Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

user mode and API Update #124

Merged
merged 2 commits into from
Jul 1, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 19 additions & 2 deletions force-app/main/default/classes/SOQL.cls
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ public virtual inherited sharing class SOQL implements Queryable {
Queryable forUpdate();
Queryable allRows();
// FIELD-LEVEL SECURITY
Queryable userMode();
Queryable systemMode();
Queryable stripInaccessible();
Queryable stripInaccessible(AccessType accessType);
Expand Down Expand Up @@ -661,6 +662,11 @@ public virtual inherited sharing class SOQL implements Queryable {
return this;
}

public SOQL userMode() {
executor.userMode();
return this;
}

public SOQL systemMode() {
executor.systemMode();
return this;
Expand Down Expand Up @@ -1808,8 +1814,8 @@ public virtual inherited sharing class SOQL implements Queryable {
}

private inherited sharing class Executor {
private AccessLevel accessMode = AccessLevel.USER_MODE; // The object permissions, field-level security, sharing rules are enforced.
private DatabaseQuery sharingExecutor = new InheritedSharing();
private DatabaseQuery sharingExecutor;
private AccessLevel accessMode;
private AccessType accessType;
private String mockId;
private String ofObject;
Expand All @@ -1818,6 +1824,13 @@ public virtual inherited sharing class SOQL implements Queryable {
public Executor(String ofObject, QueryBuilder builder) {
this.ofObject = ofObject;
this.builder = builder;

userMode();
inheritedSharing();
}

public void inheritedSharing() {
sharingExecutor = new InheritedSharing();
}

public void withSharing() {
Expand All @@ -1832,6 +1845,10 @@ public virtual inherited sharing class SOQL implements Queryable {
accessType = type;
}

public void userMode() { // The object permissions, field-level security, sharing rules are enforced.
accessMode = AccessLevel.USER_MODE;
}

public void systemMode() { // The object permissions, field-level permissions are ignored, sharing rules are controlled by the sharingMode.
accessMode = AccessLevel.SYSTEM_MODE;
}
Expand Down
2 changes: 1 addition & 1 deletion force-app/main/default/classes/SOQL.cls-meta.xml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
23 changes: 23 additions & 0 deletions force-app/main/default/classes/SOQL_Test.cls
Original file line number Diff line number Diff line change
Expand Up @@ -2223,6 +2223,29 @@ private class SOQL_Test {
}
}

@IsTest
static void userMode() {
// Setup
insert new Task(Subject = 'Test', Type = 'Other');

System.runAs(minimumAccessUser()) {
// Test
Exception queryException = null;

try {
Task task = (Task) SOQL.of(Task.SObjectType)
.with(Task.Type)
.userMode()
.toObject();
} catch(Exception e) {
queryException = e;
}

// Verify
Assert.isTrue(queryException.getMessage().contains('No such column \'Type\' on entity \'Task\'.'));
}
}

@IsTest
static void stripInaccessibleToObject() {
// Setup
Expand Down
2 changes: 1 addition & 1 deletion force-app/main/default/classes/SOQL_Test.cls-meta.xml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>60.0</apiVersion>
<apiVersion>61.0</apiVersion>
<status>Active</status>
</ApexClass>
23 changes: 23 additions & 0 deletions website/docs/api/soql.md
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,7 @@ The following are methods for `SOQL`.

[**FIELD-LEVEL SECURITY**](#field-level-security)

- [`userMode()`](#userMode)
- [`systemMode()`](#systemmode)
- [`stripInaccessible()`](#stripinaccessible)
- [`stripInaccessible(AccessType accessType)`](#stripinaccessible)
Expand Down Expand Up @@ -1682,6 +1683,28 @@ By default AccessLevel is set as `USER_MODE`.

More details you can find in [here](../advanced-usage/fls.md)

### userMode

By default, all queries are executed `WITH USER_MODE`. However, developers can override this. For more details, check [Field-Level Security](../advanced-usage/fls.md) and [Sharing Rules](../advanced-usage/sharing.md).

The `userMode` method can be useful to override the `systemMode()` provided by the selector.

> Execution mode in which the object permissions, field-level security, and sharing rules of the current user are enforced.

**Signature**

```apex
Queryable userMode()
```

**Example**

```apex
SOQL.of(Account.SObjectType)
.userMode()
.toList();
```

### systemMode

> Execution mode in which the the object and field-level permissions of the current user are ignored, and the record sharing rules are controlled by the class sharing keywords.
Expand Down
Loading