UseWithSharingOnDatabaseOperation (Generally Available)
The UseWithSharingOnDatabaseOperation rule identifies database operations in classes annotated as without sharing
. It also warns of database operations in classes that inherit with sharing implicitly instead of explicitly using inherited sharing
.
With Salesforce sharing rules, you can control who has access to which records, but it's your responsibility to ensure that your Apex code respects sharing rules by declaring classes with a sharing
model.
with sharing
causes database transactions in a class to respect sharing rules. It's the default recommendation.without sharing
causes database transactions in a class to ignore sharing rules. Use with caution.inherited sharing
causes database transactions in a class to inherit the sharing model of the class that called it. Use for classes that require flexibility.
To protect user data in Apex, use with sharing
or inherited sharing
whenever possible.
- Source
@AuraEnabled
-annotated methods.@InvocableMethod
-annotated methods.@NamespaceAccessible
-annotated methods.@RemoteAction
-annotated methods. Any method returning aPageReference
object.public
-scoped methods on Visualforce Controllers.global
-scoped methods on any class.Messaging.InboundEmailResult handleInboundEmail()
methods on implementations ofMessaging.InboundEmailHandler
. Any method targeted during invocation.- Sink
Any database operation.
- Sanitizer
Class-level with sharing or inherited sharing annotation.
Match any violation message that you receive with these cases to understand more about the violation.
Database operation must be executed from a class that enforces sharing rules.
The database operation occurs in a without sharing
context, either because it occurs in a class annotated without sharing
or because its class inherits sharing from a without sharing
class. To resolve this violation, add with sharing
or inherited sharing
to the class.
The database operation’s class implicitly inherits a sharing model from %s %s. Explicitly assign a sharing model instead.
This warning is thrown when a database operation occurs in a class that has no explicitly declared sharing model, so it implicitly inherits with sharing
from its calling class. Even though the operation is secure in this specific case, it isn’t secure by default. Explicitly assign this class a sharing model to make it secure by default.