How do you Apex Unit Test Object(CRUD)/Field(FLS) Permissions in an Org Portable manner?

Specifically, how might one get an org portable Apex Unit Test User that DOES NOT have READ access to Accounts?

Creating a Test Permission Set that DOES NOT have READ access to ACCOUNTS and assigning it to a Test User is straight forward.

Keep in mind that Permission Sets are Additive. Therefore, we need a Profile that DOES NOT have READ access to Accounts to attach to our Test User.

It doesn’t seem to be possible to insert a new Test Profile via DML or update the Object(CRUD)/Field(FLS) of an existing Profile. Therefore, one must Test with an existing Standard Profile that is likely to be available in most, if not every, Org.

I cannot find any existing Standard Profile that DOES NOT have READ access to Accounts.


Unless you can create a special Profile, I don’t think this is possible. You might be able to use the metadata API to create a Profile that fits your qualifications, but that would need to be done outside of a test scenario, and sounds like it would violate your use case.

Source : Link , Question Author : mjgallag , Answer Author : Jeremy Nottingham

Leave a Comment