Reputation: 11
How to change the Read Access to the users on custom Visualforce page in Salesforce
The question is about the custom visualforce page in Salesforce. The page is created for getting contacts, opportunity, loans all are at a single dynamic link on the account named "Manage portal Access" Which comes under "Customer Portal Access" Tab like details and related list under "Account" Tab.The page was created to Manage the customer account, contacts and opportunities relationship. The page contains Email, Role, Last Login and a Toggle button as "Enabled".When this toggle button is enabled, those users have access to this portal relationship. It has respective apex class also.
The task here is, the toggle button can be enabled/disabled by some users, this want to be changed here by providing Read only access and assign two permission sets for edit access on this portal enable/disable.
" As a user I want Read Only Access to the portal tab. I want to be able to view all information on the tan and click through any dynamic links, but not be able to toggle the portal enable or un-portal enable any contacts. All Salesforce users should have a minimum of read only access to the Customer Portal Access Tab. The two permission below currently and should continue to provide edit access to the customer portal access section.
- Create Customer Portal User
- Document Manage Portal Admin "
- Whether there is any customization option like providing access to objects in Salesforce through (Layouts, Fields FLS, Validation Rule)?
Or
-This can be achieved only through code on Visual force page and it's respective apex class, if this is the case how can I do it, whether there is any certain command or method for providing access or through controller class?
Upvotes: 0
Views: 686
Answers (1)
Reputation: 19622
The "normal" object permissions (Create/Read/Update/Delete) and field level security (Read/Update) can be referenced in Visualforce. Something like this might be enough for you:
<apex:commandButton disabled="{!$ObjectType.Contact.fields.Role__c.updateable}">
Check the DescribeFieldResult in Apex reference. There's also something mentioned in VF developer guide but it's bit hidden and not as detailed: https://developer.salesforce.com/docs/atlas.en-us.234.0.pages.meta/pages/pages_variables_global_objecttype.htm
If you need more control than just whether field is editable or not - maybe look into Custom Permissions. They're your own checkboxes you add to Profile/Permission Set and you can check them in pure VF too, no apex required.
So... you decide. If most of the page is supposed to be identical, "just" about the button being enabled/disabled (or maybe even not rendered at all) - it's best to put the condition in the button. If it sounds like you need 2 different layouts - having 2 big blocks of code and one or another rendered might be cleaner to maintain and test.
P.S. Remember that good tester can activate the button using browser's developer tools. You should make similar "is field accessible / is custom permission assigned" check in Apex that runs on button click.
Upvotes: 0
Related Questions
- Wordpress, Restrict page & content access to logged in users with a specific role
- Drupal access control to custom user profile page
- How to create secured page that limits access to users with the correct permissions?
- customize drupal access denied page
- How to set viewing privileges to different users in joomla
- Restrict users to view a particular page in sharepoint
- setting page access permissions in drupal
- User access control for particular page?
- Restrict access to page for anonymous users in Drupal
- Drupal User Permissions, Only Allow Specific Users to Edit Specific Pages