I am checking for field accessibility of an User u whose Profile is p in apex Test class.To this profile field level security is set to Hidden for the field team_name__c.When I run as this user using runAs() method, and check the field accessibility as below, it returns false.
System.runAs(u){
system.debug('Accessible---> '+Schema.SObjectType.MyCustomObject__c.fields.team_Name__c.isAccessible());
//prints false
}
But according to the doc
The system method runAs enables you to write test methods that change
the user context to an existing user or a new user so that the user’s
record sharing is enforced. The runAs method doesn’t enforce user
permissions or field-level permissions, only record sharing.
Which means field should have been accessible to the User within runAs() method as it doesn't enforce field level permissions.Please correct me if my understanding is wrong.
Best Answer
Apex will not enforce CRUD and FLS no matter what you do -- but you can test for CRUD and FLS using the method you documented in your code sample.
You must write your own handling code to 'gracefully degrade' your app should the running user not have the appropriate (read, create, update, delete) on the object or field within the object.
I'm sure you've read these docs a dozen times, but I'm posting it here for completeness of the answer:
https://developer.salesforce.com/page/Testing_CRUD_and_FLS_Enforcement
https://developer.salesforce.com/page/Enforcing_CRUD_and_FLS