Learn how to properly enforce record and field-level visibility in Salesforce custom Lightning components using the with sharing keyword and isAccessible() method in Apex classes.
Table of Contents
Question
Universal Containers (UC) uses a custom Lightning component with an Apex class to display shipment information (custom object, private OWD). UC sales managers are complaining about two important points:
- Shipment records that belong to their teams can be seen by other users.
- Shipment amount should be visible only by managers, but sales reps are able to view it.
Which two features did the development team miss that is causing the problems? (Choose two.)
A. Use isSearchable keyword in Apex classes to assure record visibility.
B. Use With Sharing keyword in Apex classes to enforce sharing rules evaluation.
C. Use runAs in test class to enforce user permissions and field-level permissions.
D. Use isAccessible() method in Apex classes to check field accessibility.
Answer
B. Use With Sharing keyword in Apex classes to enforce sharing rules evaluation.
D. Use isAccessible() method in Apex classes to check field accessibility.
Explanation
The development team missed two crucial features that are causing the visibility issues with the shipment records and amount field:
B. Use With Sharing keyword in Apex classes to enforce sharing rules evaluation.
By default, Apex classes run in system mode, ignoring sharing rules. Adding the “with sharing” keyword to the class definition enforces sharing rules, ensuring that users can only access records they have permission to view based on the org’s sharing settings.
D. Use isAccessible() method in Apex classes to check field accessibility.
The isAccessible() method checks if a field is accessible to the current user based on field-level security settings. By using this method, the Apex class can determine whether the current user has access to the shipment amount field and display or hide it accordingly in the Lightning component.
To resolve the issues:
- Add the “with sharing” keyword to the Apex class definition to enforce sharing rules and prevent users from seeing shipment records they shouldn’t have access to.
- Use the isAccessible() method to check the accessibility of the shipment amount field for the current user. Only display the field in the Lightning component if the user has the necessary field-level permissions.
By implementing these two features, Universal Containers can ensure that shipment records and the amount field are only visible to users with the appropriate permissions, addressing the concerns raised by the sales managers.
Salesforce Certified Sharing and Visibility Architect certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Salesforce Certified Sharing and Visibility Architect exam and earn Salesforce Certified Sharing and Visibility Architect certification.