As next week I will give a talk about security at London’s Calling, I would like to create a blog post series regarding to Salesforce security for developers. I already talked about CRUD and FLS in a previous post so I thought it was a good idea to continue with sharing.
Sharing is the common way of referring to record level security in the platform, this is, the settings that control if a user X will have read (&report) / write / transfer / delete / share permissions for a specific record Y.
Continue reading “Controlling record level security with Sharing”
Last week I had the pleasure of presenting at French Touch Dreamin event. I gave a talk about Security, in which I explained some of the main things a developer has to take into account in order that our Salesforce applications are secure. I explained how to take care of CRUD, FLS and sharing, and also of known important vulnerabilities as XSS (cross site scripting), CSRF (cross site request forgery), open redirect or SOQL injection.
Continue reading “Become a Force.com Security Superman”
This time I want to talk a bit about CRUD & FLS in Salesforce. What do these acronyms mean? Well… it is the way that we have of allowing or restricting who can create, view, modify or delete objects and fields on the platform.
CRUD – Create / Read / Update / Delete
FLS – Field Level Security (visible, editable, hidden)
Continue reading “CRUD & FLS”