0

I was under the impression that if you declared your classes as:

global with sharing class HsignUtils {
...
}

Then any SOQL you ran in there would be automatically mindful of CRUD/FLS permissions. However I recently had a lot of lines flagged in a security review which indicate that those queries (some insert, some delete, some update, some select) are not properly respecting CRUD/FLS Enforcement.

What am I misunderstanding about 'global with sharing'? And is a there a single global way (maybe a line at the top of my class) I can do to check for these permissions?

As it stands I'm having to wrap each and every SOQL call in a check like this:

if (Schema.sObjectType.Contact.fields.Id.isAccessible() == true {
    objectNumContacts = (Integer)[select COUNT(Id) from Contact where AccountId=:originObjectIdString and Contact.Name!=Null and Contact.Email!=Null][0].get('expr0');
    }

Which is extremely time consuming. Is there a better way to do this?

user1813867
  • 673
  • 7
  • 21

2 Answers2

1

In system context (i.e. a trigger), object/fields access, sharing rules, etc... are ignored and your code will always run as system admin. This behavior is to ensure that code won't fail for hidden fields or objects for a user. So if you call your class HsignUtils from a trigger, with sharing is useless.

Is there a better way to do this ? I don't think so, I would say it depends on what you are trying to achieve and what you allow a end-user to create/update. Using isAccessible is a good way to go.

More info about with/without sharing here

brovasi
  • 5,655
  • 25
  • 41
  • But in my case, I'm not calling this from a trigger - I'm calling it from an Apex controller which is attached to a visualforce page. So shouldn't "with sharing" have the intended affect then? – user1813867 Aug 23 '16 at 23:26
  • How did you define your Apex Controller ? – brovasi Aug 23 '16 at 23:28
  • have a look at this post http://salesforce.stackexchange.com/questions/16121/sfdc-understanding-with-sharing-without-sharing-unspecified-sharing-classes – brovasi Aug 23 '16 at 23:35
1

According to Enforcing Sharing Rules Apex Developer Guide:

Enforcing sharing rules by using the with sharing keyword doesn’t enforce the user's permissions and field-level security. Apex code always has access to all fields and objects in an organization, ensuring that code won’t fail to run because of hidden fields or objects for a user.

o-lexi
  • 3,094
  • 14
  • 21
  • So does every SOQL query have to be wrapped with isAccessible() calls? Is there any better way to check at the top of every class or something like that? – user1813867 Aug 23 '16 at 23:40
  • Is it possible to perform this check at the very beginning of the file? Or does every SOQL query have to be explicitly wrapped? – user1813867 Aug 23 '16 at 23:49
  • Take a look at ESAPI library and you might implement it into your code. I'm personally haven't used it yet, but it's listed as recommended here – o-lexi Aug 24 '16 at 00:00
  • Ok. And do you know if I do a call like this: SELECT Id FROM Custom_object__c WHERE OwnerId=:UserId do I need to do a check FLS check on Id and OwnerId? – user1813867 Aug 24 '16 at 00:05
  • 1
    @user1813867 Yes. Every SOQL query needs to be wrapped this way. There is an idea on idea exchange to have these perms enforced automatically: https://success.salesforce.com/ideaView?id=08730000000Lj8GAAS – Robert Sussland Aug 24 '16 at 23:25