-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[apex] ApexCrudViolation: Recommend USER MODE, discourage WITH SECURITY ENFORCED #4368
Comments
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as outdated.
This comment was marked as outdated.
For updating jorje, there is already #3973. I'll update the description of this issue to improve the rule ApexCrudViolations only. |
FYI @FishOfPrey @capeterson this is a Security related issue. @pozil already describe what needs to be changed to existing rules. |
Hello, I am a bit confused because I can see some commits and merged over this ticket, but has this request been applied to PMD? I recently installed las version of PMD (7.0-rc3) and in DML operations using "insert as user" still throws an exception in PMD |
Previous to rc4 and support for We required all DML to be via I still think we will stick with this even with the new support for consistency. <rule name="NoDMLStatement" language="apex" message="Use Database methods" class="net.sourceforge.pmd.lang.rule.XPathRule">
<description>Database.insert(foo, System.AccessLevel.USER_MODE)</description>
<priority>1</priority>
<properties>
<property name="version" value="3.1"/>
<property name="xpath">
<value>
<![CDATA[
//DmlInsertStatement|//DmlUpsertStatement|//DmlDeleteStatement|//DmlUpdateStatement|//DmlUndeleteStatement
]]>
</value>
</property>
</properties>
</rule> <rule name="databaseMethodsHaveAccessLevel" language="apex" message="Database methods must pass AccessLevel and use of SYSTEM_MODE requires comment // CRUD/FLS" class="net.sourceforge.pmd.lang.rule.XPathRule">
<priority>1</priority>
<properties>
<property name="version" value="3.1"/>
<property name="xpath">
<value>
<![CDATA[
//MethodCallExpression[
replace(lower-case(@FullMethodName),'system.','') = (
"search.query",
"search.find",
"search.suggest",
"database.convertlead",
"database.countquery",
"database.countquerywithbinds",
"database.delete",
"database.deleteasync",
"database.deleteimmediate",
"database.getquerylocator",
"database.getquerylocatorwithbinds",
"database.insert",
"database.insertasync",
"database.insertimmediate",
"database.merge",
"database.query",
"database.querywithbinds",
"database.undelete",
"database.update",
"database.upsert",
"database.updateasync",
"database.updateimmediate"
)]
[not(VariableExpression[lower-case(@Image)=('user_mode','system_mode')]/ReferenceExpression[lower-case(@Image)=('accesslevel','system')])]
]]>
</value>
</property>
</properties>
</rule> |
Rule: ApexCRUDViolation
Let's consider the following improvements (quoting @rsoesemann here):
The text was updated successfully, but these errors were encountered: