If I know the name of a certain profile, I would like to obtain CRUD permission settings for each object in the profile using Apex.
I see that there is an sObject called Profile, but this only reveals the boolean values of permissions such as Edit Case Comments, or Transfer Cases etc.
There is another sObject called ObjectPermissions which you can get this info from, but this is only for Permission Sets and not for Profiles.
I would like to determine whether a certain profile can read and edit Case records just as the ObjectPermissions sObject allows you to do for Permission Sets.
Is this possible?
Thanks
Attribution to: Joe
Possible Suggestion/Solution #1
Doing this is pretty much possible both in Apex and Visualforce code. The platform gives rich describe information and shorthands which check the current user's CRUD or FLS permissions.
Here are few code snippets
To know if few fields are accessible
<apex:outputText value="{!accountBillingAddress}" rendered="{!AND($ObjectType.Account.fields.BillingCity.Accessible, $ObjectType.Account.fields.BillingState.Accessible)}"/>
To check the same in Apex code
if (Schema.sObjectType.Account.fields.BillingCity.isAccessible()
&&
Schema.sObjectType.Account.fields.BillingState.isAccessible()
){ }
Similarly individual objects can be checked as well, for ex:
<apex:relatedList list="Contacts" rendered="{!$ObjectType.Case.accessible}"/>
This guide has lot of rich details about secure coding guidelines for further reading: http://wiki.developerforce.com/page/Secure_Coding_Guideline
Source : VF Dev guide (http://www.salesforce.com/us/developer/docs/pages/Content/pages_controller_std_checking_accessibility.htm) and Developer force WIKI
Attribution to: Abhinav Gupta
Possible Suggestion/Solution #2
Actually, the PermissionSet SObject has a field in it called IsOwnedByProfile. Take a look at this blog post by Adam Torman, http://blogs.developerforce.com/engineering/2012/06/using-soql-to-determine-your-users-permissions-2.html:
This field determines whether a permission set is a custom one or if it is parented by a profile. This is made possible because for every profile, there is one underlying permission set. That way, permissions layer equally across permission sets without having to treat a profile differently.
So, if you want to find the CRUD permissions of a profile you can do something like this:
SELECT Id, SObjectType, PermissionsRead, PermissionsCreate
FROM ObjectPermissions
WHERE parentid in (select id from permissionset where
PermissionSet.Profile.Name = 'System Administrator')
Attribution to: Daniel Hoechst
This content is remixed from stackoverflow or stackexchange. Please visit https://salesforce.stackexchange.com/questions/3800