Enforcing Field Level Security In SOQL queries

Enforcing Field Level Security is tough task when its comes to Apex because with sharing take care of record level security and Schema.sObjectType With isAccessible() used for FLS in Apex currently

To Enhance the Field Level Security in Apex Salesforce Introduced FLS in SOQL Query with WITH SECURITY_ENFORCED clause

Use the WITH SECURITY_ENFORCED clause to enable checking for field- and object-level security permissions on SOQL SELECT queries, including subqueries and cross-object relationships.

If fields or objects referenced in the SELECT clause using WITH SECURITY_ENFORCED are inaccessible to the user, an exception is thrown, and no data is returned.

Example:

SELECT Id, (SELECT LastName FROM Contacts), 
   (SELECT Description FROM Opportunities)
   FROM Account WITH SECURITY_ENFORCED

If field-level security for either the LastName or Description field is hidden, this query throws an exception indicating insufficient permissions

SELECT Id, Name, Website FROM Account WITH SECURITY_ENFORCED

SELECT Id, Parent.Name, Parent.Website FROM Account WITH SECURITY_ENFORCED

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Example:

Like this:

Leave a Reply Cancel reply