Monday, 21 December 2020

How to remove inaccessible fields from sObjects before DML operations with Security.stripInaccessible

 Hi,

Let's take a scenario that 

 The user who doesn’t have permission to create Rating for an Account can still create an Account.

Her the method "Security.stripInaccessible" ensures that no Rating is set and doesn’t throw an exception.


Eg:

List<Account> newAccounts = new List<Account>();

Account a = new Account(Name='Acme Corporation');

Account b = new Account(Name='Blaze Comics', Rating=’Warm’);

newAccounts.add(a);

newAccounts.add(b);

SObjectAccessDecision securityDecision = Security.stripInaccessible(

                                         AccessType.CREATABLE, newAccounts);

// No exceptions are thrown and no rating is set

insert securityDecision.getRecords();

System.debug(securityDecision.getRemovedFields().get('Account')); // Prints "Rating"

System.debug(securityDecision.getModifiedIndexes()); // Prints "1"

Reference:
https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_with_security_stripInaccessible.htm


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Differences between Agentforce for Service and Einstein Bots

 Hi , There are a few differences between Agentforce for Service and Einstein Bots. Agentforce vs. Einstein Bots ...