+ Start a Discussion
Jon SetoJon Seto 

Can I prevent a User from seeing their own record?

I have a custom object for Candidate that is set to Private and I would like users to have access to all Candidate records except their own record (regardless of who actually owns the record).

I thought about using sharing rules but sharing rules can't look up a "current user" and compare it to the subject of the Candidate record. Any other suggestions?

Andrew GAndrew G
Hi Jon
Interesting scenario.  I assume you have a job application app in which Candidates apply for Roles and you have a situation where existing (internal) employees are applying for roles, and therefore you want to limit their access, but allow them to review other Candidates going for other Roles.

Just a couple of random and possibly incomplete thoughts which I have not tried.

Make the Candidate object Private.
Create a user "Candidate Owner"
Assign "Candiate Owner" as the owner of all Candiate records
Create a VF page with Controller.
In the controller use the System.runAs () method to run as "Candidate Owner" but have the SOQL query exclude any record with  Candidate Name == $User.Name

Make the Candidate object Private.
Have a check box on Candidate object - "Internal Applicant" but not shown on layouts.
Have a process builder marks the "checkbox" if the $user.name === candidate name
Have a Group "internal Candidate reviewers"
Have a share rule on Criteria - if "internal Applicant" share with "internal Candidate reviewers"
Have a second group "general Candidate reviewers"
Have a share rule on Criteria - if NOT "internal Applicant" share with "general Candidate reviewers"

It would that some people would be in two groups.  And this assumes that the same group is always reviewing internal applications.
If you have multiple tiers, for example, Employees, Team Leaders, Middle Managers, Managers, you could have a Picklist on the Role which is inherited to the Candidate record (on creation of Candidate) with values of Level and then add additional criteria to the share rule to change which group the records are shared with.

Not sure how well either would actually work, but only thoughts I have that I have not discarded.