Skip to main content

Connect #ZOOM with #Salesforce using #Zapier | Salesforce Tutorials

Enforce FLS & CRUD in Lightning Component Manually.



How to Enforce CRUD & FLS in Lightning Component Manually ?


If you are a lightning component developer so you might already know that aura component does not support automatically CRUD & FLS in an apex controller.

This means the framework continues to display the records & fields for which user does not have CRUD access and FLS visibility.

For this we have to enforce the CRUD & FLS manually.

To get this done first you need to include with sharing keyword in your class name as shown below :


1
2
3
public with sharing class  myController{

}


After that we have to ensure in our apex controller that user see only those records on which he has access. We could check this using following functions :

  • isAccessible()
  • isCreateable()
  • isDeletable()
  • isUpdateable()
In below example I have used these function to check FLS manually : 


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
@AuraEnabled
    public static Boolean isFLS(){
        
        // Check if the user has read access on the Account.Name field
        if (Schema.sObjectType.Account.fields.Name.isAccessible()){
            return true;
        }
        
        String [] accountUpdateFields = new String [] {'AnnualRevenue',
                                                     'Name',
                                                     'Phone',
                                                     'Description'};

        // Check if the user has create access on each field
        // Get all fields of Account Object
        Map<String,Schema.SObjectField> acc = Schema.SObjectType.Account.fields.getMap();
        for (String fieldToCheck : accountUpdateFields) {
            // Check if the user has create access on the each field
            if (acc.get(fieldToCheck).getDescribe().isCreateable()) {
                return true;
            }
            else{
                return false;
            }
        }
                
        // Check if the user has delete access on the Account object
        if (Account.sObjectType.getDescribe().isDeletable()){
            return true;
        }
        
        // Check if the user has update access on the Name field
        if (Schema.sObjectType.Account.fields.Name.isUpdateable()){
            return true;
        }
        return false;

    }

If you have any question please leave a comment below.
If you would like to add something to this post please leave a comment below.
Share this blog with your friends if you find it helpful somehow !

Thanks
Keep Coding 😊

Comments

Popular posts from this blog

How to send WhatsApp from Lightning Component Salesforce ?

Send WhatsApp from Lightning Component SalesforceHi folks, in this article I will explain how you can send WhatsApp from Lightning Component using https://wa.me/
In this example I will create a Quick Action button on Contact which will be connected with my Lightning Component.
Please follow the steps below : 
Step 1 : Create a Lightning Component & Apex as shown below
WhatsApp.cmp
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30<aura:componentcontroller="Vlog_whatsappCTRL"implements="force:appHostable,flexipage:availableForAllPageTypes,flexipage:availableForRecordHome,force:hasRecordId,forceCommunity:availableForAllPageTypes,force:lightningQuickAction"access="global"><aura:attributename="recordId"type="String"/><aura:attributename="con"type="Contact"/><aura:attributename="msg"type="String"/><aura:handlername="init"action…

Send WhatsApp and Save Chat using Lightning Component Salesforce | Salesforce Tutorials

Hello folks,
In this article you will learn to send WhatsApp and Save the Chat using Lightning Component Salesforce. 
Prerequisite : 
Create a custom object WhatsApp__c
Create custom fields as shown below : 


Please follow the code below : 

WhatsAppComponent 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30<aura:componentcontroller="Vlog_whatsappCTRL"implements="force:appHostable,flexipage:availableForAllPageTypes,flexipage:availableForRecordHome,force:hasRecordId,forceCommunity:availableForAllPageTypes,force:lightningQuickAction"access="global"><aura:attributename="recordId"type="String"/><aura:attributename="con"type="Contact"/><aura:attributename="msg"type="String"/><aura:handlername="init"action="{!c.doInit}"value="{!this}"/><articleclass="slds-card"><divclass="slds-card__header…

Get Parent Id when overriding standard actions with a Lightning Component in salesforce1 app

How to Get Parent Id when overriding standard actions with a Lightning Component in salesforce1 app ?
In this blog I will explain how you can get Parent Id when overriding standard actions with a lightning component.
For example I have changed my Opportunity New button action with a custom Lightning Component. 
Let's create a new account and from the related tab try creating the new Opportunity. Have you noticed any change in URL ?
Let me share the URL with you :  _________________________________________________________________________ https://kapilbatra1-dev-ed.lightning.force.com/lightning/o/Opportunity/new?recordTypeId=0127F000000htlpQAA&additionalParams=accid%3D0017F00002S6g9H%26&inContextOfRef=1.eyJ0eXBlIjoic3RhbmRhcmRfX3JlY29yZFBhZ2UiLCJhdHRyaWJ1dGVzIjp7Im9iamVjdEFwaU5hbWUiOiJBY2NvdW50IiwicmVjb3JkSWQiOiIwMDE3RjAwMDAyUzZnOUhRQVIiLCJhY3Rpb25OYW1lIjoidmlldyJ9LCJzdGF0ZSI6e319&count=3 _________________________________________________________________________
In above URL you …