0 votes
4 views
by

I am attempting to find best practices around mixed SObject security. When I am using DML statements I validate either through "with SECURITY_ENFORCED" or through {SObject}.SObjectType.getDescribe().isDeletable(). What are the best practices when working with a List for checking DML permissions before inserting or updating?

1 Answer

0 votes
by
 
Best answer

The new, modern way to do this is Security.stripInaccessible. This automatically checks all field level access, record level access, and object level access. It takes all the guesswork out of using describes and other security checks. You can still use WITH SECURITY_ENFORCED if you want an all-or-nothing approach, but Security.stripInaccessible will give you the ability to successfully resolve a query and still maintain data security.

Welcome to Memory Exceeded, where you can ask questions and receive answers from other members of the community.
...