Building security into your ISV application is an essential part of providing trust to your customers. It’s so important that there is a security review process that every ISV application must pass to be listed on the AppExchange.
With the Spring ’20 release come two enhancements that drastically reduce the amount of code you have to write while reducing CPU time and heap size: WITH SECURITY_ENFORCED and Security.stripInaccessible().
WITH SECURITY_ENFORCED
The WITH SECURITY_ENFORCED clause enables field and object-level security checks directly in SOQL select queries in Apex Code, including subqueries and cross-object relationships. This is only needed for queries executed in Apex as Apex runs in system mode whereas queries executed via APIs enforce CRUD/FLS access.
The security is checked before the query execution. If any fields or objects referenced in the SOQL SELECT query using WITH SECURITY_ENFORCED are inaccessible to the user, a System.QueryException is thrown, and no data is returned. So you’ll still
Leave a Reply