Hi SF specialists, I have a question here regarding to Security scan: enforcing CRUD. For the example case deletion, but we also have problems with update and creation.
Before I delete a record, I apply deletable check for the custom object, like: Schema.sObjectType.customObject.isDeletable(); Which works fine for single record.
But if I use something like following and delete a list at one action, the automatic security scanner reports an issue: CRUD Delete - Apex Serious Security Risk. if(Schema.sObjectType.customObject.isDeletable()){ List<Database.Deleteresult> deleteResults = Database.delete(customObjectList); System.Debug('Delete Result'+deleteResults); } customObjectList is set correctly and the code executes WITHOUT any problem. Just the security scanner doesn't recognize the deletable check and reports issue. Same for create and update. Reported issues like following: Object: customObjectList in file: /classes/DummySearch.cls L 54: List<Database.Deleteresult> deleteResults = Database.delete(customObjectList); Any advice/workaround I can fix this problem and pass the security scan? Thank you very much in advance.
Hi SF specialists, I have a question here regarding to Security scan: enforcing CRUD. For the example case deletion, but we also have problems with update and creation.
Before I delete a record, I apply deletable check for the custom object, like: Schema.sObjectType.customObject.isDeletable(); Which works fine for single record.
But if I use something like following and delete a list at one action, the automatic security scanner reports an issue: CRUD Delete - Apex Serious Security Risk. if(Schema.sObjectType.customObject.isDeletable()){ List<Database.Deleteresult> deleteResults = Database.delete(customObjectList); System.Debug('Delete Result'+deleteResults); } customObjectList is set correctly and the code executes WITHOUT any problem. Just the security scanner doesn't recognize the deletable check and reports issue. Same for create and update. Reported issues like following: Object: customObjectList in file: /classes/DummySearch.cls L 54: List<Database.Deleteresult> deleteResults = Database.delete(customObjectList); Any advice/workaround I can fix this problem and pass the security scan? Thank you very much in advance.
