Closed cropredyHelix closed 3 years ago
Hi @cropredyHelix I think this issue was already discussed in this issue: https://github.com/apex-enterprise-patterns/fflib-apex-common/issues/233 And there is already an PR open with a fix: https://github.com/apex-enterprise-patterns/fflib-apex-common/pull/251
@wimvelzeboer - ah - so the fix is basically -- if there's no FLS to enforce, just bail out of the method right away. I should have thought of that as we don't enforce FLS in our enterprise org's selectors. Thanks !
hooray - V51.0 solves this @wimvelzeboer
VERSIONED BEHAVIOR CHANGE: From version 51.0 onwards, the getReferenceTo() method in the Schema.DescribeFieldResult class returns referenced objects that aren’t accessible to the context user. If the context user has access to an object’s field that references another object, irrespective of the context user’s access to the cross-referenced object, the DescribeFieldResult.getReferenceTo() method returns references. In version 50.0 and earlier, if the context user doesn’t have access to the cross-referenced object, the method returns an empty list.
Per the previous comment on this ticket, we believe this is likely fixed with Spring '21 and #317 -- please reopen the issue if you disagree
The relevant method where this fails is
getFieldPath(..)
shown below and line 111 is:The use case where this happens is
PermissionSetAssignment
Assignee.Profile.Name
and specifically the tokenProfileId
getReferenceTo()
returns an empty listAdmin
(most likely - does not possess View All Data)Analysis
fflib_SobjectDescribe.cls
is V50 as isfflib_QueryFactory
Admin
, the Describe returns a non-empty list forgetReferenceTo()
getReferenceTo()
returning an empty list and throw an exception with a clue to the developer as to the workaround