Close Menu
    Trending
    Subscribe
    Sunday, June 29

    Secure Apex Code with User Mode Operation

    Dhanik Lal SahniBy Updated:No Comments5 Mins Read
    Secure User Mode in Apex

    Apex code executes by default in system mode which means it will ignore the current user’s permission while code execution. This way, even if the running user does not have access to an object but they will able to access the object. This can be a security risk for database records if the application is not built properly. Someone might delete records even if he/she doesn’t have delete access to the object. This post will explain user mode access level permission which will secure Apex code with user mode operation.

    Before we understand the new user mode of operation let us see what is the benefit of running apex code in user mode. In user mode, Profile level permissions, field-level security, and sharing rules are applied for the running user. So if we run apex code in user mode then it will respect users’ permissions and sharing of records. For example, if the logged-in user does not have access to an object or a record, then they will not be able to access that object. They will get exceptions while executing code.

    System Operation and Execution Mode

    A lot of operations run in system mode and a lot in user mode. Here is a list of operations with their execution mode.

    System ModeUser Mode
    Apex Class and TriggerAnonymous Apex
    Apex WebservicesChatter in Apex
    Validation Rule, Auto Response Rule, Assignment Rule, Workflow Rule, Escalation Rule, Rollup SummaryEmail Service
    Approval Process, Publisher ActionStandard Controller
    Test method without System.runAs() Test method with System.runAs()
    Background or Async Jobs
    Flow called from Process Builder, Workflow, Custom Button, REST APIFlow

    Secure Code Options

    I have observed in the last few releases, Salesforce is more focused on secure code and added many secure code execution features. Let us see all available secure code features/methods

    1. Schema Methods

    We can use Schema.DescribeFieldResult to check whether the current user has read, create, or update access for a field.

    For example, if we want to check that logged user has read access on the PersonEmail field of the Account Object, we can enclose the SOQL query inside an if block that checks for field access using the Schema methods described above.

    2. WITH SECURITY_ENFORCED

    WITH SECURITY_ENFORCED clause can be used in SOQL queries to enforce field and object level security permissions.

    Field-level permissions are checked for all the fields that are retrieved in the SELECT clause(s) of the query. Since this clause only works inside a SOQL query, it’s only useful when we want to check for read access on a field.

    The above query will return the Id, Email, and Name of Accounts, and the LastName of the related contacts, only if the user has read access to all of these three fields. If the user doesn’t have access to at least one of these fields, the query throws a System.QueryException exception and no results are returned.

    3. stripInaccessible

    stripInaccessible method will enforce field and object level security in Apex. This method will strip fields from sObject list for which the current user does not have permission.

    New Secure User Mode Operation:

    4. User Mode Operation in SOQL

    With the new User Mode database operation, we can now specify user mode in SOQL query. if the user does not have CRUD access to the object then it will throw an error.

    Let us take we have vendor object and there is no CRUD access to the user. When we run the below SOQL without user mode, it will execute without any error.

    When we execute the same SOQL with the User Mode operation, it will throw an error.

    We will get QueryException 

    System.QueryException: sObject type 'Vendor__c' is not supported. If you are attempting to use a custom object, be sure to append the '__c' after the entity name. Please reference your WSDL or the describe call for the appropriate names.

    How to use User Mode Operation in Static Query:

    How to use User Mode Operation in Dynamic Query:

    Search Query

    Benefit Of User Mode Operation:

    Now users will have restricted access and without CRUD permission they can not do any operation. This will help the loss of data. It will also help in reducing incorrect data as the user was saving with elevated permission.

    Summary:

    Salesforce provided different ways to secure your code, and fully utilized these code practices to make your Salesforce Org secure.

    1. Schema Methods – This will identify a field that has CRUD access to the user.
    2. WITH SECURITY_ENFORCED – SOQL queries to enforce field and object level security permissions. Can be used in SOQL only.
    3. StripInAccessible –  method will enforce field and object-level security in Apex. This will strip fields to which the user does not have access.
    4. User Mode – This will help us in running queries with current user permission.

    References:

     Enforce Object-level and Field-level permissions in Apex

    Secure Apex Code with User Mode Database Operations (Generally Available)

    Related Posts

    Top 5 Session Security for LWC

    Basics of Securing Salesforce Application

    Share.

    With over 18 years of experience in web-based application development, I specialize in Salesforce technology and its ecosystem. My journey has equipped me with expertise in a diverse range of technologies including .NET, .NET Core, MS Dynamics CRM, Azure, Oracle, and SQL Server. I am dedicated to staying at the forefront of technological advancements and continuously researching new developments in the Salesforce realm. My focus remains on leveraging technology to create innovative solutions that drive business success.

    Related Posts

    Add A Comment
    Leave A Reply