Field $UserRole.Name is inaccessible

Published in Troubleshooting Exceptions

A bit of backstory
In the last release (Spring '20) Salesforce added new permission View Roles and Role Hierarchy that used to provide access to user roles.

And what's wrong?
The problem hidden in using $UserRole in validation rules. Please note that issue impact only users without mentioned permission(community users as an example). If the user does not have the View Roles and Role Hierarchy permission, then the user will see the next error message when running validation rule:

Validation Formula "XXX" Invalid (Field $UserRole.Name is inaccessible. Please review all fields referenced by the formula. Context: common.config.entity.ValidationFormulaContext)

Is there currently a workaround in place?
You can create a new formula field on the User object that will store the User Role value. To do it, go to the User object and create a new formula field UserRole__c with the next formula: UserRole.DeveloperName. It is the best practice to always use the DeveloperName, since it is less likely to change and must be unique in your org. Then you should review all your validation rules that have reference to the $UserRole object and replace it with the $User.UserRole__c.

Salesforce Support comments
This is a expected behavior in Spring 20 when the $UserRole was used as a reference in any process or automation. For now, the said permission should be active for those users who needs to upate a record where the $UserRole is referenced. But when it comes with the Workflow and Process Builder they are just used as reference and not checking the entire userrole details.

Useful links:
Tagged under: Validation Rule Spring'20

Comments powered by CComment