-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[apex] ApexCRUDViolation: Recognize User Mode in SOQL + DML #4146
Comments
@rsoesemann I would like to contribute to this issue can you assign this issue to me? |
@adangel was faster ;-) Welcome @Tarush-Singh35. Thanks for your willingness to contribute to this very relevant change request. |
yeah sure, I am getting started @rsoesemann we can work something out together. how can we connect @rbklaassen please let me know |
@rbklaassen I am getting started with the issue if you want to join do ping me. Thanks & Regards |
Hi @Tarush-Singh35 , go ahead and start on this. I've been quite busy last week and preparing a go-live at customer this week, so I don't think I can help out this or next week. I'll check in after that! |
Also, how do you prefer to connect @Tarush-Singh35 ? |
@rbklaassen through slack would be great |
I'm on slack with rklaassen@salesforce.com @Tarush-Singh35 |
yeah will connect with you through slack |
Any progress here,guys? |
Sorry, not yet. Have had COVID and a pretty busy schedule at customer. |
I made some progress but I had an operation so I was on rest I will raise the PR soon also @rbklaassen sorry for not connecting with you |
@rbklaassen you ready to contribute? |
Yes, I can do some work on this tomorrow. Do you want to collaborate tomorrow @Tarush-Singh35 ? |
Yeah @rbklaassen lets do this |
You need to connect with me through slack, I don't have enough details to connect to you @Tarush-Singh35 |
I will create a workspace and I will ask you to join it |
Added you @rbklaassen in Slack |
@rbklaassen and @Tarush-Singh35 any progress here? Or do you have any blockers I can help with? |
Hi @rsoesemann, today we had a meeting together and discussed the way forward. I came to the conclusion that I miss the Java knowledge to really work on the code, but I can be the support-desk for @Tarush-Singh35 as I know Apex very good. Also I will be able to test his solution when needed on a local project for instance. |
Yeah I am formulating a solution I think so I will be able to make a pull request soon @rsoesemann and @rbklaassen are mentoring me in the apex |
@rsoesemann @rbklaassen i need help to understand the issue in my PR can you guys help me out |
@Tarush-Singh35 I see two comments from @adangel which both make sense to me:
|
@rsoesemann Be aware, that the rule currently doesn't support query: see #2628 - so I didn't add this either. Also, the currently available Jorje library (last updated in Feb. 2022) doesn't support the syntax
There doesn't seem to be a new version available yet: https://github.com/forcedotcom/salesforcedx-vscode/commits/develop/packages/salesforcedx-vscode-apex/out/apex-jorje-lsp.jar Apart from these two points, the PR #4244 fixes this issues. |
[apex] ApexCRUDViolation: user mode and system mode with test cases added #4244
Affects PMD Version:
Rule: ApexCRUDViolation
Description:
With the upcoming Winter '23 (API Version 56) Salesforce is going to add more native capabilities to enforce CRUD and FLS security in SOQL queries and DML statements as described here https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_enforce_usermode.htm.
Currently, the usage of such new features is ignored by PMD and marked as a CRUD Violation. Therefor the rule needs to be extended to recognize and handle them correctly.
Code Sample demonstrating the issue:
This issue should cover all cases with the optional accessLevel parameter. See Dynamic SOQL.
Database.getQueryLocator methods
Search.query methods
Database DML methods (insert, update, upsert, merge, delete, undelete, and convertLead)
Includes the *Immediate and *Async methods, such as insertImmediate and deleteAsync.
This issuers should be easy to contribute as we can just look at how the related earlier enhancements were done: #2210
The text was updated successfully, but these errors were encountered: