FAQ-001015 - Flow Security and System Mode / CRUD and FLS Compliance

To ensure CRUD/FLS compliance in Flows and related Apex code in Salesforce, follow these best practices: 1. **CRUD/FLS Checks in Apex Code**: - Use `WITH USER_MODE` in SOQL queries to automatically enforce CRUD/FLS checks for all fields and objects referenced in the query. - For legacy approaches, use `WITH SECURITY_ENFORCED` in SOQL queries to enforce CRUD/FLS checks for fields in the `SELECT` and `FROM` clauses. For fields in `WHERE` or `ORDER BY` clauses, perform manual checks using methods like `isAccessible()`. - Use `AccessLevel.USER_MODE` for DML operations (like `Database.insert()`, `Database.update()`) to automatically enforce CRUD/FLS checks. - For legacy approaches, explicitly check CRUD/FLS before DML operations, e.g., `Schema.sObjectType.Account.fields.FieldName.isAccessible()`. 2. **CRUD/FLS in Flows**: - Run Flows in the user context to respect user permissions unless elevated permissions are necessary. - Add validation rules and error handling in Flows to prevent unauthorized access to objects or fields. 3. **Dynamic SOQL/SOSL Queries**: - Avoid raw string queries; use `sObjectType` or `sObjectFields` to dynamically build queries, ensuring proper permission checks and preventing SOQL injection. 4. **General Best Practices**: - Use tools like Salesforce Code Analyzer to detect CRUD/FLS violations. - Document exceptions to CRUD/FLS compliance (e.g., metadata fields) for AppExchange security review. These steps will help ensure your Flows and Apex code comply with Salesforce's CRUD/FLS requirements.

The main update prioritizes modern security enforcement methods (`WITH USER_MODE` and `AccessLevel.USER_MODE`) over legacy approaches while maintaining all existing content. This follows the security approaches guidelines which state to 'prioritize modern features over legacy approaches' and 'lead with WITH USER_MODE for SOQL queries and AccessLevel.USER_MODE for Database methods.' The legacy approaches are preserved but repositioned as alternatives, making it clear that both are valid security methods. For security rules selected: - ApexCRUDViolation: Directly relates to the FAQ's core topic of ensuring CRUD/FLS compliance in Apex code, specifically the sections about checking field accessibility and DML operations - ApexSOQLInjection: Relates to the FAQ's section on 'Dynamic SOQL/SOSL Queries' which discusses avoiding raw string queries and preventing SOQL injection - AvoidSecurityEnforcedOldApiVersion: Connects to the FAQ's mention of `WITH SECURITY_ENFORCED` and the need to use current security practices - PreventPassingUserDataIntoElementWithoutSharing: Relates to the FAQ's 'CRUD/FLS in Flows' section about running flows in user context and respecting user permissions - PreventPassingUserDataIntoElementWithSharing: Also relates to the Flow security section, covering scenarios where data is passed into flow elements with different sharing contexts