function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
LaurentDelcLaurentDelc 

Site and Security Access Control

Hi,

 

The Salesforce Source Code tool shows Serious Access Control security problems everywhere there is no With sharing keyword. 

I understand what with sharing does.

Now I want to do an object search on a public Site page. Obviously the user needs to find all the records and not only the one he created or owns. 

What is the best practice then? Should we remoce with sharing (easy one) or put it and give access to all records. 

If so, how do we do that securely? 

 

Cheers,

 

Laurent

Best Answer chosen by Admin (Salesforce Developers) 
BrendanOCBrendanOC

If that is the case, you can do a couple of things:

change the default sharing model for object Foo to public read - this will allow the sites user to have sharing access to read that object

create a sharing rule for object Foo to share records owned by <Internal Users or Groups> with <Public Sites User> Default Access: Read Only

 

Or, you can leave with sharing off, and write some additional validation within your Apex code to make sure that you don't accidentally return Objects or Records that should be private.

Salesforce Security always recommends With Sharing because it helps prevent accidental sharing of private records.  If you don't want to give the Sites User access through sharing rules, you will need to run in Apex System Mode.  Just be sure to write the additional validation rules.

 

The security of the code will also depend on your SOQL.  If your SOQL is only retrieving specific fields from a specific object, and you are using bind variables in your query, you should be pretty safe.  If you are letting the user influence what objects or fields are retrieved through SOQL, you should use With Sharing and write specific sharing rules.

 

Hope that helps!

 

All Answers

BrendanOCBrendanOC

Laurent - when the Apex class is without sharing, it is running in system mode, which means that it has access to all objects.  You probably don't want to provide access to all of your objects on a sites page.  If you go to Setup > Develop > Sites and select your site there is a button called Public Access Settings.  This allows you to configure public access for your site.  In the background, this is running as the public sites User with its own Profile.  Give this profile CRUD and Sharing access to the objects you want to share publicly.

*** Be careful here - you don't want to make any sensitive data or objects publicly accessible!

 

After you have set the permissions for the Sites User and Profile, you can run your Apex class With Sharing.  This will make sure that Apex is only retrieving objects and records that you have explicitly declared as Public.

 


Let me know if you have any other questions, or I was unclear.

 

 

 

LaurentDelcLaurentDelc

Thanks for the answer.

I am aware of Site profile and Object Access.

But the problem is not here. The records the Site will have to show as results of a search are created from the Back office (ie. by different users). If we enable with sharing, by default these objects won't be retrieved by a SOQL query.

I guess dealing with Sharing rules and these kind of security setting might work?

 

Cheers

Laurent

BrendanOCBrendanOC

If that is the case, you can do a couple of things:

change the default sharing model for object Foo to public read - this will allow the sites user to have sharing access to read that object

create a sharing rule for object Foo to share records owned by <Internal Users or Groups> with <Public Sites User> Default Access: Read Only

 

Or, you can leave with sharing off, and write some additional validation within your Apex code to make sure that you don't accidentally return Objects or Records that should be private.

Salesforce Security always recommends With Sharing because it helps prevent accidental sharing of private records.  If you don't want to give the Sites User access through sharing rules, you will need to run in Apex System Mode.  Just be sure to write the additional validation rules.

 

The security of the code will also depend on your SOQL.  If your SOQL is only retrieving specific fields from a specific object, and you are using bind variables in your query, you should be pretty safe.  If you are letting the user influence what objects or fields are retrieved through SOQL, you should use With Sharing and write specific sharing rules.

 

Hope that helps!

 

This was selected as the best answer
LaurentDelcLaurentDelc

Thanks for the detailed answer.

We will probably go with the Sharing rules solution.

 

Cheers,

Laurent