Currently I have this in a Validation Rule:
$Profile.Name <> "System Administrator"
I would like to add another condition that checks a Permission Set. I have found a solution that uses Custom Permissions and I followed the following steps:
1) Create the Custom Permission Set that needs to be referenced
2) Create a Custom Permission called the same name as the Custom Permission Set
3) Add the Custom Permission to the Custom Permission Set
4) Reference the Custom Permission as a Global Variable in the required Formula/Workflow Rules/Validation Rule ($Permission.Custom_Permission_Name).
So what does that look like in the Validation Rule? If I want to only allow System Administrators and members of my Permission Set to do change certain fields. . .
AND($Setup.Master_Automation__c.ValidationRulesEnabled__c == true,
Locked__c == false,
NOT( ISNEW() ),
OR(ISCHANGED(ADCVD_Order__c), ISCHANGED(Investigation__c),ISCHANGED(Petition__c),ISCHANGED(Segment__c),ISCHANGED(Suspension_Agreement__c)),
AND( $Profile.Name <> "System Administrator",
NOT($Permission.ADCVD_App_Modify_Parents))
)
Is that correct?
Best Answer
Technically, your new rule is just fine, but it could be optimized a bit to make it easier to read.
Strictly speaking, the
$Profile.Name <> "System Administrator"is no longer necessary; you can add Custom Permissions to a Profile as well as a Permission Set.You can reduce your code to just:
Note that I applied de Morgan's laws to convert the Locked__c and ISNEW from a NOT A AND NOT B to a NOT (A OR B); feel free to leave it the way it was if you don't understand how this works (or just trust that it does).