based restriction for the Sales Manager role so that those users see only records where they or their subordinates are the sales rep.

For details about setting these restrictions, see the following topics.

You can apply the restrictions set on role records for a particular category (department, class, location, employee, or subsidiary) to a custom record, by checking the Apply Role Restrictions box for a list/record custom field that stores values in one of these categories. For example, if you check this box for an Employee list/record custom field, the employee-based restriction set on the Sales Manager role record is applied to this custom record. Those users see only custom records where they or their subordinates are the value for the custom field.

When a custom record has a field that permits restrictions, and the Apply Role Restrictions box is checked, empty fields aren't included when the restrictions are applied. With role restrictions enabled for a custom record, you can't view or edit records where the role-related field is empty. For example, if your user role is restricted to Subsidiary A, and a custom record is created that does not specify a subsidiary, your view is restricted to Subsidiary A. You'll only see records with Subsidiary A selected, and you won't see any records with blank subsidiary fields.

Choose the next step, based on your needs:

Related Topics