The best of TrailblazerDX 2022: Secure Apex code

The best of TrailblazerDX 2022: Secure Apex code

TrailblazerDX (formerly known as TrailheaDX) is an event aimed at Salesforce Developers, Architects, Admins and anyone involved within the Salesforce Ecosystem. Of course, we at CaseNine stay up to date with all Salesforce developments, with a particular emphasis on both technical developments and CPQ. In a number of articles, we will explain everything you need to know. Our topic this week will be Secure Apex Code.

During TrailblazerDX, attention was paid to Apex, among other things. For those who are not yet aware of this: Apex as a language makes it possible for developers to build the back-end on the Salesforce platform and work efficiently with the user data within the platform. If you want to delve deeper into Apex after reading this article, check out this page. Here, you will find a clear explanation of the features and benefits of Apex.

Best practices for Apex9b6c5382 add5 48b7 b8d3 4393c4ecaeb2

How do you build secure projects with Apex? Three issues stand out. Our Lead Software Engineer Theodoor van Donge has listed them for you.

#1 Always have the right subsettings

Using Apex? Make a good habit of always writing your classes with ‘sharing’. That way, the settings for sharing are always applied to all operations for database access. A good example of this is SOQL query. This functionality has now been available for some time, so there’s nothing stopping you using it in your projects.

#2 Secure queries

Another important issue to consider: if you are going to be writing SOQL queries, make sure you are using the new syntax “WITH USER_MODE”. This allows you to add further security to the query. Using the syntax automatically prompts CRUD and FLS (Field Level Security) checks. The result is that the query is now performed with the privileges of a user instead of system privileges. Security first. This functionality is currently available as beta and will be finalized for the Winter 23 Release.

#3 Secure DML queries

You can now also make DML statements significantly more secure, including insert and updates. To do so, use “as user” in the DML statements. For example, “insert as user new Order()”. The order is then only made if the CRUD and FLS rules are met. This functionality is also currently available as beta and will be finalized for the Winter ’23 Release.

Want to know more about secure Apex code? View the presentation given at TrailblazerDX. We’ll discuss Dynamic Interactions in LWC in our next blogpost.

Do you want to know more about the benefits of a CPQ solution in practice? Read more background information here or contact us directly for a consultation.

Enjoying the blog?

Stay up to date on all CPQ and Energy and Telecom news and trends. Subscribe today!

Sign up

Latest blogs

  • Salesforce Industries CPQ vs Salesforce...
  • 30-06-2022
  • Read more
  • Salesforce Industries CPQ Opportunities...
  • 27-06-2022
  • Read more
  • Five Important Trends in Quotation...
  • 22-06-2022
  • Read more

Enjoying the blog?

Transform your Salesforce Application into a CPQ solution.

Receive the latest CPQ, Energy and Telecom blogs straight to your inbox. Disrupt competition with Salesforce industries and integrations.


Subscribe to our Blog today!