Inherited sharing in Apex class

From version v44.0 onwards salesforce introduced Inherited Sharing keyword. A class declared with inherited sharing keyword will run in user context(with sharing) mode when it is used as

  • An Aura component controller
  • A Visualforce controller
  • An Apex REST service
  • Any other entry point to an Apex transaction(If without sharing keyword is not explicitly specified)

If the class is used as the entry point to an Apex transaction, an omitted sharing declaration runs as without sharing. However, inherited sharing ensures that the default is to run as with sharing. A class declared asinherited sharing runs as without sharing only when explicitly called from an already established without sharingcontext.

public inherited sharing class InheritedSharing {

public List<Account> getAccounts(){
 return [SELECT Id FROM Account LIMIT 10];
 }
}
<apex:page controller="InheritedSharing">
    <apex:repeat value="{!Accounts}" var="rec">
        {!rec.Id} <br/>
    </apex:repeat>
</apex:page>

Test the above scenario by creating one more user(If you’re assigning any role please cross check hierarchy level access for users) and assign a custom profile and give only ‘READ,CREATE,EDIT’ object permission options in account object then in sharing setting make the account object to private.Now you all set to test the data

Be the first to comment

Leave a Reply

Your email address will not be published.


*