Enforcing Field Level Security is tough task when its comes to Apex because with sharing take care of record level security and Schema.sObjectType With isAccessible() used for FLS in Apex currently
To Enhance the Field Level Security in Apex Salesforce Introduced FLS in SOQL Query with WITH SECURITY_ENFORCED clause
Use the WITH SECURITY_ENFORCED clause to enable checking for field- and object-level security permissions on SOQL SELECT queries, including subqueries and cross-object relationships.
If fields or objects referenced in the SELECT
clause using WITH SECURITY_ENFORCED
are inaccessible to the user, an exception is thrown, and no data is returned.
Example:
SELECT Id, (SELECT LastName FROM Contacts),
(SELECT Description FROM Opportunities)
FROM Account WITH SECURITY_ENFORCED
If field-level security for either the LastName or Description field is hidden, this query throws an exception indicating insufficient permissions
SELECT Id, Name, Website FROM Account WITH SECURITY_ENFORCED
SELECT Id, Parent.Name, Parent.Website FROM Account WITH SECURITY_ENFORCED