Get Hands-on With Field- and Object-Level Security and Safe Navigation Operator

Hands-on challenge solution for Platform Developer I Certification Maintenance (Winter ‘21)


@RestResource(urlMapping='/apexSecurityRest')
global with sharing class ApexSecurityRest {
    @HttpGet
    global static Contact doGet() {
        Id recordId = RestContext.request.params.get('id');
        Contact result;
        if (recordId == null) {
            throw new FunctionalException('Id parameter is required');
        }
        //Refactored
        
        List<Contact> results = [SELECT id, Name, Title, Top_Secret__c, Account.Name FROM Contact WHERE Id = :recordId];
        SObjectAccessDecision securityDecision = Security.stripInaccessible(AccessType.READABLE, results);
        if(!results.isEmpty()){
            result = (Contact)securityDecision?.getRecords()[0];
        	result.Description = result?.Account?.Name;
        }else{
            throw new SecurityException('You don\'t have access to all contact fields required to use this API');
        }
        
        return result;
    }
    public class FunctionalException extends Exception{}
    public class SecurityException extends Exception{}
}

Note: Use the code snippet only for reference. Do not copy and paste it just for an example for complete challenges. 

Location: Samastipur, Bihar 848101, India

Comments

  1. SangeethaDecember 4, 2021 at 12:46 AM

    @RestResource(urlMapping='/apexSecurityRest')
    global with sharing class ApexSecurityRest {
    @HttpGet
    global static Contact doGet() {
    Id recordId = RestContext.request.params?.get('id');
    Contact result;

    List results = [SELECT id, Name, Title, Top_Secret__c, Account.Name FROM Contact WHERE Id = : recordId];
    SObjectAccessDecision securityDecision = Security.stripInaccessible(AccessType.READABLE, results);
    if (!results.isEmpty()) {
    result = results[0];
    result.Description = result?.Account?.Name;

    }

    return result;
    }
    public class FunctionalException extends Exception{}
    public class SecurityException extends Exception{}
    }

    ReplyDelete

Post a Comment

Popular posts from this blog

Adding a red asterisk to required fields using label in LWC

Image
I am trying to add a double or single asterisk to lightning: input tags in LWC, by using "required" tag inside the tag I am able to see the asterisk, but two issues with this are I have to show a red asterisk to some conditionally mandatory issues. Solution -  You can use  label-hidden  variant and put a label. <template> <label>Middle Name</label> <abbr title="required" class="slds-required">**</abbr> <lightning-input label="Middle Name" variant="label-hidden" aria-required="true" maxlength="80"></lightning-input> </template>
Read more

The Developer Console didn't set the DEVELOPER_LOG trace flag on your user. Having an active trace flag triggers debug logging. You have 1,978 MB of the maximum 1,000 MB of debug logs. Before you can edit trace flags, delete some debug logs.

1. In developer console, Select tab "Query Editor" at the bottom of the console. 2. Select check box "Use Tooling API". 3. Execute the below query: SELECT Id FROM ApexLog   4. Select All Rows. Click the first row and then press Shift button and click last row to select all the rows. Delete all rows using Delete button. https://help.salesforce.com/articleView?id=code_debug_log_delete.htm&type=5
Read more

Salesforce: Serial and Parallel Approval

Image
Approval process has been introduced in Salesforce platform sometimes back. But when someone ask you, if Salesforce support Parallel and Serial approval process? The answer is YES, although Salesforce do not implicitly said it is parallel or serial approval process. The good thing is, this functionality available out of the box. So you do not need to write any code. Just with point and click configuration, you can build this process within hours. Parallel Approval Parallel Approval means you are sending multiple approvals out in one step of the approval process. Any approver able to approve without need to wait for other approvers to approve. The approver can be specific  users ,  a queue  or  related user  in the record. How to configure this in Salesforce? When you reach Approval Steps -  Select Assigned Approver , choose  Automatically assign to approver(s) In sample above, when user submit for approval, it will go to a user 'Maria Ann' a...
Read more