To ensure that the component works for both users without showing errors due to field-level security, the developer should handle field accessibility programmatically.
Option D: Use Security.stripInaccessible to remove fields inaccessible to the current user.
Correct Answer.
The Security.stripInaccessible method can be used in Apex to remove fields from SObjects that the current user doesn't have access to.
When data is fetched using SOQL, the method can be applied to ensure that inaccessible fields are not included, preventing any security exceptions when the component tries to display them.
This method enforces field-level security and prevents exposure of inaccessible data.
Usage:
// Apex Controller
public with sharing class SalesRecordsController {
@AuraEnabled(cacheable=true)
public static List<Sales_Record__c> getSalesRecords() {
List<Sales_Record__c> records = [SELECT Id, Name, Commission__c, Other_Field__c FROM Sales_Record__c]; return (List<Sales_Record__c>) Security.stripInaccessible(AccessType.READABLE, records);
}
}
WITH SECURITY_ENFORCED enforces field and object level security in SOQL queries.
If a field is not accessible to the user, the query will throw an exception, which may cause errors in the component.
It does not remove inaccessible fields; it enforces security by failing the query.
Option B: Use Lightning Locker Service to enforce sharing rules and field-level security.
Incorrect.
Lightning Locker Service provides security for components but does not enforce sharing rules or field-level security.
Option C: Use Lightning Data Service to get the collection of sales records.
Not Sufficient Alone.
Lightning Data Service respects field-level security but may still cause errors if the component tries to access fields the user cannot see.
Additional handling is needed to prevent errors.
Conclusion:
To ensure the component works for both users and respects field-level security without causing errors, the developer should use Security.stripInaccessible, which is Option D.
Reference:
stripInaccessible Method
Enforcing CRUD and FLS
Incorrect Options:
Option A: Use WITH SECURITY_ENFORCED in the SOQL that fetches the data for the component.
Not Sufficient Alone.