function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Programmatically determine user access to a record?

I need to determine whether a user has write access to a given SObject record. There are a couple ways I know to do this, both with distinct downsides. First, I can simply do a try/catch update on the record, but that changes the last-modified date, and has some other issues with security in a managed package.


Second, I can crawl the SObject__Share object, and figure things out from there. The problem there, I discovered, is that once you reference an xxx__Share object in Apex, you can no longer change the sharing rules for that xxx object. It complains "Unable to change sharing model because sharing objects are referenced by the following components: Apex.cls"


I saw in a thread from over a year ago that SF recognized a need for this. Has it been included in the platform yet?




I had the same problem and I took the first solution, but you can always rollback the tracsaction so that the DML never changes the LastModifiedDate.

And you should check the error message if it is about access privilege or not (the DMLException could be from your validation rule).