Modify and recalculate permission set groups in Apex tests using the calculatePermissionSetGroup() method in the System.Test class. With this method you can force a calculation of aggregate permissions on a permission set group (PermissionSetGroup object) during a deployment.

Where: This change applies to Lightning Experience and Salesforce Classic in all editions.

Why: Permission set group calculations for aggregate permissions are performed after changes are committed. Previously, there was no option to force an immediate calculation of permissions. You weren’t able to easily test permission set groups during deployment as part of an Apex test.

How: The calculatePermissionSetGroup() method can require complex data setup, and each forced recalculation counts against Apex CPU limits. To minimize the number of times you perform this operation in tests, set it to run once in a @testSetup method, and then reuse the resulting data.

https://help.salesforce.com/s/articleView?id=release-notes.rm_forcecom_test_permission_set_groups_apex.htm&release=236&type=5

See assignments for the Manage Users permission in the Salesforce Optimizer app. Build Apex tests for permission set groups more easily with a new Apex test method.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_permissions.htm&release=236&type=5

Now when you create a restriction or scoping rule, you can select a single picklist to choose which users this restriction rule applies to. Selecting a picklist offers more flexibility because you can choose custom picklist values as you build rules. Single picklists are supported in rule criteria in Salesforce or via an API, but multi-select picklists aren’t.

Where: Restriction rules are available in Lightning Experience in Enterprise, Performance, Unlimited, and Developer editions. Scoping rules are available to customers using Unlimited Edition with Signature or Premier Priority Support.

How: To use a picklist in your rule’s user criteria, navigate to Object Manager in Setup. Select the object that you want to add a rule to. Click Restriction Rules or Scoping Rules. Name and describe the rule, and activate it. Select a picklist as the type field in user criteria, and choose a picklist value to determine which users the rule applies to.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing_single_picklists_in_user_criteria.htm&release=236&type=5

Based on criteria that you select, you can set the scope of records that your users see. Use a scoping rule to help your users see only the records that are relevant to them. A scoping rule doesn’t restrict the record access that your users already have. They can still get to all the records that they have access to per your org’s sharing settings.

Where: This change applies to Lightning Experience in Performance and Unlimited editions.

Who: Any partner, ISV, or customer can test scoping rules using a Developer Edition org. Scoping rules are available to customers using Unlimited Edition with Signature or Premier Priority Support. This feature is available only to customers who have purchased professional services, specifically Implementation Architect, Program Architect, or Technical Account Manager.

How: Scoping rules are available for custom objects and these standard objects.

• Account
• Case
• Contact
• Event
• Lead
• Opportunity
• Task

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing_scoping_rules.htm&release=236&type=5

Salesforce now supports field restriction rules, restriction rules, and scoping rules in unlocked packages. Customers with multiple Salesforce orgs can include these rules before creating an unlocked package and installing it in a target environment.

Where: This change applies to unlocked packages.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing_include_rules_unlocked_packages.htm&release=236&type=5

Choose whether to include records owned by high-volume community or system users when you create criteria-based sharing rules.

Where: This change applies to Lightning Experience and Salesforce Classic in Enterprise, Performance, Unlimited, and Developer editions.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing_hvu_records_in_cbs_rules.htm&release=236&type=5

Enable Enhanced Personal Information Management to prevent external users, such as portal or community users or guest users, from viewing other users’ personal information. When you enable the permission, Salesforce blocks 30 personal information fields using a field set called PersonalInfo_EPIM. Customize the user fields that are concealed by adding or removing them from this field set.

Where: This change applies to Lightning Experience in Enterprise, Performance, Unlimited, and Developer editions.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing_manage_PII_fields_via_field_set.htm&release=236&type=5

Enhanced Personal Information Management is enforced, replacing Hide Personal Information in User Management Settings. Use scoping rules so that your users can focus on the records that are relevant to them. Give your users access to records via scoping or restriction rules by using comma-separated values in the rule’s record criteria.

https://help.salesforce.com/s/articleView?id=release-notes.rn_forcecom_sharing.htm&release=240&type=5

Enable Enhanced Personal Information Management to prevent external users, such as portal or community users, from accessing other users’ personal information. This feature, which replaces the Hide Personal Information setting, secures more personal identifiable information (PII) user record fields. You can also decide which custom and standard user fields are considered PII. This update was first available in Spring ’22 and was scheduled to be enforced in Winter ’23, but we postponed the enforcement date to Spring ’23.

Where: This change applies to Salesforce Classic (not available in all orgs) and Lightning Experience in Enterprise, Performance, Unlimited, and Developer editions.

When: This update was first available in Spring ’22 and was scheduled to be enforced in Winter ’23, but we postponed the enforcement date to Spring ’23. To get the major release upgrade date for your instance, go to Trust Status, search for your instance, and click the maintenance tab.

How: From Setup, in the Quick Find box, enter User Management Settings, and then select User Management Settings. If Hide Personal Information is enabled, deselect it. Enable Enhanced Personal Information Management. To customize the user fields that are concealed, add them to a field set.

To review this update, from Setup, in the Quick Find box, enter Release Updates, and then select Release Updates. For Enable Stronger Protection for Your Users’ Personal Information, follow the testing and activation steps.

https://help.salesforce.com/s/articleView?id=release-notes.enable_stronger_protection_for_your_users_personal_information_release_update.htm&release=240&type=5

Multi-factor authentication is required starting February 1, 2022. Keep working with tab-focused dialogs. Improve the performance of assistive technology. Get Ready for the Multi-Factor Authentication Requirement. Starting February 1, 2022, customers are contractually required to use multi-factor authentication (MFA) when accessing Salesforce products. To satisfy this requirement, you can turn on MFA directly in Salesforce or you can use your single sign-on (SSO) provider’s MFA service. Salesforce MFA is available at no extra cost.

https://help.salesforce.com/s/articleView?id=release-notes.rn_general_enhancements.htm&release=236&type=5