Applying Role-Based Restrictions to Custom Records

On a role record, you can restrict the access of users with that role to standard records, based on these records' values for department, class, location, employee, and subsidiary (OneWorld) fields. For example, you could set an employee-based restriction for the Sales Manager role so that those users see only records where they or their subordinates are the sales rep.

For details about setting these restrictions, see the following topics.

You can apply the restrictions set on role records for a particular category (department, class, location, employee, or subsidiary) to a custom record, by checking the Apply Role Restrictions box for a list/record custom field that stores values in one of these categories. For example, if you check this box for an Employee list/record custom field, the employee-based restriction set on the Sales Manager role record is applied to this custom record. Those users see only custom records where they or their subordinates are the value for the custom field.

When a custom record has a field that permits restrictions, and the Apply Role Restrictions box is checked, empty fields are not included when the restrictions are applied. When role restrictions are enabled for a custom record, there is no way to view or edit a record where the role-related field is empty. For example, if your user role is restricted to Subsidiary A, and a custom record is created that does not specify a subsidiary, your view is restricted to Subsidiary A. You will see only records where Subsidiary A is selected, and you will not see any records with empty subsidiary fields.

Complete one of the following, as needed:

Applying Role-Based Access Restrictions to Custom Records if the Class, Department, Location, or Subsidiary Field Does Not Yet Exist

The following procedure describes how to apply role-based access restrictions to a custom record if the class, department, location, or subsidiary field does not yet exist.

To apply role-based access restrictions to a custom record if the class, department, location, or subsidiary field does not yet exist:

  1. On the Fields subtab of a custom record definition page, click New Field.

  2. On the new field definition page:

    1. Enter a name for the field.

    2. From the Type list, select List/Record.

    3. From the List/Record list, select Class, Department, Location, Employee, or Subsidiary.

    4. Check the Apply Role Restrictions box.

    5. Complete other settings for the custom field as needed, and click Save. For more information, see Adding Fields to Custom Record Types.

Applying Role-Based Access Restrictions to a Custom Record if the Field Already Exists

The following procedure describes how to apply role-based access restrictions to a custom record if the field already exists.

Note:

Applying center-based restrictions to custom records is similar to applying role-based restrictions to custom records. For more information about how you can prevent sensitive data from being displayed to unauthorized contacts, see Limiting Search Access to Custom Records.

To apply role-based access restrictions to a custom record if the field already exists:

  1. On the Fields subtab of a custom record definition page, click the field name.

  2. On the field definition page, check the Apply Role Restrictions box and click Save.

Related Topics

Creating Custom Record Types
Creating a New Custom Record Type
Entering Name and Display Settings
Specifying Permission and UI Settings
Configuring File and Child Record Settings
Defining Search and Edit Settings
Adding Fields to Custom Record Types
Limiting Search Access to Custom Records
Adding Subtabs to a Custom Record
Choosing an Icon for a Custom Record
Numbering Custom Record Types
Adding Custom Forms for a Record
Online Custom Record Forms
Setting Up a Permissions List for a Custom Record Type
Creating Links to Custom Records
Adding Translations for Custom Records

General Notices