function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Anuj Joshi 42Anuj Joshi 42 

Considerations while using iscreatable() method

Hi All,

I have a code written where the fields are created or updated. I need to add a condition for iscreatable so that my code is secure. Below is my code
 
global class Async{
@future

public static void sendEmail(Set<Id> sendList){
List <Notes__c> notesList = new List<Notes__c>();
notesList.clear();
for(List<EmailMessage> emailmsglist:[select Id,parentId,Parent.Email__c,Parent.Contact.Email,ToAddress, FromAddress, Subject, TextBody, HTMLBody, CreatedDate from EmailMessage where id in :sendList] )
{
        for(EmailMessage emlist :emailmsglist){

             Notes__c note= new Notes__c(); // Create a note object 
             note.Case__c= emlist.parentid;
                 IF (emlist.HTMLBody != NULL && emlist.HTMLBody != ''){
                 note.Message__c = emlist.HTMLBody;
                 }
                 else {
                 note.Message__c = emlist.TextBody;
                 }    
             note.Sent_To__c = emlist.ToAddress;
             note.From__c = emlist.FromAddress;
             note.Subject__c = emlist.Subject;
             note.Datetime_Created__c = emlist.CreatedDate;
             if (emlist.Parent.Contact.Email == emlist.ToAddress || emlist.Parent.Email__c == emlist.ToAddress) .
             {
             note.Type__c = 'Response';
             }
             else {
             note.Type__c = 'Forward/Others';
             }
             notesList.add(note); // Add note object to the list
         }
}

if(notesList.size()>0) {
       insert notesList;
       }
}
}

Wherever the field is assigned to a value or record is created or updated I want to apply iscreatable and isupdateble conditions. Kindly provide me solution for this.

Thanks,
Anuj
Jainam ContractorJainam Contractor
Hi Anuj,

You can use below snippets to check whether you have access to field, or you can create, update, delete record.

Below are few samples, place them according to your needs and you would be able to ensure there is no vulnerability in your code.
 
Schema.sObjectType.Contact.fields.Email.isAccessible();

Schema.sObjectType.Contact.fields.Email.isCreateable();

Schema.sObjectType.Contact.fields.Email.isUpdateable();
The above code lines check for Contact Email field, you can use for all the fields/ sObjects you are using in the code. You might need isCreateable() and isAccessible() check as you are not updating anything.

Before the Insertion of NoteList at the end, you can use Schema.sObjectType.Notes__c.isCreatable() to check whether you have create access to Notes__c Object.

Please try and let me know if it works. Please mark this as the solution if it solved your purpose.

Happy to help....:)

Thanks,
Jainam Contractor,
Salesforce Consultant,
Varasi LLC
www.varasi.com