Apex Security and Sharing Model
The Apex security model includes record-level, field-level, and object-level security
mechanisms. You can control record-level security modes by using the with sharing, without
sharing, and inherited sharing keywords on
classes. Apex runs in user mode by default, which means that user permissions on objects and
field-level security are respected. A user cannot run code that tries to access fields or
objects that are hidden from the user. Other security mechanisms include the Security.stripInaccessible() method, and Field and SObject
describe methods.
Versioned Behavior Changes
In API version 67.0 and later, you can’t use the WITH SECURITY_ENFORCED clause in SOQL SELECT queries in Apex code. Instead, use the WITH USER_MODE clause.
In API version 67.0 and later, Apex runs in user context by default, meaning that the current user’s permissions and field-level security (FLS) are enforced during code execution. In API version 66.0 and earlier, system mode is the default.
In API version 67.0 and later, classes without an explicit sharing declaration run in with sharing mode. In API version 66.0 and earlier, the sharing mode of classes without an explicit sharing declaration is determined according these factors.
- If the class is part of an inheritance chain, and any class in that chain is saved as API version 67.0 and later, the class runs in with sharing mode.
- If the class is an Aura controller or an @AuraEnabled method called from a Lightning web component, the class runs in with sharing mode.
- If the class isn’t an Apex entry point, its sharing mode is defined by the sharing mode of the calling class.
- Otherwise, the class runs in without sharing mode.