Apex Code Development You need to sign in to do that
Don't have an account?
Mahesh Babu 3 Object permissions are not consider in the Rest API class in Salesforce site
Hi , I created a Salesforce site , to make a rest api call from out side website. Even if stop the object permission my rest api class can create records to the objects. Where as my normal class not allowing to create records in the object with out permission. Also i try to set field level permissions. How to make the rest api class to obey the object permissions ? Below is the code i used @RestResource(urlMapping='/myservice')
global with sharing class MyService {
@HttpPost
global static void doPost()
{
I will get the Json string from other site and insert into my custome object. If i remove the permission of the object it should not create records. }
}
global with sharing class MyService {
@HttpPost
global static void doPost()
{
I will get the Json string from other site and insert into my custome object. If i remove the permission of the object it should not create records. }
}
https://www.salesforce.com/us/developer/docs/apexcode/Content/apex_rest_exposing_data.htm
--- snip ---
Apex class methods that are exposed through the Apex REST API don't enforce object permissions and field-level security by default. We recommend that you make use of the appropriate object or field describe result methods to check the current user’s access level on the objects and fields that the Apex REST API method is accessing.
--- snip ---