APEX Sharing Violation – Security Review Error Solved

A

In the process of making a salesforce app live on appexchange, we need to get our package tested and passed from security review team. During such one process, my app got rejected due to APEX Sharing Violation error as reported by Checkmarx Report. It was termed as Apex Force com Serious Security Risk.

Description of Issue:
The Force.com platform makes extensive use of data sharing rules. Each object can have unique permissions for which
users and profiles can read, create, edit, and delete. These restrictions are enforced when using all standard
controllers. When using a custom Apex class, the built-in profile permissions and field-level security restrictions are
not respected during execution. The default behavior is that an apex class has the ability to read and update all data
with the organization. Because these rules are not enforced, developers who use Apex must take care that they do
not inadvertently expose sensitive data that would normally be hidden from users by profile-based.

Demonstrative Example:
For example, consider the following Apex pseudo-code:
public class customController {
public void read() {
Contact contact = [Select id from Contact where Name = :value];
}
}
In this case, all contact records will be searched, even if the user currently logged in would not normally have
permission to view these records.

Solution:
The solution is to use the qualifying keywords “with sharing” when declaring the class:
public with sharing class customController {
. . .
}
The “with sharing” keyword directs the platform to using the security sharing permissions of the user currently logged
in, rather than full access to everything.

More details can be found at http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_classes_keywords_sharing.htm

About the author

Nishant Bamb
By Nishant Bamb

Category