I'm setting the Record-Level Security and I have this Expression:
if( a!isUserMemberOfGroup(username: loggedInUser(), groups: cons!MIN_Administrator), /* Show all records */ null(), /* Show only records that belong to the particular company*/ a!queryFilter( field: 'recordType!{5608cfad-fc67-4a81-93b5-722c9b55f2c5}MIN Test API.fields.{d1b51e83-1de8-430a-8d7c-e6e433601ad4}company', operator: "=", value: "*CompanyNameAsAParameter*" ))
If the current user belongs to the Administrators group, they'll see all records; otherwise, they'll only see those whose "company" field has a specific value ("*CompanyNameAsAParameter*"). This value will vary depending on the logged-in user. Is it possible to pass this parameter from the interface, or is there a workaround?
Discussion posts and replies are publicly visible
danielg424213 said:f the current user belongs to the Administrators group, they'll see all records;
You can directly define this as a security rule.
danielg424213 said:they'll only see those whose "company" field has a specific value ("*CompanyNameAsAParameter*"). This value will vary depending on the logged-in user. Is it possible to pass this parameter from the interface, or is there a workaround?
Record security works with groups. If you create a group for each company and add the users having access to this company as members, you can easily define this as a security rule. This is only feasible if the number of companies is not to high.