To grant users access to an entity, associate the appropriate SetupEntityAccess record with a PermissionSet that’s assigned to a user.
Supported Calls
create(), delete(), describeSObjects(), query(), retrieve()
Usage
Because SetupEntityAccess is a child of
the PermissionSet object, the usage is similar to other PermissionSet child objects like FieldPermissions and ObjectPermissions.
For example, the following code returns all permission sets that grant access to any
setup entities for which access is
enabled:
SELECT Id, ParentId, Parent.Name, SetupEntityId
FROM SetupEntityAccess
The following code returns permission sets that grant access only to Apex
classes:
SELECT Id, ParentId, Parent.Name, SetupEntityId
FROM SetupEntityAccess
WHERE SetupEntityType='ApexClass'
The following code returns permission sets that grant access to any setup entities, and
are not owned by a
profile:
SELECT Id, ParentId, Parent.Name, SetupEntityId
FROM SetupEntityAccess
WHERE ParentId
IN (SELECT Id
FROM PermissionSet
WHERE isOwnedByProfile = false)
You may want to return only those permission sets that have access to a specific setup
entity. To do this, query the parent object. For example, this code returns all
permission sets that grant access to the
helloWorld Apex
class:
SELECT Id, Name,
(SELECT Id, Parent.Name, Parent.Profile.Name
FROM SetupEntityAccessItems)
FROM ApexClass
WHERE Name = 'helloWorld'
While it’s possible to return permission sets that have access to a
ConnectedApplication,
ServiceProvider, or
TabSet by
SetupEntityId, it’s not
possible to return permission sets that have access to these
SetupEntityType fields by any other AppMenuItem attribute, such as
Name or
Description. For
example, to find out if a user has access to the Recruiting app, you’d run two
queries. First, query to get the AppMenuItem
ID:
SELECT Id, Name, Label
FROM AppMenuItem
WHERE Name = 'Recruiting'
Let’s say the previous query returned the AppMenuItem ID 02uD0000000GIiMIAW. Using this ID, you can now run a query to find out if a user
has access to the Recruiting
app:
SELECT Id, SetupEntityId, SetupEntityType
FROM SetupEntityAccess
WHERE ParentId
IN
(SELECT PermissionSetId
FROM PermissionSetAssignment
WHERE AssigneeId = '005D0000001QOzF')
AND (SetupEntityId = '02uD0000000GIiMIAW')