Newer Version Available
CRUD and Field-Level Security (FLS)
Lightning components don’t automatically
enforce CRUD and FLS when you reference objects or retrieve the objects from an Apex controller.
This means that the framework continues to display records and fields for which users don’t have
CRUD access and FLS visibility. You must manually enforce CRUD and FLS in your Apex
controllers.
For example, including the with sharing keyword in an Apex controller ensures that users see only the records they have access to in a Lightning component. Additionally, you must explicitly check for isAccessible(), isCreateable(), isDeletable(), and isUpdateable() prior to performing operations on records or objects.
This example shows the recommended way to perform an operation on a custom expense object.
1public with sharing class ExpenseController {
2
3 // ns refers to namespace; leave out ns__ if not needed
4 // This method is vulnerable.
5 @AuraEnabled
6 public static List<ns__Expense__c> get_UNSAFE_Expenses() {
7 return [SELECT Id, Name, ns__Amount__c, ns__Client__c, ns__Date__c,
8 ns__Reimbursed__c, CreatedDate FROM ns__Expense__c];
9 }
10
11 // This method is recommended.
12 @AuraEnabled
13 public static List<ns__Expense__c> getExpenses() {
14 String [] expenseAccessFields = new String [] {'Id',
15 'Name',
16 'ns__Amount__c',
17 'ns__Client__c',
18 'ns__Date__c',
19 'ns__Reimbursed__c',
20 'CreatedDate'
21 };
22
23
24 // Obtain the field name/token map for the Expense object
25 Map<String,Schema.SObjectField> m = Schema.SObjectType.ns__Expense__c.fields.getMap();
26
27 for (String fieldToCheck : expenseAccessFields) {
28
29 // Check if the user has access to view field
30 if (!m.get(fieldToCheck).getDescribe().isAccessible()) {
31
32 // Pass error to client
33 throw new System.NoAccessException();
34 }
35 }
36
37 // Query the object safely
38 return [SELECT Id, Name, ns__Amount__c, ns__Client__c, ns__Date__c,
39 ns__Reimbursed__c, CreatedDate FROM ns__Expense__c];
40 }
41}