Apex - Enforcing Sharing Rules
First thing first- How can we enforce sharing rules in Apex class?
Apex generally runs in system context; that is, the current user's permissions and field-level security aren’t taken into account during code execution. Sharing rules, however, are not always bypassed: the class must be declared with the without sharing keyword in order to ensure that sharing rules are not enforced.
Use with sharing keyword to enforce sharing rules of the current user(Doesn't includes the user's permissions and field-level security).
Some important notes✍-
1) Enforcing sharing rules by using the with sharing keyword doesn’t enforce the user's permissions and field-level security. This again, pertains to only respecting OWDs and Sharing Rules.
2) If a class is declared as "with sharing" then, the sharing settings apply to all code contained in the class, including initialization code, constructors and methods. However, Inner Classes DO NOT inherit sharing settings from the container class.
1) Enforcing sharing rules by using the with sharing keyword doesn’t enforce the user's permissions and field-level security. This again, pertains to only respecting OWDs and Sharing Rules.
2) If a class is declared as "with sharing" then, the sharing settings apply to all code contained in the class, including initialization code, constructors and methods. However, Inner Classes DO NOT inherit sharing settings from the container class.
3) If a class is not declared either with sharing or without sharing, then by default, such a class is executed without sharing mode (in system mode except in Execute Anonymous, or Chatter).
4) If class B extends class A, then all code in class B inherits the same sharing settings that class A has. However, class B's inner classes do not inherit class B's sharing settings.
5) If A with sharing class calls a without sharing class, then the called method(s) will be executed in the mode of the class in which they were defined, in this case, the called method(s) will execute in without sharing mode.
Let's deep dive into different scenarios using with sharing and without sharing keyword-
Say I have 3 classes-
- public with sharing class A {}
- public without sharing class B{}
- public class C{} // Class C is a non-specified-sharing class.
public with sharing class A {
//logic
}
//Class B's code now executes in class A's mode, i.e. in "with sharing" mode.
public without sharing class B extends A{
//logic
}
public with sharing class A {
methodA(){}
}
//methodA() will now be executed in class A's mode, i.e. in "with sharing" mode.
public without sharing class B{
A a=new A();
a.methodA();
}
public with sharing class A {
methodA(){}
}
//methodA will now be executed in class A's mode, i.e. in "with sharing" mode.
public class C{
A a=new A();
a.methodA();
}
public with sharing class A {
//logic
}
//Class C's code now executes in class A's mode, i.e. in "with sharing" mode.
public class C extends A{
//logic
}
public class C{
methodC(){}
}
//methodC will now be executed in class A's mode, i.e. in "with sharing" mode.
public with sharing class A {
C c=new C();
c.methodC();
}
public class C{
//logic
}
//Class A's code now executes in "with sharing" mode.
public with sharing class A extends C {
//logic
}
I hope this blog post helps you when facing a situation like this in your personal or work projects. If you have any questions or something to add to it, just leave a comment and I will be happy to reply.
Comments
Post a Comment