function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Siva SakthiSiva Sakthi 

How to check CRUD Permission if Attachment isDeleateable().

Hi ,
We have tried to give the CRUD permission for Attachment in Apex Class for Security scan perpose but not covered.
I have tried in two ways below. Please help me out to fix this issue ASAP. 
Is salesforce changed the attachment Name as CombinedAttachment ? Thats why i gave like this.
1. if (CombinedAttachment.sObjectType.getDescribe().isDeletable()) {
       delete at;  
    }  
2. if(!(Schema.sObjectType.Attachment.isDeletable()){
         delete at;   
    }
Advance Thanks
Siva
Pankaj_GanwaniPankaj_Ganwani
The attachment and note objects have master detail relationship with its parent. So, to check whether Attachment can be deleted, check the delete permission on its parent object such as Account, Opportunity, custom objects etc.

CombinedAttachment object holds all attachments, notes, google docs and documents uploaded to Salesforce CRM whereas Attachment object only holds the files that user has uploaded and attached with the parent object.
Siva SakthiSiva Sakthi
Hi Pankaj_Ganwani,
 
My understanding the attachement CRUD Permission have to check the Parent Object CRUD Permission is covered the attacchment also.
Have to check the Parent object permission like bellow format is correct or wrong. I am using the attachment in Contact object and one of my custom object. Now i want to check these two object is deleteable or not means. we can able to delete the attachment also right. 1.  if (Contact.sObjectType.getDescribe().isDeletable()) {
       delete attachment;  
 }   2.  if (EmployeeDocument__c.sObjectType.getDescribe().isDeletable()) {
       delete attachment;  
 }   Please confirm

Thanks
Siva
Pankaj_GanwaniPankaj_Ganwani
Yes, both the above statements are correct. You will have to check the delete permission in both the objects prior to performing delete operation.
Hammad KhanHammad Khan
Hi!
I checked FLS for Accessible Creatable and Updateable and Deleteable for a custom apex class but still had the same issue reported. What could I be missing? What is the limit of checkmarx code scan? I already have used it for 4 times?

Help would be appreciated. Thanks