All Ideas

Idea Details

Post an Idea
3,290  Points
Product Team Review
Idea is being reviewed by Salesforce. We'll post an update in 2-4 months.

Native Apex support for Custom Permissions


Custom Permissions provide an excellent means to describe process or task based permissoins in our applications / packages. These can be assigned to Profiles or Permission Sets. An excellent feature! 

As a Visualforce developer its really easy to check if a user has a given Custom Permission via $Permission, however as a Apex developer this requires at least two SOQL queries. Much like how Custom Labels are available to both Visualforce ($Label) and Apex (System.Labels), this idea to suggest that Apex exposes Custom Permissions as a native entity within Apex to avoid impacting the SOQL query governor.

Apex: (idea being requested here) 

if(System.Permission.canSeeExecutiveData) {
Apex: (already available approach via SOQL, snippet from helper class described here)
List<CustomPermission> customPermissions =
    [SELECT Id, DeveloperName
       FROM CustomPermission
       WHERE NamespacePrefix = :namespacePrefix];
List<SetupEntityAccess> setupEntities =
    [SELECT SetupEntityId
       FROM SetupEntityAccess
       WHERE SetupEntityId in :customPermissionNamesById.keySet() AND
             ParentId IN (SELECT PermissionSetId
                FROM PermissionSetAssignment
                WHERE AssigneeId = :UserInfo.getUserId())];
Visualforce: (already available, shown for reference here)
<apex:pageBlock rendered="{!$Permission.canSeeExecutiveData}">

Merge Idea · Flag

Latest Comment from Salesforce

  • Belinda Wong - 3 years ago

    We definitely agree with the value of this idea and are considering options.  Because the existing $Permission framework is optimized for a single user context, the biggest challenge with extending it to Apex is ensuring we handle the performance concerns with bulk use cases.
  • Upvotes
  • Downvotes



from AppExchange


Help us to keep IdeaExchange clean by pointing out overlapping ideas. We'll investigate your suggestion and merge the ideas if it makes sense.



Thanks for your merge suggestion. We will review it shortly and merge the ideas if applicable.

Salesforce takes abuse situations very seriously. Examples of abuse include but are not limited to posting of offensive language or fraudulent statements. To help us process your request as quickly as possible, please fill out the form below describing the situation. For privacy and security reasons, the final outcome of an abuse case may not be revealed to the person who reported it.


Thank you for your feedback. We take abuse seriously and will investigate this issue and take appropriate action.