ship
SalesForce Simplified

Your Go-To Resource for Streamlined Solutions and Expert Guidance

mountains
Empower Your Business
Dive deep into the world of CRM excellence, where innovation meets practicality, and transform your Salesforce experience with Forceshark's comprehensive resources

How to Use Custom Permissions in Salesforce Lightning Web Components

This article delves into the synergy of Lightning Web Components (LWC) and Custom Permissions in Salesforce—a dynamic duo empowering administrators and developers to fortify their applications with enhanced security measures.

Join us on a journey through the implementation of this security paradigm, as we explore the steps to construct a resilient permission-based architecture in Salesforce.

Business Use Case

let's consider a business use case where you have a Salesforce application that includes a custom module for handling sensitive customer data. You want to restrict access to certain components or features within this module to only users who have specific permissions, such as a "ViewSensitiveData" custom permission.

Secure Access to Sensitive Customer Data

Scenario: You have a Lightning Web Component (LWC) called "fsrk_SensitiveDataViewer" that displays sensitive customer information. Only users with the "FSRK_ViewSensitiveData" custom permission should be allowed to access this component.

Here's how you can implement this in Salesforce:

Create a Custom Permission

In Salesforce Setup, navigate to "Permission Sets" and create a new permission set, e.g., "FSRK_ViewSensitiveData."

In the permission set, add the "FSRK_ViewSensitiveData" custom permission.

Assign Custom Permission to Users

Assign the "SensitiveDataPermissionSet" permission set to users who should have access to the sensitive data.

Create a Lightning Web Component

Create a new Lightning Web Component named "fsrk_SensitiveDataViewer".

fsrk_SensitiveDataViewer.html:

<!-- FSRK Sensitive Data Viewer -->
<template>
    <lightning-card title="Sensitive Data Viewer" icon-name="standard:account">
        <div class="slds-m-around_medium">
            <template if:true={hasPermission}>
                <!-- Display sensitive data here -->
                <p>This is sensitive customer data.</p>
            </template>
            <template if:false={hasPermission}>
                <!-- Display access denied message -->
                <p>You do not have permission to view sensitive data.</p>
            </template>
        </div>
    </lightning-card>
</template>

fsrk_SensitiveDataViewer.js:

import {LightningElement, wire} from 'lwc';
import hasPermission from '@salesforce/customPermission/FSRK_ViewSensitiveData';

export default class FSRK_SensitiveDataViewer extends LightningElement {
    @wire(hasPermission)
    hasPermission;

    // You can add additional logic or methods as needed
}

Deploy the "fsrk_SensitiveDataViewer" Lightning Web Component to the necessary Salesforce environments.

Conclusion

Now, when a user accesses the "SensitiveDataViewer" component, the LWC will check if the user has the "ViewSensitiveData" custom permission. If the user has permission, they will see the sensitive data; otherwise, they will see an access denied message.

This approach ensures that only users with the specified custom permission can access the sensitive customer data, providing a secure and controlled environment for managing sensitive information.