How to Use Custom Permissions in Salesforce Lightning Web Components

This article delves into the synergy of Lightning Web Components (LWC) and Custom Permissions in Salesforce — a dynamic duo empowering administrators and developers to fortify their applications with enhanced security measures.

Join us on a journey through the implementation of this security paradigm, as we explore the steps to construct a resilient permission-based architecture in Salesforce.

Business Use Case

Let's consider a business use case where you have a Salesforce application that includes a custom module for handling sensitive customer data. You want to restrict access to certain components or features within this module to only users who have specific permissions, such as a ViewSensitiveData custom permission.

Secure Access to Sensitive Customer Data

Scenario: You have a Lightning Web Component (LWC) called fsrk_SensitiveDataViewer that displays sensitive customer information. Only users with the FSRK_ViewSensitiveData custom permission should be allowed to access this component.

Here's how you can implement this in Salesforce:

Create a Custom Permission

In Salesforce Setup, navigate to Permission Sets and create a new permission set, e.g., FSRK_ViewSensitiveData.

In the permission set, add the FSRK_ViewSensitiveData custom permission.

Assign Custom Permission to Users

Assign the "SensitiveDataPermissionSet" permission set to users who should have access to the sensitive data.

Create a Lightning Web Component

Create a new Lightning Web Component named fsrk_SensitiveDataViewer.

<!-- FSRK Sensitive Data Viewer -->
<template>
    <lightning-card title="Sensitive Data Viewer" icon-name="standard:account">
        <div class="slds-m-around_medium">
            <template if:true={hasPermission}>
                <!-- Display sensitive data here -->
                <p>This is sensitive customer data.</p>
            </template>
            <template if:false={hasPermission}>
                <!-- Display access denied message -->
                <p>You do not have permission to view sensitive data.</p>
            </template>
        </div>
    </lightning-card>
</template>
import {LightningElement, wire} from 'lwc';
import hasPermission from '@salesforce/customPermission/FSRK_ViewSensitiveData';

export default class FSRK_SensitiveDataViewer extends LightningElement {
    @wire(hasPermission)
    hasPermission;

    // You can add additional logic or methods as needed
}

Deploy the fsrk_SensitiveDataViewer Lightning Web Component to the necessary Salesforce environments.

Conclusion

Now, when a user accesses the SensitiveDataViewer component, the LWC will check if the user has the ViewSensitiveData custom permission. If the user has permission, they will see the sensitive data; otherwise, they will see an access denied message.

This approach ensures that only users with the specified custom permission can access the sensitive customer data, providing a secure and controlled environment for managing sensitive information.