As Salesforce developers, it’s crucial to ensure our code respects user permissions and profiles, enforcing the correct access controls. This not only aligns with best practices but also maintains the integrity and security of your Salesforce data. In this blog post, we’ll explore how to use the database methods available in Apex to check object and field accessibility, and we’ll include some practical coding examples.
Why Check Object and Field Accessibility?
Before diving into the technical details, let’s understand the benefits of checking object and field accessibility:
- Data Security: Ensuring users can only access the data they are permitted to view prevents unauthorized access and protects sensitive information.
- Compliance: Many industries have strict data privacy regulations. Verifying accessibility helps maintain compliance with these regulations.
- Error Prevention: Attempting to access objects or fields that a user doesn’t have permission to view can lead to runtime errors. Pre-checks can prevent these errors.
- User Trust: Adhering to permission sets and profiles builds trust with users, ensuring they have a consistent and secure experience.
Understanding Schema Methods in Apex
Apex provides several built-in methods in the Schema class to check for object and field accessibility. These methods help enforce security and permission checks in your code. The key methods we’ll discuss are:
Schema.sObjectType-
Schema.DescribeSObjectResult -
Schema.DescribeFieldResult
Checking Object Accessibility
To check if a user has access to a specific object, you can use the Schema.sObjectType method followed by the isAccessible method on the DescribeSObjectResult object. Here’s an example:
Example: Checking Object Accessibility
public with sharing class ObjectAccessibilityChecker {
public static Boolean isObjectAccessible(String objectName) {
Schema.DescribeSObjectResult describeResult = Schema.getGlobalDescribe().get(objectName).getDescribe();
return describeResult.isAccessible();
}
public static void exampleUsage() {
String objectName = 'Account';
if (isObjectAccessible(objectName)) {
System.debug(objectName + ' is accessible.');
} else {
System.debug(objectName + ' is not accessible.');
}
}
}
In this example, isObjectAccessible takes the name of an object and returns true if the object is accessible, and false otherwise. The exampleUsage method demonstrates how to use this function.
Checking Field Accessibility
Similar to objects, you can check the accessibility of fields using the Schema.sObjectType method, followed by getDescribe on the field and isAccessible on the DescribeFieldResult object. Here’s how to do it:
Example: Checking Field Accessibility
public with sharing class FieldAccessibilityChecker {
public static Boolean isFieldAccessible(String objectName, String fieldName) {
Schema.DescribeFieldResult describeFieldResult = Schema.getGlobalDescribe()
.get(objectName)
.getDescribe()
.fields
.getMap()
.get(fieldName)
.getDescribe();
return describeFieldResult.isAccessible();
}
public static void exampleUsage() {
String objectName = 'Account';
String fieldName = 'Phone';
if (isFieldAccessible(objectName, fieldName)) {
System.debug(fieldName + ' field of ' + objectName + ' is accessible.');
} else {
System.debug(fieldName + ' field of ' + objectName + ' is not accessible.');
}
}
}
In this example, isFieldAccessible takes the name of an object and a field, and returns true if the field is accessible, and false otherwise. The exampleUsage method demonstrates how to use this function.
Combined Object and Field Accessibility Check
Sometimes, you might want to check both object and field accessibility together. Here’s an example that combines both checks:
Example: Combined Object and Field Accessibility Check
public with sharing class CombinedAccessibilityChecker {
public static Boolean isObjectAndFieldAccessible(String objectName, String fieldName) {
Boolean objectAccessible = isObjectAccessible(objectName);
if (!objectAccessible) {
return false;
}
Boolean fieldAccessible = isFieldAccessible(objectName, fieldName);
return fieldAccessible;
}
public static Boolean isObjectAccessible(String objectName) {
Schema.DescribeSObjectResult describeResult = Schema.getGlobalDescribe().get(objectName).getDescribe();
return describeResult.isAccessible();
}
public static Boolean isFieldAccessible(String objectName, String fieldName) {
Schema.DescribeFieldResult describeFieldResult = Schema.getGlobalDescribe()
.get(objectName)
.getDescribe()
.fields
.getMap()
.get(fieldName)
.getDescribe();
return describeFieldResult.isAccessible();
}
public static void exampleUsage() {
String objectName = 'Account';
String fieldName = 'Phone';
if (isObjectAndFieldAccessible(objectName, fieldName)) {
System.debug(fieldName + ' field of ' + objectName + ' is accessible.');
} else {
System.debug(fieldName + ' field of ' + objectName + ' is not accessible.');
}
}
}
In this example, isObjectAndFieldAccessible first checks if the object is accessible. If it is, it then checks if the field is accessible. The exampleUsage method demonstrates how to use this function.
Conclusion
Ensuring that your Apex code respects user permissions and access controls is crucial for building secure and reliable Salesforce applications. By using the Schema methods provided by Apex, you can easily check if objects and fields are accessible to the current user, thereby enforcing security best practices in your code.
Benefits Recap:
- Data Security: Prevent unauthorized data access and protect sensitive information.
-
Compliance: Maintain adherence to industry regulations.
-
Error Prevention: Avoid runtime errors due to unauthorized access.
-
User Trust: Ensure a secure and consistent user experience.
These examples demonstrate how to implement these checks in your Apex classes. Incorporating such checks in your code can help prevent unauthorized data access and maintain data integrity across your Salesforce org.
Remember, respecting user permissions is not just a best practice—it’s essential for maintaining trust and security in your Salesforce applications. Happy coding!
For more information checkout the below articles :
