function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
robert webber 8robert webber 8 

Use of stripInaccessible in Security Reviews

Can you use the new stripInaccessible to avoid all the individual field checks requried to pass the security review, like shown below? This has always been a big hassle. If so, can someone give me an example?

Thanks


List<String> checkFields3 = new List<String>            {'ProjectionDate__c','InvestmentPlanID__c','InvestmentID__c','CombineResources__c'};
Map<String,Schema.sObjectField> m3 = Schema.SObjectType.Investment_Summary_Data__c.Fields.getMap();
        for(String f:checkFields3) {
            if(!m3.get(npPfx+f).getDescribe().isCreateable() || !m3.get(npPfx+f).getDescribe().isUpdateable()) {
'+m3.get(npPfx+f).getDescribe().isCreateable());
                throw new MyException('Contact administrator - you do not have permission to create Investment Summary Data');
            }
        } //end fls create check



 
Best Answer chosen by robert webber 8
AbhishekAbhishek (Salesforce Developers) 
Enforce Security With the stripInaccessible Method. Use the stripInaccessible method to enforce field- and object-level data protection. This method can be used to strip the fields and relationship fields from query and subquery results that the user can't access.

The example is provided in the below blog (https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_with_security_stripInaccessible.htm#:~:text=Custom%20Settings-,Enforce%20Security%20With%20the%20stripInaccessible%20Method,the%20user%20can't%20access.).

I hope you find the above information is helpful. If it does, please mark as Best Answer to help others too.

Thanks.

All Answers

AbhishekAbhishek (Salesforce Developers) 
Enforce Security With the stripInaccessible Method. Use the stripInaccessible method to enforce field- and object-level data protection. This method can be used to strip the fields and relationship fields from query and subquery results that the user can't access.

The example is provided in the below blog (https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_with_security_stripInaccessible.htm#:~:text=Custom%20Settings-,Enforce%20Security%20With%20the%20stripInaccessible%20Method,the%20user%20can't%20access.).

I hope you find the above information is helpful. If it does, please mark as Best Answer to help others too.

Thanks.
This was selected as the best answer
robert webber 8robert webber 8
Thanks. I guess I'll try it an run a security scan. This is very helpful.