Salesforce Sharing and Visibility Designer Series Part 13

This entry is part 14 of 17 in the series Sharing and Visibility Designer Study Guide

CRUD and FLS Enforcement

  • Object (CRUD) and field (FLS) level security are configured on profiles and can be used to restrict access on object types and individual fields.
  • In most cases, VisualForce will automatically enforce CRUD and FLS when direct references to SObjects and SObject fields are used.

Use Cases where CRUD and FLS are violated:

  • If objects or field values are referenced as generic data types or data is copied to other elements, developers will need to implement the appropriate access control checks.
  • Passing custom Apex classes that copy or wrap SObject data to VisualForce pages.
  • All Apex web services
  • Lightning components don’t automatically enforce CRUD and FLS when you reference objects or retrieve the objects from an Apex controller, CRUD and FLS should be enforced when using the “@AuraEnabled” notation.

Automatic CRUD and FLS Enforcement in VisualForce

  • When rendering VisualForce pages, the platform will automatically enforce CRUD and FLS when the developer references SObjects and SObject fields directly in the VisualF For example, if a user without FLS visibility to the Phone field of the Contact object was to view the below page, phone numbers would be automatically removed from the table.
 

  • VisualForce will also remove fields for which users do not have FLS visibility when rendering edit pages.
  • Input tags such as apex:inputText and apex:inputTextArea will also automatically enforce FLS restrictions.
Series Navigation<< Salesforce Sharing and Visibility Designer Series Part 12Salesforce Sharing and Visibility Designer Series Part 14 >>
Posted in Contributors and tagged , .

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of