You need to sign in to do that
Don't have an account?
Protect custom objects
Hey all,
I'm pretty new with Salesforce development. I'll tell you what I want to do and I hope I can get some good advice on how to do it.
I'm developing an app with apex. I want to store some application specific information about every user that uses my salesforce app. I want this information not to be editable for anyone but the application code. Ideally users/admins should not even know about it. How can I do that? I started with creating a custom object where I want to store my info, but I couldn't find how to change the object level permissions so that no one is allowed to see or edit the data. Am I on the right track or should I be doing something completely different?
Thanks a lot for your help, it's greatly appreciated!
Regards,
Kazmin
Use Custom Settings if you need to store data that can't be accessed outside your application. Make sure it is set to Protected visibility, and that you are using a managed package. Then, your code will have exclusive access to this data.
Alternatively, create a trigger that runs that explicitly fails all operations, and have a static variable that bypasses this trigger when you need to insert or update data. The administrators can still see all the data, however...
The fields themselves, being part of a managed package, can't be modified in any way that would break your code.
All Answers
Hi,
You cannot hide anything from the administrator as he has all the rights. Although you can use sharing settings. These settings specify the level of access your users have to each others' data. You can provide field level security by providing Field-Level Security in your profile. Also you can provide Custom Object Permissions like Read, Create, Edit, Delete, View All and Modify All.
Did this answer your question? If not, let me know what didn't work, or if so, please mark it solved.
Hey Jain,
Thanks for the reply! I got a little bit confused though. Can I forbid the administrator to edit my custom fields or not? I need to store some data and I need to be sure that it's not tempered with by anyone but the app itself. How would you recommend me to do that?
Thanks again!
Regards,
Nikolay
Use Custom Settings if you need to store data that can't be accessed outside your application. Make sure it is set to Protected visibility, and that you are using a managed package. Then, your code will have exclusive access to this data.
Alternatively, create a trigger that runs that explicitly fails all operations, and have a static variable that bypasses this trigger when you need to insert or update data. The administrators can still see all the data, however...
The fields themselves, being part of a managed package, can't be modified in any way that would break your code.