+ Start a Discussion

Determine Record Level Access for a User

Is there a way to determine the record level access (view/edit) for a user? (Note: this is record level not object level)


The code will be running under a single user and for every record we need to determine which users in Salesforce have view and which users have edit access to the record.




With the use of keyword "with sharing"in your controller, your code will abide by all the organization-wide defaults and if find the access level is that necessary then you can try to edit, view logged in user's own or someone else data and use appropriate try catch statements to extract the information you want.
Please remember: This is not running as the user we need to determine access for. It will be running under 1 user all the time. And while its running it needs to understand the access to the record for EVERY user in Salesforce NOT the user it is running under.

A record access can be queried from the Share table for all users. Example, if you are checking it for a Custom_Object__c, you can query the Custom_Object__Share object to get the access level for all the users required.




[Select  RowCause, AccessLevel, UserOrGroupId  form Custom_Object__Share where UserOrGroupId IN: userSet AND ParentId= '<RECORDID>' ];