Which method restricts row-level access to only users owning specific records?

The correct method to restrict row-level access to users who own specific records is found in the choice that compares 'OwnerId' to '$User.Id'. In a CRM system, each record has an associated owner, identified by the OwnerId field. When you enforce data visibility based on the owner's identity, the system checks if the OwnerId of a record matches the unique identifier of the user making the request.

By using this comparison, only records that have been assigned to the specific user will be accessible to them. This is essential for maintaining data integrity and ensuring that sensitive information is only visible to those who are authorized based on their ownership of that data.

In contrast, the other methods do not focus on the actual ownership of records. For instance, comparing 'UserId' to '$User.Id' might reference a different context or aspect of user access that is not specifically about record ownership. The same goes for 'Record.Id' and '$Role.Id' comparisons; they address other dimensions of security or access control rather than directly linking a user's identity to the ownership of specific records.