Hi All,

I have a FLS issue when I scan the code in Checkmarx. I search on the communities to resolve this issue but I could not found the solution.

It is buring issue because one of my client purchase the checkmarx by paying the huge amount and i'm not able to find the solution to it. 

Before making any DML statements in the code, I'm checking whether the user have a permission to insert/update/delete or not.. please find below code and it would be helpful if someone suggest me what is the wrong I have done in the below code.

Savepoint sp = Database.setSavepoint();
    User u = new User();
    u=[SELECT Contact.email, Contact.firstName, Contact.lastName FROM User WHERE id=:userId];
    if(Schema.sObjectType.Contact.fields.email.isupdateable())
    {
        u.Contact.email = data.email;
    }
    if(Schema.sObjectType.Contact.fields.firstName.isupdateable())
    {
        u.Contact.firstName = data.firstName;
    }
    if(Schema.sObjectType.Contact.fields.lastName.isupdateable())
    {
        u.Contact.lastName = data.lastName;
    }
    if(Schema.sObjectType.User.fields.firstName.isupdateable())
    {
        u.firstName = data.firstName;
    }
    if(Schema.sObjectType.User.fields.LastName.isupdateable())
    {
        u.lastName = data.lastName;
    }
    if(Schema.sObjectType.User.fields.email.isupdateable())
    {
        u.email = data.email;
    }
    try {
        if(User.sObjectType.getDescribe().isupdateable())
        {
            update u;
        }
        if(Contact.sObjectType.getDescribe().isupdateable())
        {
            update u.Contact;
        }
     } catch (Exception e) {
        Database.rollback(sp);
    }

Thanks in Advance.

Thanks,
Mohammed SaleemBaba