Applying Role-Based Restrictions to Custom Records
On a role record, you can restrict the access of users with that role to standard records, based on these records' values for department, class, location, employee, and subsidiary (OneWorld) fields. For example, you could set an employee-based restriction for the Sales Manager role so that those users see only records where they or their subordinates are the sales rep.
For details about setting these restrictions, see the following topics.
You can apply the restrictions set on role records for a particular category (department, class, location, employee, or subsidiary) to a custom record, by checking the Apply Role Restrictions box for a list/record custom field that stores values in one of these categories. For example, if you check this box for an Employee list/record custom field, the employee-based restriction set on the Sales Manager role record is applied to this custom record. Those users see only custom records where they or their subordinates are the value for the custom field.
When a custom record has a field that permits restrictions, and the Apply Role Restrictions box is checked, empty fields are not included when the restrictions are applied. When role restrictions are enabled for a custom record, there is no way to view or edit a record where the role-related field is empty. For example, if your user role is restricted to Subsidiary A, and a custom record is created that does not specify a subsidiary, your view is restricted to Subsidiary A. You will see only records where Subsidiary A is selected, and you will not see any records with empty subsidiary fields.
Complete one of the following, as needed:
Applying Role-Based Access Restrictions to Custom Records if the Class, Department, Location, or Subsidiary Field Does Not Yet Exist
The following procedure describes how to apply role-based access restrictions to a custom record if the class, department, location, or subsidiary field does not yet exist.
To apply role-based access restrictions to a custom record if the class, department, location, or subsidiary field does not yet exist:
-
On the Fields subtab of a custom record definition page, click New Field.
-
On the new field definition page:
-
In the Label l field, enter a name for the field.
-
From the Type list, select List/Record.
-
From the List/Record list, select Class, Department, Location, Employee, or Subsidiary.
-
Check the Apply Role Restrictions box.
-
Complete other settings for the custom field as needed, and click Save. For more information, see Adding Fields to Custom Record Types.
-
Applying Role-Based Access Restrictions to a Custom Record if the Field Already Exists
The following procedure describes how to apply role-based access restrictions to a custom record if the field already exists.
Applying center-based restrictions to custom records is similar to applying role-based restrictions to custom records. For more information about how you can prevent sensitive data from being displayed to unauthorized contacts, see Limiting Search Access to Custom Records.
To apply role-based access restrictions to a custom record if the field already exists:
-
On the Fields subtab of a custom record definition page, click the field name.
-
On the field definition page, check the Apply Role Restrictions box and click Save.
Related Topics
- Creating Custom Record Types
- Creating a New Custom Record Type
- Entering Name and Display Settings
- Specifying Permission and UI Settings
- Configuring File and Child Record Settings
- Defining Search and Edit Settings
- Adding Fields to Custom Record Types
- Limiting Search Access to Custom Records
- Adding Subtabs to a Custom Record
- Choosing an Icon for a Custom Record
- Numbering Custom Record Types
- Adding Custom Forms for a Record
- Online Custom Record Forms
- Setting Up a Permissions List for a Custom Record Type
- Creating Links to Custom Records
- Adding Translations for Custom Records