Salesforce: Clean Validation Rules

Validation rules offer a business to ability to control access and improve the quality of data that is entered into the platform. The way you implement the validation rule can either be written to grow with the business or can become a hinderance for the admin or support team. The purpose of this article is to provide you with some alternate solutions to constructing validation rules to grow with the business as well as add flexibility to the platform.

In my experience, some validation rules are written with a reference to a profile. For example, the business has a rule set in place that no user should be allowed to change the Opportunity Stage unless they are an admin. What may come of this business logic is that a developer or admin writes a rule similar to:

The problem here is that, most business will have individuals that need be able to change this value, but are not provided the full access that a System Administrator profile provides to the platform. In this case you would continually need to update the validation rule to include the profiles that are allowed to bypass this validation rule.

Another example of how validation rules can hinder the growth of an organization is when they are written to specify certain profiles. When Salesforce is first being implemented in an organization the number of profiles may be limited. Let’s say you have a custom profile as ‘Field Sales’ and those users are not permitted to change the opportunity stage. However, as the implementation grows, you add more profiles like ‘Field Marketing’, ‘Field Support’. As those profiles are added, you must then update any and all validation rules rules for those users. That can become problematic and may take a release cycle to change. Also, in writing validation rules that call out a specific profile, you lose the flexibility to bypass them for specific individuals.

How do we address those issue, with APEX right? Not so fast my friend, I will provide two examples of how validation rules can be written and implemented to not only grow with a company, but to also offer the flexibility to allow individual users to bypass a validation rule. Let’s take a look at how we can meet our business’ needs, while showing them the speed and flexibility of the platform.

Example 1: Validation Rules using Custom Permissions

In this example, I will demonstrate how you can use a Custom Permission in a permission set to allow an individual user the ability to bypass a validation rule. This will address the need to maintain data integrity while offering the flexibility for certain individuals the ‘administrative’ access they need without providing them the full System Administrator access. I will use the same business use case of not allowing users to change the Opportunity Stage Name.

Step 1: Create a Custom Permission

• Go to Setup -> Custom Permission -> and click “New”
• Create a custom permission, in this case I am calling it “SkeletonKey” as it is a key that will unlock validation rules

Step 2: Create a Permission Set

• Go to Setup -> Permission Sets -> and click “New”
• For demonstration purposes, I named my permission set, “Validation Rules Bypass Custom Permission” just so you can see I am using a custom permission to bypass a validation rule.
• Once you have created the permission set, go the the Custom Permission section:

• From the Custom Permission section, you will want to select the custom permission, “Skeleton Key” (or whatever you named it)

Step 3: Writing the Validation Rule

• Go to the Object you want the validation rule for (in this case I want the validation rule for the opportunity object) and click “New”
• Begin your validation rule with an ‘And’ statement because you want to set a condition that the stage name is changed AND the user making the change does not have the custom permission, “Skeleton Key”.

• Next click on the “Insert Field” box -> $Permission> -> and select the custom permission you created in Step 1.

• Finally set that custom permission you selected to equal FALSE so that any user that has that customer permission can bypass the validation rule.

• Finally add your error message and ensure that the validation rule is set to “Active”.

Step 4: Add Users to the Permission Set

• After you have created created the Custom Permission, Permission Set, and the Validation Rule, you just need to add the Permission Set to the users who the business dictates can bypass the validation rule.
• Setup -> Permission Sets -> Select the permission set you created in Step 2 ->Manage Assignments -> Add Users -> Select the users to bypass the validation rule -> Assign

Pros:

1. No need to constantly update validation rule for the addition of new profiles
2. Flexibility to assign individual users

Cons:

1. Manually assign users to the permission set
2. Cannot add to an entire profile

As you can see from Example 1, there is a flexible way of creating validation rules so that you don’t need to have to wait a developer cycle to add in new profiles to the validation rule; you can specify specific individuals that carry admin like responsibilities to bypass the validation rule without providing them the full access of a system administer. However the downside to writing a validation rule using a custom permission is the manual assignment of the permission set. This can become an issue when you have to provide bypass access to an entire profile. In Example 2, I will show a way to address the individual user assignment and a blanket assignment to a profile.

Example 2: Custom Setting Validation Rules

As previously mentioned, having the flexibility to create validation rules flexible enough to accommodate new profiles is very appealing. It is also appealing to allow certain profiles, like System Administrator, business administrators or individuals the ability to bypass validation rules. In this example, I will show you the scaled flexibility of using a custom setting in a validation rule to provide both individual and profile level flexibility to bypass the validation rule.

Step 1: Create Custom Setting

• Setup -> Custom Settings -> New
• For this example, I am creating a custom setting called, “Validation Rule Bypass” and an Object named, “VBR”. You will need to remember the name of the object in Step 3, Creating Validation Rule.

Step 2: Custom Setting Field

• To be isolate users and profiles that are permitted in bypassing the validation rule, you will need a checkbox field defaulted to FALSE. I will explain the need for this in the next step.

Step 3: Creating the Validation Rule:

• Go to the object you want the validation rule for
• Setup -> Object Manager -> Opportunity -> Validation Rules -> New
• Just like in Example 1, you will want to write the validation rule with an “AND” function so that the rule will evaluate the change to the Opportunity Stage field AND it will evaluate that the user has the custom setting. It should look something like this:

• The second part of the AND function evaluates whether the user has the custom setting. If you remember in Step 2, I created a checkbox field defaulted to FALSE. In this validation rule, the rule evaluates if the user editing the page has that field equal to FALSE. If they do, the rule will fire; if they have the value of the field equal to TRUE they will be able to bypass the rule.

Step 4: Assigning Users and Profiles to the Custom Setting

• The last step in this process is to identify Users or Profiles that are exempt from the validation rule.
• Setup -> Custom Setting -> Select “Manage” next to the custom setting made in Step 1 -> New

• This is where you can select either a User or a Profile and then select the checkbox you made in Step 2.

This type of validation rule now allows the business to define either individual users like the validation rule using a custom permission and permission set, but also provides the business the ability to allow bypass of the validation rule on a profile level! This method of creating validation rules provides the fasted and most flexible means to creating consistency in writing validations with either user or profile exemptions.

Pros:

1. Allows individual assignment to bypass rules
2. Allows profiles to bypass rules
3. Control who can bypass rules in a single setting
4. Grows with the organization

Cons:

1. Manual assignment to the custom setting