+ Start a Discussion
Hitendra SabhadiyaHitendra Sabhadiya 

How to set Field-Level security for Profile from Apex class ?

I want to set field level security for particular field of object from Apex.
e.g  There is custom field named  "SLASerialNumber__c"  on Account object and I have System Administrator Profile.
So I want to give Read and Edit Access of  field to Profile.

How it's possible?
Best Answer chosen by Hitendra Sabhadiya
NagendraNagendra (Salesforce Developers) 
Hi Hitendra,

Please try this.

For a Specific Profile:
List<FieldPermissions> fpList = [SELECT SobjectType, Field, PermissionsRead, PermissionsEdit, Parent.ProfileId FROM FieldPermissions WHERE SobjectType = 'Account' and Field='Account.Customer_Priority__c' AND Parent.ProfileId IN (SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name = 'System Administrator')];
if(!fpList.isEmpty()){
    Boolean hasReadPermission = fpList[0].PermissionsRead;
    Boolean hasEditPermission = fpList[0].PermissionsEdit;
    system.debug('Read Permission - ' + hasReadPermission);
    system.debug('Edit Permission - ' + hasEditPermission);
}
For Current User:
List<FieldPermissions> fpList = [SELECT SobjectType, Field, PermissionsRead, PermissionsEdit, Parent.ProfileId FROM FieldPermissions WHERE SobjectType = 'Account' and Field='Account.Customer_Priority__c' AND Parent.ProfileId=:Userinfo.getProfileId()];
if(!fpList.isEmpty()){
    Boolean hasReadPermission = fpList[0].PermissionsRead;
    Boolean hasEditPermission = fpList[0].PermissionsEdit;
    system.debug('Read Permission - ' + hasReadPermission);
    system.debug('Edit Permission - ' + hasEditPermission);
}
Please let us know if you need anything else.

Thanks,
Nagendra

 

All Answers

NagendraNagendra (Salesforce Developers) 
Hi Hitendra,

Please try this.

For a Specific Profile:
List<FieldPermissions> fpList = [SELECT SobjectType, Field, PermissionsRead, PermissionsEdit, Parent.ProfileId FROM FieldPermissions WHERE SobjectType = 'Account' and Field='Account.Customer_Priority__c' AND Parent.ProfileId IN (SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name = 'System Administrator')];
if(!fpList.isEmpty()){
    Boolean hasReadPermission = fpList[0].PermissionsRead;
    Boolean hasEditPermission = fpList[0].PermissionsEdit;
    system.debug('Read Permission - ' + hasReadPermission);
    system.debug('Edit Permission - ' + hasEditPermission);
}
For Current User:
List<FieldPermissions> fpList = [SELECT SobjectType, Field, PermissionsRead, PermissionsEdit, Parent.ProfileId FROM FieldPermissions WHERE SobjectType = 'Account' and Field='Account.Customer_Priority__c' AND Parent.ProfileId=:Userinfo.getProfileId()];
if(!fpList.isEmpty()){
    Boolean hasReadPermission = fpList[0].PermissionsRead;
    Boolean hasEditPermission = fpList[0].PermissionsEdit;
    system.debug('Read Permission - ' + hasReadPermission);
    system.debug('Edit Permission - ' + hasEditPermission);
}
Please let us know if you need anything else.

Thanks,
Nagendra

 
This was selected as the best answer
Hitendra SabhadiyaHitendra Sabhadiya
Hi Nagendra

I am not sure.
but,I think that  solution which you have provided is to check field level security for perticular field.
I can't set FLS for field from apex.
Shubham NandwanaShubham Nandwana

Hi Hitendra,

You can get field permissions and set each permission by setting them to 'true'/'false'.

Adding sample code for setting permissions for each field of opportunity sobject  and you can check for profile by adding below query to list rt query.

AND Parent.ProfileId IN (SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name = 'System Administrator').
Hope this ans helps you, if it does select it as best answer.

String parameterValue = ApexPages.currentPage().getParameters().get('Permission_Set_ID'); //Permission_Set_ID reference from URL

}
}
//update field permission for Opportunity  permission
        fieldpermissions fp=new fieldpermissions();
        list<fieldpermissions>rt=[select id FROM fieldpermissions where parentid=:parameterValue AND      SobjectType='Opportunity' ];       
 rt.add(parameterValue );
        
        if(!rt.isempty())
        {
        fp.id=rt[0].id ;
        }else{
          rt.parentid          = parameterValue ;
          rt.SobjectType       ='Opportunity'; 
        }
        
        for(wrapper i:lstwrapperIntString)
        {
        if(i.selectedread ==true){  //vf page if selected read
         rt.PermissionsRead= true;
        }
        if(i.selectedwrite ==true){
         rt.PermissionsEdit=true;
         rt.PermissionsRead= true;
         }
           upsert rt;
        }
           return null;

    }
}
You can also refer to https://developer.salesforce.com/forums/?id=906F00000005HTsIAM.

Shubham Nandwana.
AppPerfect Corp.
salesforce@appperfect.com
408-252-4100
http://www.appperfect.com/services/salesforce/
Salesforce Development & Operations Experts
Ajay K DubediAjay K Dubedi
Hi Hitendra,

Please see below query. Hope this helps you.

Here is how you can get the Field Level Security for particular profile:
SELECT Id, Field, SObjectType, PermissionsRead, PermissionsEdit FROM FieldPermissions WHERE parentid in (select id from permissionset where PermissionSet.Profile.Name = 'System Administrator') 

You can restrict the number of records by looking at a specific sObject. Ex:
SELECT Id, Field, SObjectType, PermissionsRead, PermissionsEdit FROM FieldPermissions WHERE SObjectType = 'Opportunity' and parentid in (select id from permissionset where PermissionSet.Profile.Name = 'System Administrator') 

Also, go through the below link also.

https://welkinsuite.com/blog/salesforce-permissions-applied-to-apex/

Please mark it as best answer if it helps you.

Thank You,
Ajay Dubedi
Mehul Savariya 4Mehul Savariya 4
Hello,
Do you have code above code in java? I have created custom fields using meta data api but not able to set the field level security and not able to add in custom page layout. Can you tell me how to assign the custom field to the existing profile so that it can be added to the layout?
Richard Fiekowsky 3Richard Fiekowsky 3
I see in the Object Reference, for the FieldPermission object, https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_fieldpermissions.htm , "....To grant a user access to a field, associate a FieldPermissions record with a PermissionSet that’s assigned to a user. FieldPermissions records are only supported in PermissionSet, not in Profile." . Is there a way to use this to change a Profile anyway? 
Jay Martinez 9Jay Martinez 9
Great suggestions but it definitely does not answer the setting of permissions or FLS.
Radhika ChRadhika Ch
Hi,
I have created a field through Apex.But System Administrator also didn't get even the read access on that field.
Does anybody help to grant read and edit access for all the users through Apex ?