Apex Developer Guide

Apex Developer Guide
Getting Started with Apex
Writing Apex
Data Types and Variables
Control Flow Statements
Classes, Objects, and Interfaces
Working with Data in Apex
Working with sObjects
Data Manipulation Language
SOQL and SOSL Queries
SOQL For Loops
sObject Collections
Dynamic Apex
Apex Security and Sharing
Enforcing Sharing Rules
Enforcing Object and Field Permissions
Enforce User Mode for Database Operations (Beta)
Enforce Security With the stripInaccessible Method
Filter SOQL Queries Using WITH SECURITY_ENFORCED
Class Security
Understanding Apex Managed Sharing
Security Tips for Apex and Visualforce Development
Custom Settings
Running Apex
Debugging, Testing, and Deploying Apex
Apex Reference
Appendices
Glossary
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Enforce User Mode for Database Operations (Beta)

Database methods support an AccessLevel parameter that lets you run database operations in user mode instead of in the default system mode.

This feature is a Beta Service. Customer may opt to try such Beta Service in its sole discretion. Any use of the Beta Service is subject to the applicable Beta Services Terms provided at Agreements and Terms.

Salesforce doesn’t guarantee general availability of this feature within any particular time frame or at all, and we can discontinue it at any time. It’s offered as is and isn’t supported, and Salesforce has no liability for any harm or damage arising out of or in connection with it. You can provide feedback and suggestions for the feature in the Trailblazer Community.

Note

Apex code runs in system mode by default, which means that it runs with substantially elevated permissions over the user running the code. To enhance the security context of Apex, you can specify user mode access for database operations. Field-level security (FLS) and object permissions of the running user are respected in user mode, unlike in system mode. User mode always applies sharing rules; in system mode they’re controlled by class sharing keywords. See Using the with sharing, without sharing, and inherited sharing Keywords.

You can indicate the mode of the operation by using WITH USER_MODE or WITH SYSTEM_MODE in your SOQL query. This example specifies user mode. 
1List<Account> acc = [SELECT Id FROM Account WITH USER_MODE];
2
Database operations can specify user or system mode. This example inserts a new account in user mode.
1Account acc = new Account(Name='test');
2insert as user acc;
The new AccessLevel class represents the two modes in which Apex runs database operations. Use this new class to define the execution mode as user mode or system mode. An optional accessLevel parameter in Database and Search methods specifies whether the method runs in system mode (AccessLevel.SYSTEM_MODE) or user mode (AccessLevel.USER_MODE). Use these new overloaded methods to perform DML and query operations: