Last active
June 23, 2022 07:08
-
-
Save mhamzas/9a934265afa23d616ab23722de062313 to your computer and use it in GitHub Desktop.
This method is to check all the Object and fields per object has the access - Obj & FLS secuity checker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* This method is to check all the Object and fields per object has the access | |
| Obj & FLS secuity checker */ | |
| public static void permChecker(String objName, string listofCommaSeperatedFields, String perm){ | |
| String appNameSpace = FilogixWrapperBinding.getAppNameSpace(); | |
| // Checking permission on Object | |
| if(!String.isBlank(objName) && !String.isBlank(perm)){ | |
| // Appending a NameSpace if it's a custom object. | |
| if(objName.endsWith('__c') && !objName.startsWith(appNameSpace)){ | |
| objName = appNameSpace+objName; | |
| } | |
| // Throw an error if Object is not readable | |
| if(!getObjectPerm(objName,'read')){ | |
| throw createCustomException(objAccessError+'Object: '+objName+'</br>'); | |
| } | |
| //Checking permissions on Fields | |
| if(!String.isBlank(listofCommaSeperatedFields)){ | |
| listofCommaSeperatedFields = listofCommaSeperatedFields.replaceAll('(\\s+)', ''); // Removing all the whitespaces | |
| List<String> lstFields = new List<string>(); | |
| // Checkking if String contains comma seperated fields | |
| if(listofCommaSeperatedFields.contains(',')){ | |
| lstFields = listofCommaSeperatedFields.split(','); //Converting String to list | |
| } else { // Means single field is provided. | |
| lstFields.add(listofCommaSeperatedFields); | |
| } | |
| system.debug('lstFields='+JSON.serialize(lstFields)); | |
| if(lstFields.size()>0 && lstFields!=null){ | |
| for(String fieldApiName : lstFields){ | |
| String objectName = objName; | |
| //Handling parent fields | |
| // Example: Account.Name being queried from ResidentialLoanApplication | |
| if(fieldApiName.contains('.')){ | |
| System.debug('Object::'+objectName+'& Field::'+fieldApiName); | |
| List<String> fieldApi = fieldApiName.split('\\.'); | |
| system.debug('fieldApi='+JSON.serialize(fieldApi)); | |
| // Example: Account.Name from ResidentialLoanApplication | |
| if(fieldApi.size()==2){ | |
| objectName = fieldApi[0]; | |
| fieldApiName = fieldApi[1]; | |
| permChecker(objName, fieldIdentification(fieldApi[0]), perm); //as permChecker('ResidentialLoanApplication','AccountId','read'); | |
| // continue as permChecker('Account','Name','read'); | |
| } | |
| // Example: LoanApplicant.Contact.FirstName from LoanApplicantEmployment | |
| if(fieldApi.size()==3){ | |
| objectName = fieldApi[0]; | |
| fieldApiName = fieldIdentification(fieldApi[1]); | |
| // Checking Permission for Grand Parent Object and it's fields. | |
| // Re-calling the same method, | |
| permChecker(fieldApi[0], fieldApi[1]+'.'+fieldApi[2], perm); //as permChecker('LoanApplicant','Contact.FirstName','read'); | |
| permChecker(objName, objectName+'.'+fieldApiName, perm); //as permChecker('LoanApplicantEmployment','LoanApplicant.Contact','read'); | |
| // continue as permChecker('LoanApplicantEmployment','LoanApplicant','read'); | |
| } | |
| System.debug('Parent Object::'+objName+'& Object Field::'+objectName); | |
| // Getting the Parent Object Api Name before passing it to permission checker | |
| objectName = objectRefName(objName,objectName); | |
| } | |
| // // Replacing custom object's relationship field with appropriate syntax | |
| // Appending a NameSpace if it's a custom object. | |
| if(objectName.endsWith('__c') && !objectName.startsWith(appNameSpace)){ | |
| objectName = appNameSpace+objectName; | |
| } | |
| // Appending a NameSpace if it's a custom field. | |
| if(fieldApiName.endsWith('__c') && !fieldApiName.startsWith(appNameSpace)){ | |
| fieldApiName = appNameSpace+fieldApiName; | |
| } | |
| System.debug('Object::'+objectName+'& Field::'+fieldApiName); | |
| // Throw an error if the field is not readable | |
| if(!getFieldPerm(objectName,fieldApiName,perm)){ | |
| throw createCustomException(objAccessError+'Object: '+objectName+', Field: '+fieldApiName+'</br>'); | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global class PermCheckerClass { | |
| /* This method is to Get the Parent Object Api Name from field API Name */ | |
| public static string objectRefName(String objName, String fieldName){ | |
| String appNameSpace = FilogixWrapperBinding.getAppNameSpace(); | |
| String ObjectName=''; | |
| if(!String.isBlank(objName) && !String.isBlank(fieldName)){ | |
| // Identification of Object Either Standard or Custom for the perticular reference to be used in permission checker | |
| //objName = fieldIdentification(objName); | |
| // Identification of Object Either Standard or Custom for the perticular reference to be used in permission checker | |
| fieldName= fieldIdentification(fieldName); | |
| System.debug('Relationship Checker:: Parent Object::'+objName+'& Object Field::'+fieldName); | |
| // Getting the Parent Object Api Name | |
| Schema.DescribeFieldResult f = Schema.getGlobalDescribe().get(objName).getDescribe().fields.getMap().get(fieldName).getDescribe(); | |
| for(Schema.SObjectType reference : f.getReferenceTo()) { | |
| ObjectName = reference.getDescribe().getName(); | |
| } | |
| } | |
| return ObjectName; | |
| } | |
| /* Identification of Object Either Standard or Custom for the perticular reference to be used in permission checker */ | |
| public static string fieldIdentification(String fieldApiName){ | |
| String strToReturn=''; | |
| String appNameSpace = FilogixWrapperBinding.getAppNameSpace(); | |
| if(!String.isBlank(fieldApiName)){ | |
| strToReturn = fieldApiName; | |
| // Identification of Object Either Standard or Custom for the perticular reference to be used in permission checker | |
| if(!strToReturn.endsWith('Id') && !fieldApiName.endsWith('__c')){ | |
| if(strToReturn.endsWith('__r')){ | |
| strToReturn = strToReturn.replaceAll('__r','__c'); | |
| // Appending a NameSpace if it's a custom object. | |
| if(!strToReturn.startsWith(appNameSpace)){ | |
| strToReturn = appNameSpace+strToReturn; | |
| } | |
| } else { // Appending "ID" for all the standard fields. | |
| strToReturn = strToReturn+'Id'; | |
| } | |
| } else { | |
| return strToReturn; | |
| } | |
| } | |
| return strToReturn; | |
| } | |
| /* This method is to check all the Object and fields per object has the access | |
| Obj & FLS secuity checker */ | |
| public static void permChecker(String objName, string listofCommaSeperatedFields, String perm){ | |
| String appNameSpace = FilogixWrapperBinding.getAppNameSpace(); | |
| // Checking permission on Object | |
| if(!String.isBlank(objName) && !String.isBlank(perm)){ | |
| // Appending a NameSpace if it's a custom object. | |
| if(objName.endsWith('__c') && !objName.startsWith(appNameSpace)){ | |
| objName = appNameSpace+objName; | |
| } | |
| // Throw an error if Object is not readable | |
| if(!getObjectPerm(objName,'read')){ | |
| throw createCustomException(objAccessError+'Object: '+objName+'</br>'); | |
| } | |
| //Checking permissions on Fields | |
| if(!String.isBlank(listofCommaSeperatedFields)){ | |
| listofCommaSeperatedFields = listofCommaSeperatedFields.replaceAll('(\\s+)', ''); // Removing all the whitespaces | |
| List<String> lstFields = new List<string>(); | |
| // Checkking if String contains comma seperated fields | |
| if(listofCommaSeperatedFields.contains(',')){ | |
| lstFields = listofCommaSeperatedFields.split(','); //Converting String to list | |
| } else { // Means single field is provided. | |
| lstFields.add(listofCommaSeperatedFields); | |
| } | |
| system.debug('lstFields='+JSON.serialize(lstFields)); | |
| if(lstFields.size()>0 && lstFields!=null){ | |
| for(String fieldApiName : lstFields){ | |
| String objectName = objName; | |
| //Handling parent fields | |
| // Example: Account.Name being queried from ResidentialLoanApplication | |
| if(fieldApiName.contains('.')){ | |
| System.debug('Object::'+objectName+'& Field::'+fieldApiName); | |
| List<String> fieldApi = fieldApiName.split('\\.'); | |
| system.debug('fieldApi='+JSON.serialize(fieldApi)); | |
| // Example: Account.Name from ResidentialLoanApplication | |
| if(fieldApi.size()==2){ | |
| objectName = fieldApi[0]; | |
| fieldApiName = fieldApi[1]; | |
| permChecker(objName, fieldIdentification(fieldApi[0]), perm); //as permChecker('ResidentialLoanApplication','AccountId','read'); | |
| // continue as permChecker('Account','Name','read'); | |
| } | |
| // Example: LoanApplicant.Contact.FirstName from LoanApplicantEmployment | |
| if(fieldApi.size()==3){ | |
| objectName = fieldApi[0]; | |
| fieldApiName = fieldIdentification(fieldApi[1]); | |
| // Checking Permission for Grand Parent Object and it's fields. | |
| // Re-calling the same method, | |
| permChecker(fieldApi[0], fieldApi[1]+'.'+fieldApi[2], perm); //as permChecker('LoanApplicant','Contact.FirstName','read'); | |
| permChecker(objName, objectName+'.'+fieldApiName, perm); //as permChecker('LoanApplicantEmployment','LoanApplicant.Contact','read'); | |
| // continue as permChecker('LoanApplicantEmployment','LoanApplicant','read'); | |
| } | |
| System.debug('Parent Object::'+objName+'& Object Field::'+objectName); | |
| // Getting the Parent Object Api Name before passing it to permission checker | |
| objectName = objectRefName(objName,objectName); | |
| } | |
| // // Replacing custom object's relationship field with appropriate syntax | |
| // Appending a NameSpace if it's a custom object. | |
| if(objectName.endsWith('__c') && !objectName.startsWith(appNameSpace)){ | |
| objectName = appNameSpace+objectName; | |
| } | |
| // Appending a NameSpace if it's a custom field. | |
| if(fieldApiName.endsWith('__c') && !fieldApiName.startsWith(appNameSpace)){ | |
| fieldApiName = appNameSpace+fieldApiName; | |
| } | |
| System.debug('Object::'+objectName+'& Field::'+fieldApiName); | |
| // Throw an error if the field is not readable | |
| if(!getFieldPerm(objectName,fieldApiName,perm)){ | |
| throw createCustomException(objAccessError+'Object: '+objectName+', Field: '+fieldApiName+'</br>'); | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| // This method will return object's permission wrt the action. | |
| // Example: Boolean isCreationAllowed_Account = getObjectPerm('Account','create'); | |
| // Returns Boolean | |
| // 1st Param - sObject API Name | |
| // 2nd Param - create, update, delete, read | |
| public static boolean getObjectPerm(String objName, string perm){ | |
| if(!String.isBlank(perm) && !String.isBlank(objName)){ | |
| try{ | |
| Schema.DescribeSObjectResult objDesc = Schema.getGlobalDescribe().get(objName).getDescribe(); | |
| if(perm=='create') { | |
| return objDesc.isCreateable(); | |
| } else if(perm=='update') { | |
| return objDesc.isUpdateable(); | |
| } else if(perm=='delete') { | |
| return objDesc.isDeletable(); | |
| } else if(perm=='read') { | |
| return objDesc.isAccessible(); | |
| } | |
| } catch(Exception e){ | |
| String error = ''+String.valueof(e.getMessage()); | |
| System.debug('The following exception has occurred: ' + error); | |
| throw createCustomException(String.valueof(error)); | |
| } | |
| } | |
| return false; | |
| } | |
| // This method will return object's permission wrt the action. | |
| // Example: Boolean isCreationAllowed_Account_Name = getFieldPerm('Account','Name','create'); | |
| // Returns Boolean | |
| // 1st Param - sObject API Name | |
| // 2nd Param - sObject's Field Api Name | |
| // 3rd Param - create, update, delete, read | |
| public static boolean getFieldPerm(String objName, String fieldName, string perm){ | |
| if(!String.isBlank(perm) && !String.isBlank(objName) && !String.isBlank(fieldName)){ | |
| try{ | |
| Schema.DescribeFieldResult fieldDesc = Schema.getGlobalDescribe().get(objName).getDescribe().fields.getMap().get(fieldName).getDescribe(); | |
| if(perm=='create') { | |
| return fieldDesc.isCreateable(); | |
| } else if(perm=='update') { | |
| return fieldDesc.isUpdateable(); | |
| } else if(perm=='read') { | |
| return fieldDesc.isAccessible(); | |
| }else if(perm=='null') { | |
| return fieldDesc.isNillable(); | |
| } | |
| } catch(Exception e){ | |
| String error = ''+String.valueof(e.getMessage()); | |
| System.debug('The following exception has occurred: ' + error); | |
| throw createCustomException(String.valueof(error)); | |
| } | |
| } | |
| return false; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment