Apex Code Development You need to sign in to do that
Don't have an account?
bclark019 Object History values visible in API for fields restricted through field level security
Hi All,
I'm creating a custom object that will contain some sensitive employee data. I've got it pretty well locked down except that I have found that my admin users can query the _History object through the API to see audited field value changes. This has been tested through to Force.com Explorer (both of them). On the other hand, admin users (or users with View All Data/Modify All Data) do not see the Audit history for fields they do not have access to when viewing the data through a page layout in Salesforce.
So my questions are:
1) is this intended behavior
2) is there any way to lock this down
3) or should I just build a custom object to replicate the audit trail?
Thanks for your input.
-Brandon
Page Layouts are not security controls. Page Layouts only affect UI visibility. If your admins have the View All Data permission, they can view all data in the org. Hiding it in UI will not prevent an Admin from accessing data. Using a custom object will not help, as the Admins will be able to view your custom object just as easily.
What are you trying to accomplish? Is there a reason your Admins shouldn't see field history?