Enforce Security with Field and SObject Describe Methods
By using the Schema.DescribeSObjectResult methods and the Schema.DescribeFieldResult methods, you can verify that the current user has the necessary permissions and perform a specific DML operation or a query only if the user has sufficient permissions.
For example, you can call the isAccessible, isCreateable, or isUpdateable methods of Schema.DescribeSObjectResult to verify whether the current user has read, create, or update access to an sObject, respectively. Similarly, Schema.DescribeFieldResult exposes these access control methods that you can call to check the current user’s read, create, or update access for a field. In addition, you can call the isDeletable method provided by Schema.DescribeSObjectResult to check if the current user has permission to delete a specific sObject.
These examples call the access control methods.
1if (Schema.sObjectType.Contact.fields.Email.isUpdateable()) {
2 // Update contact phone number
3}1if (Schema.sObjectType.Contact.fields.Email.isCreateable()) {
2 // Create new contact
3}1if (Schema.sObjectType.Contact.fields.Email.isAccessible()) {
2 Contact c = [SELECT Email FROM Contact WHERE Id= :Id];
3}1if (Schema.sObjectType.Contact.isDeletable()) {
2 // Delete contact
3}