FAQ-001492 - Permission Set Security / Permission Validation and Querying

To properly check user permissions for setup and configuration objects, you can use `WITH USER_MODE` in SOQL queries or `AccessLevel.USER_MODE` with Database methods for automatic permission enforcement. For manual checks, use the `Schema.DescribeSObjectResult` class in Apex. Here's an example: ```apex Schema.DescribeSObjectResult objectDesc = Schema.getGlobalDescribe().get(objectType).getDescribe(); if (!objectDesc.isAccessible()) { throw new IllegalArgumentException('User does not have permission to read this object'); } ``` This approach ensures that the user has the necessary permissions before performing any operations on the object.

The FAQ provides accurate information about manual permission checking using Schema.DescribeSObjectResult, but according to the security approaches guidelines, it should prioritize modern features over legacy approaches. The current answer leads with the manual approach when it should lead with WITH USER_MODE for SOQL queries and AccessLevel.USER_MODE for Database methods. I preserved the existing manual approach explanation while adding the modern methods first, as instructed not to remove existing content but to prioritize modern approaches. I selected ApexCRUDViolation because this FAQ directly addresses checking user permissions for objects, which is exactly what the ApexCRUDViolation rule is designed to detect and prevent - it flags code that doesn't properly check CRUD permissions before performing operations on objects.