Can anyone explain the difference between DescribeFieldResult isCreateable and isUpdateable methods? Seems to me that isCreateable should apply only to an object, not to a field, but the documentation says “Returns true if the field can be created by the current user”.
Is it useful only for fields like CreatedDate when Create Audit Fields is enabled, to signify that the field can take data when the record is created but it can’t be edited later?
Answer
The isAccessible, isCreateable, and isUpdateable properties on DescribeFieldResult actually incorporate both Object Security and Field Security information for the given Field and its Object. Essentially it’s a two-tier result — first the Object’s Security is considered, then additional Field properties are considered.
In general, if a User has Create and Edit rights on an Object, then all of its Createable fields will be Updateable as well as long as the running User has Field Level Security Edit rights to that field.
But this is not always true. The principal exception is for Master/Detail fields. Master/Detail fields will be Createable, but not Updateable, unless you have “Allow Reparenting” enabled on the Master/Detail field.
For instance, if a User can Create Cases, but not Edit them, then all Fields on Case will return false for isUpdateable, regardless of Field type or Field Level Security. Object security will trump.
Case.Subject.getDescribe().isAccessible() --> true
Case.Subject.getDescribe().isCreateable() --> true
Case.Subject.getDescribe().isUpdateable() --> false
If a User has both Create and Edit on the Case Status field, but can only View the field via Field Level Security, not Edit it, then both Createable and Updateable will be false:
Case.Status.getDescribe().isAccessible() --> true
Case.Status.getDescribe().isCreateable() --> false
Case.Status.getDescribe().isUpdateable() --> false
Now let’s take a custom field, say a Position__c reference field on a Job_Application__c record. If Position__c is Master/Detail with Allow Reparenting FALSE, and the user has read/edit rights via Field Level Security, then here’s what you’ll get
Job_Application__c.Position__c.getDescribe().isAccessible() --> true
Job_Application__c.Position__c.getDescribe().isCreateable() --> true
Job_Application__c.Position__c.getDescribe().isUpdateable() --> false
But if Position__c is Master/Detail with Allow Reparenting TRUE, and the user has read/edit rights via Field Level Security, then here’s what you’ll get
Job_Application__c.Position__c.getDescribe().isAccessible() --> true
Job_Application__c.Position__c.getDescribe().isCreateable() --> true
Job_Application__c.Position__c.getDescribe().isUpdateable() --> true
Attribution
Source : Link , Question Author : David Cheng , Answer Author : zachelrath