You need to sign in to do that
Don't have an account?
Even with "without sharing", I still have to give profile access to objects/fields. Is this correct?
I created a custom Visualforce page, and Apex controller, to provide a search page that anybody in our organization can use to search for data across three different custom objects. Although I only want certain profiles to be able to create, edit, and delete these objects (which I've enforced in the profiles), anybody should be able to search, as the Apex class only does queries, it doesn't update anything.
I set all profiles to have security access to the Apex class and VF page. I thought that by using "without sharing" in the Apex class, I wouldn't have to also explicitly set object/field access for the profiles, but the searches wouldn't return complete information until I did so. The search works perfectly after I set that up.
I just wanted to confirm that even though I used "without sharing" I still have to set object/field access? I'm new to developing Apex classes, so want to make sure I'm not missing something here.
Thanks!
Think of it this way: Profile permissions define what types of fields and objects a user can see. Sharing decides which records a user can see.
So, if you want users to see Custom__c object, you have to let them profile have at least Read access. If you want them to see the Custom__c record that I just created, they have to be allowed to based on sharing.
All Answers
Think of it this way: Profile permissions define what types of fields and objects a user can see. Sharing decides which records a user can see.
So, if you want users to see Custom__c object, you have to let them profile have at least Read access. If you want them to see the Custom__c record that I just created, they have to be allowed to based on sharing.
Thanks for the reply! I appreciate the confirmation on this - helps me to better understand how "without sharing" really works.