Visualforce Developer Guide

Introducing Visualforce
Tools for Visualforce Development
Getting a Quick Start with Visualforce
Customizing the Appearance and Output of Visualforce Pages
Standard Controllers
Associating a Standard Controller with a Visualforce Page
Accessing Data with a Standard Controller
Using Standard Controller Actions
Validation Rules and Standard Controllers
Styling Pages that Use Standard Controllers
Checking for Object Accessibility
Standard List Controllers
Custom Controllers and Controller Extensions
Advanced Examples
Override Buttons, Links, and Tabs with Visualforce
Using Static Resources
Creating and Using Custom Components
Dynamic Visualforce Bindings
Dynamic Visualforce Components
Integrate Email with Visualforce
Visualforce Charting
Creating Maps with Visualforce
Render Flows with Visualforce
Templating with Visualforce
Developing Salesforce Apps with Visualforce
Adding Visualforce to a Salesforce AppExchange App
Using JavaScript in Visualforce Pages
Communicating Across the DOM with Lightning Message Service
Visualforce Best Practices
Standard Visualforce Component Reference
Appendices
PDF

Checking for Object Accessibility

If a user has insufficient privileges to view an object, any Visualforce page that uses a controller to render that object is inaccessible. To avoid this error, ensure that your Visualforce components only render if a user has access to the object associated with the controller.
You can check for the accessibility of an object like this: 
1{!$ObjectType.objectname.accessible}
This expression returns a true or false value.
For example, to check if you have access to the standard Lead object, use the following code:
1{!$ObjectType.Lead.accessible}
For custom objects, the code is similar:
1{!$ObjectType.MyCustomObject__c.accessible}
where MyCustomObject__c is the name of your custom object.
To ensure that a portion of your page will display only if a user has access to an object, use the rendered attribute on a component. For example, to display a page block if a user has access to the Lead object, you would do the following:
1<apex:page standardController="Lead">
2	<apex:pageBlock rendered="{!$ObjectType.Lead.accessible}">
3		<p>This text will display if you can see the Lead object.</p>
4	</apex:pageBlock>
5</apex:page>
Provide an alternative message if a user can't access an object. For example:
1<apex:page standardController="Lead">
2	<apex:pageBlock rendered="{!$ObjectType.Lead.accessible}">
3		<p>This text will display if you can see the Lead object.</p>
4	</apex:pageBlock>
5	<apex:pageBlock rendered="{! NOT($ObjectType.Lead.accessible) }">
6		<p>Sorry, but you cannot see the data because you do not have access to the Lead object.</p>
7	</apex:pageBlock>
8</apex:page>