function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Srinu SomuSrinu Somu 

will with sharing apply field level security and DML permissions?

Reference - Visualforce Developer guide
Although custom controllers and controller extension classes execute in system mode and thereby ignore user permissions
and field-level security, you can choose whether they respect a user's organization-wide defaults, role hierarchy, and sharing rules
by using the with sharing keywords in the class definition.

will with sharing apply field-level security and create, read, update and delete permissions of the current logged in user? From the above statement I am thinking it won't apply but in some blogs I am seeing that with sharing applies DML and field-level security also.

Please guide me which is correct.

 
Balaji BondarBalaji Bondar
Yes Srinu, sharing apply field-level security and create, read, update and delete permissions of the current logged in user.
For example: if logged in user dont have account create access then user will get an error insufficient error on VF page.
lakslaks
Hi Srinu,

What I have understood by going through some of the resources regarding the same is that while using 'with sharing' CRUD/FLS checks should be done manually in the code.

Do check if this link provides you the required clarity ->
https://developer.salesforce.com/page/Enforcing_CRUD_and_FLS


Regards,
Lakshmi.
Doug Hynes NIDoug Hynes NI
I agree with laks. "With Sharing" is about which records the user can access, not about permissions. In apex code, CRUD and FLS are NOT automatically checked, so a user can have no permissions to an object and can still view the data unless you code the checks.