Today we will try to cover the topic "With sharing and Without sharing in Salesforce".
With sharing:
We use the keyword "with sharing" before declaring class so as to take into account the sharing rules for the user. By default apex class runs into system mode so as to avoid code failure because of permissions.
With sharing:
We use the keyword "with sharing" before declaring class so as to take into account the sharing rules for the user. By default apex class runs into system mode so as to avoid code failure because of permissions.
Syntax:
POINTS TO NOTE:
POINTS TO NOTE:
- If we do not declare class with "With sharing" or "Without sharing" the class will not take into account the sharing rules but if this class is called from another class which is declared with "with sharing" it will take into account the sharing rules.
- If the class with "with sharing" is calling method of another class with "without sharing" than the method inside "without sharing" class will execute without sharing rules.
- If the class with "without sharing" is calling method of another class with "with sharing" than the method inside "with sharing" class will execute with sharing rules.
- Inner class do not have sharing settings of parent class.
- Class have sharing settings of parent class when we implements it or extends it from parent class.
Now, Let us go through below scenarios for better understanding.
1) Let say user do not have permission on a child object and he is having permission on parent object to read/create/edit/delete parent object, If I create a trigger on parent object to insert a child record after parent record is created, will it create a child record or not after user insert parent record manually?
It will create a child record (Trigger/apex class runs in system mode).
2) If in the above scenario from trigger let say I am calling apex class which is in "with sharing" mode and where I am inserting child record after parent is inserted manually by user, so will it create a child record?
It will create a child record.(with sharing keyword has nothing to do with user permissions it only takes into account the sharing rules for the user).
3) Let say if my apex class which is not declared with any keyword "with sharing" or "without sharing" is fetching opportunity records and the user with which this class is running does not hold any opportunity records or no opportunity record is shared with user, in this case the class will be able to fetch opportunity records since the apex class runs in system mode though the user have CRUD permissions or does not have CRUD permissions on opportunity.
4) Let say if my apex class is declared with "with Sharing" keyword and is fetching opportunity records and the user with which this class is running does not hold any opportunity records or no opportunity record is shared with user, in this case the class will not be able to fetch opportunity records though the user have CRUD permissions or does not have CRUD permissions on opportunity.
3) Let say if my apex class which is not declared with any keyword "with sharing" or "without sharing" is fetching opportunity records and the user with which this class is running does not hold any opportunity records or no opportunity record is shared with user, in this case the class will be able to fetch opportunity records since the apex class runs in system mode though the user have CRUD permissions or does not have CRUD permissions on opportunity.
4) Let say if my apex class is declared with "with Sharing" keyword and is fetching opportunity records and the user with which this class is running does not hold any opportunity records or no opportunity record is shared with user, in this case the class will not be able to fetch opportunity records though the user have CRUD permissions or does not have CRUD permissions on opportunity.
awesome Cleared all my doubts
ReplyDeleteThis is the best explanation I could find, thanks!
ReplyDeleteNice one
ReplyDeletevery useful, the examples help a lot, thanks
ReplyDeleteNice explanation
ReplyDeletecan someone please expai answer of 2nd question n aso for 3 n 4
ReplyDeletecan u please eleborate difference between no keyword and without sharing
ReplyDeletePls add this scenario as well :- let say I am calling apex class which is in "with sharing" mode and where I am UPDATING child record after parent is inserted manually by user, so will it create a child record if the user do no have access to the child record?
ReplyDelete>>It will not update as user do no have access to the child record.
I think question 1 lacks some details to come to the conclusion that it will create the child record. Nowhere was it stated the apex/trigger had the clause "with or without sharing" or no statement about sharing. We cannot know what context the classes are running. The second is not clear either. The sharing rules are not laid out in the scenario. So, if we base it on the permissions of the user, you state that the user does not have permission to create the child record. Why would they be able to create the child record if it is based on the users permission?
ReplyDelete