Hello, We're attempting to use Restriction Rules for the first time to improve security in an Experience Cloud site. The goal of the rule we're testing is to restrict the visibility of certain custom objects based on fields which identify the site user's Account. The rule we're testing works on the custom object Property__c. It has a simple user criteria which appears to work fine: $User.ProfileId='00e4J000001U25F' (i.e. custom Profile for Customer Community Plus Users' The record criteria is of type Record Field Field: [Property__c].Property_Owner__c (Master-Detail Account) Operator: Equals Type: Current User Value: $User.AccountIdFromContactID__c (String) The field AccountIdFromContactID__c has been populated with the site user's AccountId (i.e. User->ContactId->AccountId). When we activate the rule, the user cannot see any records of the Property__c object. However, if we change the rule's record criteria to ID and paste in the value of Test User->AccountIdFromContactID__c, the restriction rule works as expected. I'd be grateful for any help in understanding what we're doing wrong in this case.
Hello,
I suspect in this case the Account Field on the User Object counts as a Formula.
If you build a Text Field on the User Record and stamp this on User Creation or Contact Update then your Restriction Rule should work as expected.
These rules do not currently support formulas.
I did a write up of these recently here too if you are interested;
https://www.salesforceben.com/salesforce-restriction-rules/
Thanks, Tom
