You're reading from Mastering Apex Programming A Salesforce developer's guide to learn advanced techniques and programming best practices for building robust and scalable enterprise-grade applications

Product type Paperback

Published in Nov 2023

Publisher Packt

ISBN-13 9781837638352

Length 394 pages

Edition 2nd Edition

Languages

Apex

Tools

Salesforce

Concepts

CRM

Author (1):

Paul Battisson

View More author details

Table of Contents (28) Chapters

Preface

1. Section 1: Triggers, Testing, and Security

2. Chapter 1: Common Apex Mistakes FREE CHAPTER

3. Chapter 2: Debugging Apex

4. Chapter 3: Triggers and Managing Trigger Execution

5. Chapter 4: Exceptions and Exception Handling

6. Chapter 5: Testing Apex Code

7. Chapter 6: Secure Apex Programming

8. Section 2: Asynchronous Apex

9. Chapter 7: Utilizing Future Methods

10. Chapter 8: Working with Batch Apex

11. Chapter 9: Working with Queueable Apex

12. Chapter 10: Scheduling Apex Jobs

13. Section 3: Integrations

14. Chapter 11: Integrating with Salesforce

15. Chapter 12: Using Platform Events

16. Chapter 13: Apex and Flow

17. Chapter 14: Apex REST and Custom Web Services

18. Chapter 15: Outbound Integrations – REST

19. Chapter 16: Outbound Integrations – SOAP

20. Chapter 17: DataWeave in Apex

21. Section 4: Apex Performance

22. Chapter 18: Performance and the Salesforce Governor Limits

23. Chapter 19: Performance Profiling

24. Chapter 20: Improving Apex Performance

25. Chapter 21: Performance and Application Architectures

26. Index

Why subscribe?

27. Other Books You May Enjoy

Enforcing object and field permissions

As previously mentioned, all Apex runs in System Mode and has access to all metadata and data within the org. This means that regardless of which permissions the user may have on an object or field, Apex can see all objects and fields. This, again, has some positive and negative consequences, as set out here:

On the positive side, we are now able to ensure that our code can act in ways that our user could not through a standard UI. For example, we may have a field storing sensitive data that the user should not see or have access to for compliance reasons. Our code can still access this field on behalf of the user to enable it to be used within their workflow. As long as the code is correctly encapsulated and limited in how it is accessed, this is a great way of both enforcing permissions and allowing the desired business process to operate freely.
On the negative side, this model means that if we are not careful, then we can accidentally...