認定 Platform デベロッパー資格の更新 (Winter '21) ⇒ 項目レベルとオブジェクトレベルのセキュリティや安全なナビゲーション演算子を使ってみる
ハンズオンの Challenge
Enforce Field and Object Level Security and Use the Safe Navigation Operator in Apex
Simplify your code by using the Security.stripInaccessible method in the Apex class. Also catch any null references using the Safe Navigation operator.Note: Complete the necessary setup configuration in the Unit text prior to the hands-on challenge section.
Create a new Apex class
Name: ApexSecurityRest
Copy and paste the ApexSecurityRest code provided above.
Use the Security.stripInaccessible method logic to process the results. Remove fields that the user does not have Read access to.
Remove the redundant object- and field-level access checks for Name and Top_Secret. Note: Delete the unneeded code rather than commenting it out.
Apply the Safe Navigation operator functionality to Account in order to avoid null references.
@RestResource(urlMapping='/apexSecurityRest')
global with sharing class ApexSecurityRest {
@HttpGet
global static Contact doGet() {
Id recordId = RestContext.request.params.get('id');
Contact result;
if (recordId == null) {
throw new FunctionalException('Id parameter is required');
}
List<Contact> results = [SELECT id, Name, Title, Top_Secret__c, Account.Name FROM Contact WHERE Id = :recordId];
SObjectAccessDecision securityDecision = Security.stripInaccessible(AccessType.READABLE, results);
if (!results.isEmpty()) {
result = results[0];
if (Schema.sObjectType.Contact.fields.Description.isUpdateable()){
result.Description = result.Account?.Name;
}
}
return result;
}
public class FunctionalException extends Exception{}
public class SecurityException extends Exception{}
}
Author And Source
この問題について(認定 Platform デベロッパー資格の更新 (Winter '21) ⇒ 項目レベルとオブジェクトレベルのセキュリティや安全なナビゲーション演算子を使ってみる), 我々は、より多くの情報をここで見つけました https://qiita.com/TomAndJerry/items/3574eb12d831ad34d825著者帰属:元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。
Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .