Enforce Field and Object Level Security with Security.StripInaccessible in Apex

Enforce Field and Object Level Security with Security.StripInaccessible in Apex

Security.stripInaccessible will remove the Email field that user can’t access. this method can also be used to remove inaccessible sObject fields before DML operations to avoid exceptions and to sanitize sObjects that have been deserialized from an untrusted source.

Security.StripInaccessible will not throw any exception if the user don’t have access to the fields but it will throw exception if user don’t have access to objects

Exception in case the user don’t have access to Contact Object :-  System.NoAccessException: No access to entity: Contact

By using thisSecurity.StripInaccessible in Apex, we can avoid the object and field accessible schema check in condition statements as shown below,

if(Schema.SObjectType.Contact.fields.Name.isAccessible()){

}

if (Schema.SObjectType.Contact.isAccessible()){

}

AccessType Enum

Specifies the access check type for the fields of an sObject.

Usage

Use these enum values for the accessCheckType parameter of the stripInaccessible method.

Enum Values

The following are the values of the System.AccessType enum.

Value Description
CREATABLE Check the fields of an sObject for create access.
READABLE Check the fields of an sObject for read access.
UPDATABLE Check the fields of an sObject for update access.
UPSERTABLE Check the fields of an sObject for both insert and update access.

Be the first to comment

Leave a Reply

Your email address will not be published.


*