Questions tagged [field-level-security]
Each Field within an Object has it's own CRUD (Create, Read, Update and Delete) security permissions applied to it. Field level security settings can make the security applied to a field more restrictive for a User's Profile beyond what Object level security would on it's own, but cannot make the security less restrictive.
205 questions
3 votes
1 answer
54 views
Do Batch Apex jobs in a managed package need explicit CRUD/FLS enforcement to pass Salesforce Security Review?
I’m preparing a managed package for Salesforce Security Review that includes multiple Batch Apex classes. The batches read large data sets (SOQL) and perform updates/inserts across several standard ...
- 119
0 votes
0 answers
54 views
Lightning-record-picker throws 'Cannot destructure property 'dataType' of 'undefined'' on lookup to Reservation Item (Summer25)
I have an in issue in a Summer 25 full sandbox and production on Service Cloud. I get the following error when I try to create a new Complaint. I click on the reservation item lookup and enter an ...
1 vote
1 answer
63 views
Report on OpportunityLineItem custom lookup field
I'm trying to build a report with standard "Opportunities with products" type. In the list of field, I can't find my custom lookup field on OpportunityLineItem (relation OpportunityLineItem ...
- 21
0 votes
0 answers
40 views
Force.com Source Scanner FLS Insert/Update Suggestions
I recently updated all of the DML methods in our package to check FLS to pass the security scanner, but I am concerned it will break most of our customers. Our SOQL queries frequently retrieve every ...
- 65
0 votes
1 answer
157 views
"Field does not exist: StartDate on AccountPlan" error since Spring'25
Apparently I had not tested this in a Spring'25 preview sandbox, but since we got Spring'25 on our production org, the Apex classes that use Account Plans cannot be compiled anymore. I checked the ...
- 5,102
0 votes
1 answer
45 views
To resolve Meeting - Speaker Meeting is locked and cannot be deleted error while deleting a Meeting record
As i need to delete one Meeting Record created in 2020, but unable to delete since i am receiving this error. "Meeting - Speaker Meeting is locked and cannot be deleted". Please find the ...
1 vote
1 answer
251 views
User can see a field that is not even inside the Page Layout
I have a custom object that a user accesses frequently. Recently I received a report that this user was able to see too much fields, much more than usual. I checked the permissions of this user. He ...
- 135
5 votes
1 answer
236 views
Enforcing Field security in Apex - Schema.objectType.sobject_name.fields.field_name VS sobject_name.field_name.getDescribe() VS stripInaccessible()
Currently, there are at least four ways I am aware of to check/enforce Field Access while running Apex: Calling sobject_name.field_name.getDescribe().isUpdateable(); Example: Account.Description....
- 195
2 votes
1 answer
408 views
Salesforce code analyzer DFA
Im hitting a strange error when running the salesforce code analyzer DFA report - sf scanner run dfa --format csv --outfile CodeAnalyzerDFA.csv --target ./ --projectdir ./ --category Security Scanner ...
- 67
-1 votes
1 answer
2k views
How to make a field readonly in lightning record page?
I have a field in field section in a lightning record page. I have set that field Read-Only in UI behaviour. But in UI, it is still editable. Could Someone help me with this?
- 47
0 votes
0 answers
78 views
OWD and Profile Security Settings
I am facing an issue. 2 Custom objects Job(master) and Candidate (child). Job - parent (OWD private) (Custom Profile permission - Read permission only) Candidate - Child (OWD Controlled by parent) (...
0 votes
1 answer
62 views
Field Level Permission Leakage to a profile
I have a Recruiter profile Which has field level permission for "Assigned Owner Field" is given only Visible Persmisson.But when a user Logins who is assigned Recruiter Profile is able to ...
- 1
-1 votes
1 answer
59 views
How to give access to only one field by a record owned by other user
I have a field that will only be edited when the process is finished, but the record owned by a person A and will be edited by a person B. I tryed a lot of things, but not work. I can’t change de owd. ...
0 votes
1 answer
227 views
Do I need to check FLS for each field when creating a new object record in apex?
If I am creating a new Contact record in apex, will the following code be sufficient for FLS/CRUD requirements in a security review, or will I need to check .isCreateable() for each field individually ...
- 51
0 votes
1 answer
104 views
Validate OWD, with sharing, Profile, Permission Sets as Non - ADMIN user
I am trying to validate the OWD for an object that is Public/Read Write without Read permission at the object level for a specific profile user. To validate the results I created a new profile by ...
- 171