I'm building Visualfroce for updating Custom Metadata.
When User without required permissions tries to update them he gets
I tried checking MetadataType__mdt.getSObjectType().getDescribe().isUpdatable()
, but it returns false even for System Admin.
I know that I can query Profile and all associated Permission Sets to check if User has CustomizeApplication
System Permission, but maybe there is a better way.
Please share your insights if you know of any other way to check it in Apex.
UPDATE:
I've already implemented functionality for updating Custom Metadata using Metadata API.
This error is thrown by Visualforce if the page has and User doesn't have permission necessary to update Custom Metadata.
Best Answer
Custom Metadata Type records cannot be updated via direct DML like
by anyone, including system administrators, because that's not supported in Apex at all.
To modify Custom Metadata in Apex, you must use the Apex Metadata API to perform an asynchronous deploy operation.
The Apex Metadata API essentially passes security through to the underlying Metadata API:
which requires the Modify All Data and API Enabled permissions, or the beta Modify Metadata permission.
I'd suggest taking two tacks here: