[SalesForce] How to test CRUD and FLS in unit tests

BACKGROUND

I am working on a managed package and it contains a custom object (X__c) with one custom field (X__c.Fld__c). In the controller I check if a user has Read access to both the object and field:

MyController.cls

public class MyController
{
  public MyController() {}

  public List<X__c> selectX()
  {
     if (X__c.SObjectType.getDescribe().isAccessible()) {
       if (X__c.Fld__c.getDescribe().isAccessible())
       {
         return [SELECT Id, Fld__c FROM X__c];
       }
     }

     return null;
  }
}

And the test class.

MyControllerTest.cls

public class MyControllerTest
{
    @isTest
    static void verifySelectX()
    {
        // Given
        X__c[] xRecords =
            (List<X__c>) TestFactory.create(new X__c(), 2);

        // When
        xRecords = new MyController().selectX();

        // Then
        System.assertNotEquals(null, xRecords);
        System.assertEquals(2, xRecords.size());
    }

    @isTest
    static void verifySelectXNoAccess()
    {
        // Given
        X__c[] xRecords =
            (List<X__c>) TestFactory.create(new X__c(), 2);

        // Create a user which will not have access to the test object type
        User testUser = createUser('Chatter External');
        if (testUser == null) {
            // Abort the test if unable to create a user with low enough acess
            return;
        }

        // When
        System.runAs(testUser)
        {
            xRecords = new MyController().selectX();

            // Then
            System.assertEquals(null, xRecords);
        }
    }
}

QUESTION

When I deploy the project metadata to our packaging org, it fails because the verifySelectX() test doesn't pass. It's due to the user (admin) who runs the test on deployment does not have access to the object and its fields yet. So can I make sure that the tests pass? I thought this is a common problem, but I couldn't find any info on it.

Best Answer

There are a few different ways to attack this problem, but the most common is to create a user with permissions, and then use System.runAs to execute your tests.

I normally grant permissions to my packages via permset and not profiles, so I create a user, give it a permission set that I created, and then run the tests. That way I don't depend on the admin user (or any installed org's profiles) for my tests to be successful and I only depend on things that are included in my package.

For example:

@IsTest
static void myTestPermSet() {
  User myUser = new User(<UserPropertiesGoHere>);
  insert u;

  PermissionSetAssignment psa = new PermissionSetAssignment (PermissionSetId = myPermissionSetId, AssigneeId = u.id);

  insert psa;    

  System.RunAs(u) {
    Test.startTest();

    <test your code here>

    Test.stopTest();

    <asserts go here>
  }
}

Related Solutions

[SalesForce] Unit Test is Providing 0% Coverage for Apex Trigger

The trigger code is having lot of redundancy, So I modified it. before posting the modified code few lines of explanation what I changed. you collected account Ids twice and did the condition check twice where once is more enough. I am also made changes to the test class, where Task data is provided which is not required because the trigger has to create it once the necessary conditions are met. I am expecting this trigger should work for you, if there is any errors feel free to post as a comment.

trigger OpportunityAfter on Opportunity (after update){

    Set AccountIDs = new Set();

    for(Opportunity o : trigger.new){
        if(opp.StageName == 'Closed - Lost' && opp.Business_Line__c == 'Workforce' && 
            opp.Survey_Type__c != 'APulse' && trigger.oldMap.get(opp.Id).StageName != opp.StageName){

                AccountIDs.add(o.AccountId);
         }
    }

    Task[] tasksToInsert = new Task[]{};

    for (Account acc : [Select Id, Name, OwnerId from Account where Id IN :AccountIds]){
        for (Opportunity opp : trigger.new){
            if(opp.AccountId == acc.Id){
                Task tas = new Task();
                tas.WhatId=acc.Id;
                tas.OwnerId=opp.OwnerId;
                tas.Subject='Follow-up: ' + opp.name + ' - ' + acc.name;
                tas.ActivityDate=(opp.CloseDate + 180);
                tas.Description='Follow up to see how engagement initiatives are going and if Avatar can help. Refer to lost opportunity: ' + opp.name;
                tasksToInsert.add(tas);                                                         
            }
        }
    }
    if(tasksToInsert != null && !tasksToInsert.isEmpty())
    Database.insert(tasksToInsert);

}

@isTest
public class TestClass {

    static testMethod void myUnitTest() {

    //Set up user
    User u1 = [SELECT Id FROM User WHERE Email='abc@sampleemail.com'];
    test.startTest();  
    //Run As U1
    System.RunAs(u1){

    System.debug('Testing trigger... (single record validation)');

    //NEW Account record
    Account acc = new account();
    acc.Name = 'Test Account';
    acc.Industry = 'Healthcare';

    insert acc;

    //NEW Opportunity record
    Opportunity opp = new Opportunity();
    opp.Name = 'Test Opportunity'; 
    opp.CloseDate = System.today();
    opp.StageName = 'S1 - Investigative';
    opp.Type = 'Repeat Business - Wrkforce HC';
    opp.AccountId = acc.Id;
    opp.Survey_Type__c = 'Product Name';

    insert opp;

    opp.StageName = 'Closed - Lost';
    opp.Reason_Won_Lost__c = 'Relationship';
    opp.Business_Line__c = 'Workforce'  //added this line to meet the if condition while collecting the set of id in the trigger.

    update opp;
   test.stopTest();
    // Here I am expecting the task has been inserted and doing a query for it         and check it in the assert statement.
   Task  testTask=[Select Id, WhatId from Task where WhatId=:acc.Id];
    //Validate single insert
    System.assertEquals(acc.Id, testTask.WhatId);

    }
    }
}

[SalesForce] “Required fields are missing: [ProfileId]: [ProfileId]” when running Apex Class Test for ChatterAnswersAuthProviderRegTest

You need to set a ProfileId on newUser. It is not clear what your reg.createUser method does, but the error message indicates you will need to set this reference explicitly.

Profile someProfile = [SELECT Id FROM Profile WHERE Name = 'Standard User' LIMIT 1];
newUser.profileId = someProfile.Id;
insert newUser;