nwcm
commented
3 months ago You may find return Database.query() rather than assigning to variable may cause this. I would expect any SOQL or DML applying USER_MODE not to hit ApexFlsViolationRule
Closed jaelee125 closed 2 months ago
nwcm
commented
3 months ago You may find return Database.query() rather than assigning to variable may cause this. I would expect any SOQL or DML applying USER_MODE not to hit ApexFlsViolationRule
git2gus[bot]
commented
3 months ago This issue has been linked to a new work item: W-15488279
stephen-carter-at-sf
commented
2 months ago Ok, I verified that this seems to now be fixed with our latest-beta.
@jaelee125 Can you please install the following and try again: sf plugins install @salesforce/sfdx-scanner@latest-beta
Will mark this as fixed for now.
ApexFlsViolationRule is flagged on this example code
public static List exampleMethod(String exampleParam) {
String dynamicQuery = 'SOME dynamic Query' + ' WHERE Name = :exampleParam';
return Database.query(String.escapeSingleQuotes(dynamicQuery), AccessLevel.USER_MODE);
}
However, if you do queryWithBinds and pass in a Map with exampleParam, ApexFlsViolationRule is not flagged.