Overview
This rule flags Apex code that uses incorrect or missing sharing clauses, a critical security vulnerability that can lead to unauthorized data exposure. By default, Apex code runs in system context, which bypasses the standard permissions, field level security (FLS), and sharing rules that protect data for users. When developers do not explicitly enforce sharing or security, applications are at risk of inadvertently exposing sensitive information.
β
While tools like PMD can catch these "without sharing" issues during a local scan, the true value of Code Reviews is its ability to go beyond simple detection. After a scan, Code Reviews' platform can automatically create a dedicated autofix Pull Request (PR) that a developer can review and merge. This significantly streamlines the process of resolving technical debt, providing a key advantage over a manual only approach and ensuring that critical security vulnerabilities are fixed efficiently. Code Reviews classifies this issue as an Error because it represents a direct threat of data leaks and compliance violations.
β
Why This Matters
Incorrect or missing sharing clauses in Apex can result in severe security implications:
Unauthorized Information Disclosure (Data Leaks): The primary risk is that users might gain access to sensitive data (e.g., Personally Identifiable Information (PII), financial records) they are not authorized to see, bypassing organization-wide defaults (OWD), role hierarchies, and sharing rules. This is often referred to as a CRUD/FLS bypass.
Compromised Data Integrity: While less common for sharing, if a user gains unintended edit access, they could alter data.
Compliance Violations: Inadvertent data exposure can lead to serious breaches of data privacy regulations such as GDPR or HIPAA.
Erosion of Trust: Customers and stakeholders lose trust in the application and organization if their data privacy is compromised.
Hidden Vulnerabilities: These problems are often tricky to detect because they might arise across different parts of the source code (views, controllers, data access layers) and are largely invisible to simple code linters.
What Triggers This Rule
The ApexNoSharing rule is implemented as an ApexClass type rule. Its primary function is to identify Apex classes that perform database access operations (SOQL/SOSL queries, DML statements) but either lack a sharing clause or are explicitly declared without sharing. The rule's logic is encapsulated in several functions that analyze the Abstract Syntax Tree (AST) of Apex classes.
Recommended Approach
Always enforce security and sharing in Apex when interacting with data that should be protected by user permissions.
Explicitly Use
with sharing: Declare Apex classes that perform database operations or sensitive logic with thewith sharingkeyword to ensure that the running user's sharing rules and record-level security are enforced.Manual CRUD/FLS Enforcement: For classes declared
without sharing(when system context is truly needed, e.g., for integrations running as a privileged user), explicitly checkisAccessible(),isUpdateable(),isCreateable(),isDeletable(), andisViewable()before querying or manipulating data to ensure the running user has necessary object and field level permissions.Secure Queries: Use
stripInaccessible()to filter out fields and records that the running user cannot access before performing DML operations or displaying data.Named Credentials: For external callouts, leverage Named Credentials to handle authentication securely on the server side, preventing API keys from being exposed in code.
Summary
Apex code running in system context inherently bypasses standard sharing rules and field level security, posing a significant risk of data exposure. It is crucial to explicitly enforce sharing using with sharing or perform manual CRUD/FLS checks when dealing with sensitive data. Code Reviews flags incorrect sharing clauses as an Error to help teams identify and rectify these critical security vulnerabilities, ensuring data privacy and compliance across their Salesforce applications.