How do I handle CRUD/FLS requirements for objects that non-admin users need to access for application functionality?
Answer
To handle CRUD/FLS requirements for objects that non-admin users need to access for application functionality in Salesforce:
1. **Enforce CRUD/FLS Settings**: Ensure the solution respects the org's CRUD and FLS settings for both standard and custom objects.
2. **Grant Access with Permission Sets**: Use permission sets or custom permissions to provide non-admin users with the necessary access.
3. **Validate User Actions**: Check that only authorized roles or users can perform actions like locking or unlocking records.
4. **Perform Explicit Checks**: Use methods like `isAccessible()`, `isUpdateable()`, and `isCreateable()` to validate field and object access before performing DML operations.
5. **Document Exceptions**: If bypassing CRUD/FLS is necessary (e.g., for roll-up summaries or system metadata modifications), document these exceptions as part of your AppExchange security review submission.
6. **Use Development Tools**: Tools like Salesforce Code Analyzer or Checkmarx can help identify and address CRUD/FLS violations during development.
How do I handle CRUD/FLS requirements for objects that non-admin users need to access for application functionality?
Recommended Answer Update
To handle CRUD/FLS requirements for objects that non-admin users need to access for application functionality in Salesforce:
1. **Enforce CRUD/FLS Settings**: Ensure the solution respects the org's CRUD and FLS settings for both standard and custom objects.
2. **Grant Access with Permission Sets**: Use permission sets or custom permissions to provide non-admin users with the necessary access.
3. **Validate User Actions**: Check that only authorized roles or users can perform actions like locking or unlocking records.
4. **Perform Explicit Checks**: Use modern approaches like `WITH USER_MODE` for SOQL queries and `AccessLevel.USER_MODE` for Database methods to automatically enforce permissions. You can also use methods like `isAccessible()`, `isUpdateable()`, and `isCreateable()` to validate field and object access before performing DML operations.
5. **Document Exceptions**: If bypassing CRUD/FLS is necessary (e.g., for roll-up summaries or system metadata modifications), document these exceptions as part of your AppExchange security review submission.
6. **Use Development Tools**: Tools like Salesforce Code Analyzer or Checkmarx can help identify and address CRUD/FLS violations during development.
Reasoning
The main update prioritizes modern security enforcement approaches as specified in the security guidelines. Point 4 was updated to lead with `WITH USER_MODE` and `AccessLevel.USER_MODE` as the primary recommendation, while preserving the existing manual validation methods as alternative approaches. This aligns with the guideline to 'prioritize modern features over legacy approaches' while maintaining that 'old approaches remain valid and as secure.' No other content was outdated or problematic.
For ApexCRUDViolation: This rule directly relates to the FAQ's core topic of handling CRUD/FLS requirements. The FAQ discusses performing explicit checks and using development tools to identify CRUD/FLS violations, which is exactly what this rule detects - insufficient CRUD/FLS enforcement in Apex code.
For ApexSharingViolations: This rule is relevant because the FAQ addresses access control for non-admin users, and sharing violations are closely related to CRUD/FLS enforcement. The FAQ's discussion of validating user actions and ensuring proper access controls connects to sharing rule enforcement that this security rule monitors.