Monday, 21 December 2020

How to remove inaccessible fields from sObjects before DML operations with Security.stripInaccessible

 Hi,

Let's take a scenario that 

 The user who doesn’t have permission to create Rating for an Account can still create an Account.

Her the method "Security.stripInaccessible" ensures that no Rating is set and doesn’t throw an exception.


Eg:

List<Account> newAccounts = new List<Account>();

Account a = new Account(Name='Acme Corporation');

Account b = new Account(Name='Blaze Comics', Rating=’Warm’);

newAccounts.add(a);

newAccounts.add(b);

SObjectAccessDecision securityDecision = Security.stripInaccessible(

                                         AccessType.CREATABLE, newAccounts);

// No exceptions are thrown and no rating is set

insert securityDecision.getRecords();

System.debug(securityDecision.getRemovedFields().get('Account')); // Prints "Rating"

System.debug(securityDecision.getModifiedIndexes()); // Prints "1"

Reference:
https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_with_security_stripInaccessible.htm


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Mastering Agentforce: The Power of Agent Script

Hi, In the rapidly evolving world of AI, the challenge for developers has always been balancing the creative reasoning of Large Language Mod...