I'm fairly new to Salesforce. I'm trying to set up some of our rules and functionality in Salesforce and I was wondering if there is a way (or which is the better one) to restrict a user to edit a Contact info, only when the value of a custom field in the contact is "checked". Otherwise the user should be able to only see the Contact info.
Update 1: Thanks for all the answers. This is the scenario, maybe it'll be clear: the Marketing profile, is going to be making phone calls to our Contacts. These Contacts have a custom field (checked / not checked). And what we need is that if the field is checked the Marketing profile just can see the contact info, but if is not checked he can see it and edit. I've already have a layout assigned to that profile with the contact info he should be allowed to see and edit. But I don't know how to restrict the edit in some of the cases (when the custom field is checked).
I'm just trying to learn and find out the best approach to that situation.
Update 2: Would it work (or would it be a good practice) to create 2 criteria based sharing rules for Contacts, the first one with read/write access and the other one with just read access?
Best Answer
You could do something like that, but a lot of it will depend on how you have your whole sharing/security model set up (e.g., what org-wide defaults, profiles, sharing rules, and also role-hierarchy) and the relationship among the users that can and cannot check the checkbox.
Check out the Objects, Fields, Page Layouts, and Security section on the Developer Force Documentation site. After you read the documentation you may see that using different features of the sharing model will better satisfy whatever you're trying to do.
I'm making a lot of assumptions about your org here, so this answer could be way off, but at the least it can get you thinking about the different concepts along with reading the documentation.
I'm illustrating this with just two simple profiles, you might have more profiles, existing profiles, permission sets, etc. This answer just sets what fields will show up as available on the page layout, so if the user has some other way to edit the fields this wouldn't address that.
Answer 1
Two profiles for the two different types of users:
Create two page layouts:
Create two record types:
Create two workflow rules to update the record type field on the Contact:
Set up the Page Layout Assignments as follows:
Profile Allower: Allowed Record and Not Allowed Record both get assigned the All Fields layout. This enables the Allower to always see all fields, including the checkbox.
Profile User: Allowed Record gets All Fields Layout (FLS still prevents changing the checkbox, though), but Not Allowed Record gets Limited Fields layout.
Answer 2
You can use a criteria based sharing rule on the Contact. If this works for you it is simpler and more thorough than my Answer 1, so I'd go with it.
For example: