ship
SalesForce Simplified

Your Go-To Resource for Streamlined Solutions and Expert Guidance

mountains
Empower Your Business
Dive deep into the world of CRM excellence, where innovation meets practicality, and transform your Salesforce experience with Forceshark's comprehensive resources

Determining Custom Permission in APEX

One key aspect of Salesforce development is managing permissions, and sometimes, the need arises for developers to work with custom permissions to control access to specific features or functionalities within their applications.

What are Custom Permissions?

Custom permissions in Salesforce are a way to grant or restrict access to certain features or functionalities within an application. They provide a granular level of control, allowing administrators and developers to define who can perform specific actions or access particular parts of an application.

Determining Custom Permissions in APEX

Before we explore how to add or remove custom permissions programmatically, it's important to understand how to check for the existence of a custom permission within APEX. This can be done using the FeatureManagement class, which provides methods for querying custom permissions.

Here's an example of how you can check if a custom permission exists:

Boolean hasCustomPermission = FeatureManagement.checkPermission('Your_Custom_Permission_Name');
if (hasCustomPermission) {
    // Custom permission is granted
    // Your logic here
} else {
    // Custom permission is not granted
    // Your alternative logic here
}

Replace 'Your_Custom_Permission_Name' with the actual name of your custom permission. This code snippet checks whether the specified custom permission is granted and executes the corresponding logic accordingly.

Adding Custom Permissions Programmatically

Adding Custom Permission to a Permission Set

Adding custom permissions programmatically involves creating a Permission Set and assigning the desired custom permissions to it. Here's a basic example:

// Creating a Permission Set
PermissionSet ps = new PermissionSet();
ps.Label = 'Your_Permission_Set_Label';
ps.Name = 'Your_Permission_Set_Name';
insert ps;
// Assigning custom permissions to a Permission Set using SetupEntityAccess.
CustomPermission cp = [SELECT Id FROM CustomPermission WHERE DeveloperName = 'Your_Custom_Permission' LIMIT 1];
insert new SetupEntityAccess(
    ParentId = ps.Id,
    SetupEntityId = cp.Id
);
// Assigning the Permission Set
PermissionSetAssignment psa = new PermissionSetAssignment();
psa.AssigneeId = 'User_or_Profile_Id';
psa.PermissionSetId = ps.Id;
insert psa;

Replace 'Your_Permission_Set_Label',  'Your_Permission_Set_Name', and ''Your_Custom_Permission'' with the desired label and name for your Permission Set and DeveloperName of Custom Permission. Also, replace 'User_or_Profile_Id' with the Salesforce User Id or Profile Id to whom you want to assign the custom permission.

Adding Custom Permission to a Profile

At the moment, Apex does not provide straightforward mechanisms for modifying profile configurations as a whole. In other words, there is no direct equivalent to inserting a SetupEntityAccess record (as is the case with Permission Set). Programmatically assigning a custom permission to a profile is still possible, but it requires the use of either the Tooling API or Metadata API. Exploring this topic in depth exceeds the scope of the current material. However, we plan to write a series of articles in the future that will delve into the intricacies of the Tooling API, providing a comprehensive understanding of its capabilities.

Removing Custom Permissions Programmatically

To remove custom permissions programmatically, you need to delete the SetupEntityAccess associated with the Permission Set and Custom Permission. Here's an example:

// Deleting a Permission Set
PermissionSet ps = [SELECT Id FROM PermissionSet WHERE Name = 'Your_Permission_Set_Name'];
CustomPermission cp = [SELECT Id FROM CustomPermission WHERE DeveloperName = 'Your_Custom_Permission'];
SetupEntityAccess sea = [SELECT Id FROM SetupEntityAccess WHERE ParentId = :ps.Id AND SetupEntityId = :cp.Id];
delete sea;

Replace 'Your_Permission_Set_Name' with the Permission Set Name and 'Your_Custom_Permission' with the DeveloperName of Custom Permission. Also, replace 'Your_Permission_Set_Name' with the name of the Permission Set containing the custom permission.

Conclusion

Custom permissions in APEX provide a powerful tool for managing access to specific features within Salesforce applications. Understanding how to determine, add, and remove custom permissions programmatically empowers developers to create more dynamic and customizable solutions. As you navigate the world of Salesforce development, incorporating these practices will contribute to building secure and tailored applications that meet the specific needs of your users.