function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
DarrellDDarrellD 

RecordType Object Security In Flow Not Working?

  1. I have a Contact that has 2 record types Record Type A and Record Type B.
  2. Profile 1 has access only to Record Type A
  3. I have a dynamic choice in a Flow that queries the Record Type object to pull all record types where SObject = "Contact".
  4. When doing #3 above, Profile 1 can see Record Type B.
  5. When going through the Contact object, (i.e. creating a new Contact without Flow, Profile 1 cannot see Record Type B)

Shouldn't Record Type B not be visible to Profile 1 even though it is being accessed through the RecordType Object?

 

Darrell

Best Answer chosen by Admin (Salesforce Developers) 
RajaramRajaram

Queriting for available record types is essentially looking at the metadata and I don't think there are any sharing rules on that table.

However, when you are actually creating a record, sharing rules and other security setting kick in and that is the reacon you really cannot effectively use Record Type B to create records at run-time.

 

makes sense?

All Answers

RajaramRajaram

Queriting for available record types is essentially looking at the metadata and I don't think there are any sharing rules on that table.

However, when you are actually creating a record, sharing rules and other security setting kick in and that is the reacon you really cannot effectively use Record Type B to create records at run-time.

 

makes sense?

This was selected as the best answer
DarrellDDarrellD

Yeah makes sense.  I understood the not being able to create Record Type B, which is what I want, but it's too bad that sharing rules don't apply when querying that table. It was a workaround to enable someone to pick the correct Record Type using Flow Dynamic Choices.  But sounds like that's part of system so I'll have to think about another way to approach that I guess to ensure errors are not generated by selecting Record Type they technicially don't have access to.