Find Object and Field Permissions Through apex

                        Enforcing Object and Field Permissions

Schema.DescribeSObjectResult to verify whether the current user has read, create, or update access to an sObject, respectively. Similarly, Schema.DescribeFieldResult exposes these access control methods that you can call to check the current user's read, create, or update access for a field. In addition, you can call the isDeletable method provided by Schema.DescribeSObjectResult to check if the current user has permission to delete a specific sObject..

For example: you can call the isAccessible, isCreateable, or isUpdateable methods..

These are some examples of how to call the access control methods.

To check the field-level update permission of the contact's email field before updating it:

if (Schema.sObjectType.Contact.fields.Email.isUpdateable()) {

// Update contact phone number

    contact c = [select name,phone from contact limit 1];

    system.debug('before update pno' +c.phone );

    c.phone = '9393934143';

    update c;

    system.debug('update phone no' +c.phone);

}

 //To check the field-level create permission of the contact's email field before creating a new contact:

if (Schema.sObjectType.Contact.fields.Email.isCreateable()) {

// Create new contact

    contact cc = new contact(lastname = 'mathaji',phone = '7878787878');

    insert cc;

    contact co = [select name from contact where name = 'mathaji' limit 1];

    system.debug('new contact name ' +co.name);

   

}

//To check the field-level read permission of the contact's email field before querying for this field:

if (Schema.sObjectType.Contact.fields.Email.isAccessible()) {

Contact ccc = [SELECT Email FROM Contact limit 1];

    system.debug('email is accessible' +ccc.email);

}//To check the object-level permission for the contact before deleting the contact.

if (Schema.sObjectType.Contact.isDeletable()) {

// Delete contact

    delete[select name from contact limit 1];

}

Class Security:

1. From Setup, click Develop > Apex Classes.

2. Next to the name of the class that you want to restrict, click Security.

3. Select the profiles that you want to enable from the Available Profiles list and click Add, or select the profiles   that you want to disable from the Enabled Profiles list and click Remove.

4. Click Save.

To set Apex class security from a permission set:

1. From Setup, click Manage Users > Permission Sets.

2. Select a permission set.

3. Click Apex Class Access.

4. Click Edit.

5. Select the Apex classes that you want to enable from the Available Apex Classes list and click Add, or select the Apex

classes that you want to disable from the Enabled Apex Classes list and click Remove.

6. Click Save.

To set Apex class security from a profile:

1. From Setup, click Manage Users > Profiles.

2. Select a profile.

3. In the Apex Class Access page or related list, click Edit.

4. Select the Apex classes that you want to enable from the Available Apex Classes list and click Add, or select the Apex

classes that you want to disable from the Enabled Apex Classes list and click Remove.

5. Click Save.