Skip to Content

Salesforce Certified Sharing and Visibility Architect: Resolve Apex Class Field Update Issues in Salesforce

By: Author Alex Lim

Posted on

Categories Exam

Learn how to fix the problem of read-only fields being updated by a custom Apex class in Salesforce. Discover the best solution using the WITH SECURITY_ENFORCED keyword in SOQL statements.

Table of Contents

Question

Universal Containers (UC) has a custom Apex class that enforces a business process and updates opportunities. UC has noticed that fields with field-level security permission of read only on certain users’ profiles are being updates by this class.

How should the architect fix this problem?

A. Use the WITH SECURITY_ENFORCED keyword in the SOQL statement.
B. Put the code in an inner class that uses the With Sharing keyword.
C. Use the ISUpdatetable() Apex method to test each field prior to allowing update.
D. Add With Sharing keyword to the class.

Answer

A. Use the WITH SECURITY_ENFORCED keyword in the SOQL statement.

Explanation

The most effective solution to prevent a custom Apex class from updating fields with field-level security permission of read-only is to use the WITH SECURITY_ENFORCED keyword in the SOQL statement within the class. This keyword ensures that the SOQL query respects the field-level security permissions defined in the user’s profile.

When the WITH SECURITY_ENFORCED keyword is used, the SOQL query will only return fields that the user has read access to, and any attempts to update read-only fields will result in an exception. This approach guarantees that the business process enforced by the Apex class does not violate the field-level security settings.

The other options provided are not as effective:

  • Using an inner class with the With Sharing keyword (Option B) only enforces record-level access control, not field-level security.
  • The isUpdateable() Apex method (Option C) is used to check if a field is updateable, but it does not enforce field-level security.
  • Adding the With Sharing keyword to the class (Option D) enforces record-level access control but does not address field-level security.

In conclusion, using the WITH SECURITY_ENFORCED keyword in the SOQL statement is the most accurate and reliable way to ensure that the custom Apex class respects field-level security permissions when updating opportunities.

Salesforce Certified Sharing and Visibility Architect certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Salesforce Certified Sharing and Visibility Architect exam and earn Salesforce Certified Sharing and Visibility Architect certification.