modification of the RLS framework record level security.

Hi all, 

I have a question, our organization would like to hide some indexes and BOM lines. 
We have a lot of permission groups, that's why we don't want to make a revolution in them.
I started looking for how RLS works and I came across this:
this means that it is enough to find a place where the WHERE clause is modified and simply extend it.

I found the sysSearch.search class and modified it as follows:

but it doesn't work. It looks like it's not called.

Question: did any of you modify RLS and can tell me where and what to modify to hide selected indexes and BOM lines.

No, it doesn’t mean that “it is enough to find a place where the WHERE clause is modified and simply extend it”. The documentation explain how record-level security works (it adds extra filters to queries at runtime, based on how you’ve configured RLS under Administration > Setup > Security > Record Level Security), not what you should do manually.

What exactly are you trying to achieve? In particular, I have no idea what you mean by hiding indexes.

I also don’t understand why you’re changing SysSearch. It doesn’t seem to be related to your requirement in any way.

Martin, thank you for replying. Our goal is to hide some records in the InventTable table (and BOM lines but lets simplyfie case). As you know, RLS is not perfect and has such a disadvantage (feature). One of them is that if you have two groups based on which the user gets access to the inventtable table. and you put RLS on one of them, it’s still full access (based on a group without RLS). With a large number of user groups (300+), We doesn’t want to make a revolution in them. I hoped that I would easily and surely modify the code to achieve this by modifying the module that glues together the conditions of the WHERE clause.

Any of You have experience in this area? or maybe You will suggest some clever idea ? :) 
I will be very grateful

You said your goal is to hide some records, but not what conditions you want to use for that.

If it’s related to security and therefore it should be based on security groups, RLS would be the solution. But if you’re saying that you’re unwilling to change your setup to be able to use RLS, then you’ve just lost your only option.

If what should be hidden is based on different conditions than security, then we could think about a customization.

It seems you thought that you can change how RLS works, but I believe it’s all implemented in AX kernel and therefore you can’t touch it. SysSearch is merely taking RLS into account; it’s not RLS itself.