+ Start a Discussion

Regarding CRUD and Field-Level Security



As far as i know all the CRUD and FLS permissions on Custom object can be set in the profile.

Do we still require to check the CRUD and FLS in the Apex Code by using the getDescribe and FieldDescribe functions mentioned in the Apex doc.


Using With Sharing keyword, i guess its ensured that current Users Profile permission and Field level permissions are enforced.


Is it still required to check CRUD and FLS permissions in our Apex code?


Any help on this will be appreciated.





OnDem DevOnDem Dev

Yes, With Sharing only enforces the current users sharing permissions and not the CRUD and FLS permissions the User has on the object.

So CRUD and FLS should be addressed explicitly using the getDescribe() and getFieldDescribe().