Monday, December 25, 2017

Custom Permissions : Way to control user access to different functionality in Salesforce

Problem Statement

There is a very common scenario in which admin has to configure different validation rules, workflow rules which fires based on User Id or Profile Id.

Consider below mentioned scenarios:
  • Position (Custom Object) records can be closed by user belonging to specific profile.
  • You have created a VF page where you display specific section to users based on profile. 

In both scenarios, you have to check for profile Id in validation rule as well as in VF (to rendered specific section).

Now after some time if you have to enable the above mentioned functionality to new profile or to specific user then, you have to modify the validation rule as well as your VF page code.


You can use custom permission for these kind of scenarios.

Custom permission is just a record which can be referenced in validation rule, workflow rules, VF, Apex etc. You can assign custom permission to profile or permission set (similar way in which we assign VF page and Apex class).

Now you can check custom permission in validation rules and VF by using global $Permission variable.

Steps to use custom permission and use as per above scenario:
  • Create custom permission (Navigate to Set Up--> Develop--> Custom Permissions).
  • Create new custom permission.

  • Add custom permission to profile or permission set(navigate to Enable custom permission section).

  • Modify the validation rule to and VF to refer custom permission instead of profile id.

So custom permission help us to control different functionality in salesforce to different users. If you have to enable functionality for single user then add custom permission to permission set and then add that permission set to user.

Alternate Approach

All admins/developers were using custom setting to control functionality for different users but after launch of custom permission, jobs of developer or admin will be easy.

Custom Permission in Apex

You can use below static method to find out list of user who have permission for custom permission:

public static List<User> findUsersWithCustomPermission(String customPermissionname)
    List<user> userList = new List<User>();
Set<Id> permissionSetIds = new Set<Id>();
    for (SetupEntityAccess access : [ SELECT ParentId FROM SetupEntityAccess 
WHERE SetupEntityId IN ( SELECT Id FROM CustomPermission 
            WHERE DeveloperName = :name)]) {
userList = [SELECT Username FROM User 
WHERE Id IN (SELECT AssigneeId FROM PermissionSetAssignment
WHERE PermissionSetId IN :permissionSetIds)];
    return userList;

Hope this will help!!!


  1. You made some decent factors there. I looked on the internet for the difficulty and found most individuals will associate with along with your website.
    Logistic ERP
    Transport ERP
    Manufacturing ERP
    ERP software companies
    Best ERP software
    ERP for the manufacturing industry

  2. Great article. This information is impressive. I am inspired with your post. I hope you post again soon. Your post is very helpful for me.....

    Best Training Institute in chennai

  3. The Car featured content undergoes a thorough review process to ensure that it meets the highest standards in order to serve as the best car spare parts and fit the goals.

    Car Accessories in OMR

  4. Hi,
    Thanks for your Blogpost. However I'm a bit confused. In the beginning of the article you write custom permissions can be added to profiles or permission sets. In the end you show some coding that will list all users with a specific custom permission, but only if that permission is linked to a permission set. This code neglects the custom permissions linked directly to a profile and the users associated with it.
    Can you please clarify how to get these users as well?

  5. Amazing post.Thanks for your details and explanations..I want more information from your side.Thank you
    Education erp software in chennai

  6. Everything is good with Custom Permissions except the fact that SOQL that we use to check the permission access costs us and we cannot see all the permissions associated to profiles or permission sets in a single view with Standard functionality.


  7. Amazing Article ! I have bookmarked this article page as i received good information from this. All the best for the upcoming articles. I will be waiting for your new articles. Thank You ! Kindly Visit Us @ Coimbatore Travels | Ooty Travels | Coimbatore Airport Taxi | Coimbatore taxi

  8. This is an awesome post.Really very informative and creative contents. These concept is a good way to enhance the knowledge.I like it and help me to development very well.Thank you for this brief explanation and very nice information.Well, got a good knowledge.

    rpa training in bangalore | best rpa training in bangalore | rpa course in bangalore | rpa training institute in bangalore | rpa training in bangalore | rpa online training | rpa training in Chennai


  9. Hello! This is my first visit to your blog! We are a team of volunteers and starting a new initiative in a community in the same niche. Your blog provided us useful information to work on. You have done an outstanding job.
    AWS Training in Chennai | Amazon Web Services Training in Chennai
    AWS Training in Bangalore | Best AWS Training in Bangalore
    AWS Online Training and Certification | AWS Certification Course 2019

  10. I always enjoy reading quality articles by an individual who is obviously knowledgeable on their chosen subject. Ill be watching this post with much interest. Keep up the great work, I will be back
    online Python training
    python training in chennai

  11. Awesome article. It is so detailed and well formatted that i enjoyed reading it as well as get some new information too.
    Best Devops online Training
    Online DevOps Certification Course - Gangboard

  12. its a good post and keep posting good article.its very interesting to read.
    Data Science Course in Chennai | R Programming Training in Chennai | Python Training in Chennai

  13. Its a good post and keep posting good article.its very interesting to read.

    R Training in Chennai

  14. Wonderful blog & good post. Its really helpful for me, awaiting for more new post. Keep Blogging!

    Python Training in Chennai | Python Training Institute in Chennai

  15. Information from this blog is very useful for me, am very happy to read this blog Kindly visit us @ Luxury Watch Box | Shoe Box Manufacturer |  Candle Packaging Boxes