Skip to content

Commit

Permalink
Preparing SecureDml to be testable
Browse files Browse the repository at this point in the history
  • Loading branch information
rob-baillie-ortoo committed Dec 9, 2021
1 parent 80afd48 commit 98d3472
Show file tree
Hide file tree
Showing 4 changed files with 51 additions and 24 deletions.
39 changes: 20 additions & 19 deletions TODO.txt
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,16 @@ Test:
Look at:
SobjectUtils.getSobjectName

Test Manually:
Implementation os SecureDml in general - does it actually work
Can I create a record that I can't update, even though I generally have rights - what happens?
Can I create a record that I can update, even though I generally don't have rights - what happens?


* To finalise the core architecture:
* Decide on FLS standards
* Do we need to have a non all-or-nothing version of commitWork?

Add reference to disabling individual trigger events in tests:
https://andyinthecloud.com/2016/04/13/disabling-trigger-events-in-apex-enterprise-patterns/

Add to documentation
* Wrapping exceptions on the way out of services
* Query builder - add it to the architectural diagram - after more investigation
Expand All @@ -34,24 +36,23 @@ Add to documentation
* Do not do domain logic in them

* Using the Mock Registarar
* Describe the Application Factories

From Utilities, things that may be useful:
* getReferenceObjectAPIName
* getObjName - get the object name from an Id
* getLabel / getObjectLabel - get the label for an sobject
* getFieldLabel
* delimitedStringToSet and reverse
* escaping single quotes - in both directions?
* unitsBetweenDateTime
* emailAddressIsValid / emailAddressListIsValid
* sObjectIsCustom / sObjectIsCustomfromAPIName
* IsfieldFilterable
* isFieldCustom
* idIsValid
* getCrossObjectAPIName
* objectFieldExist
* sortSelectOptions - complete re-write
* getReferenceObjectAPIName
* getObjName - get the object name from an Id
* getLabel / getObjectLabel - get the label for an sobject
* getFieldLabel
* delimitedStringToSet and reverse
* escaping single quotes - in both directions?
* unitsBetweenDateTime
* emailAddressIsValid / emailAddressListIsValid
* sObjectIsCustom / sObjectIsCustomfromAPIName
* IsfieldFilterable
* isFieldCustom
* idIsValid
* getCrossObjectAPIName
* objectFieldExist
* sortSelectOptions - complete re-write

Write tests for the SOQL generation in the criteria library

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
* CUD checking for a given SObject Type
* CUD checking for all SObjects
*/
public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleDML implements fflib_SobjectUnitOfWork.IDml
public inherited sharing virtual class SecureDml extends fflib_SobjectUnitOfWork.SimpleDML implements fflib_SobjectUnitOfWork.IDml
{
public inherited sharing class SecureDmlException extends ortoo_Exception
{
Expand Down Expand Up @@ -167,7 +167,7 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD

SobjectType type = SobjectUtils.getSobjectType( objList[0] );

if ( shouldCheckCud( type ) && ! SobjectUtils.isCreateable( objList[0] ) )
if ( shouldCheckCud( type ) && ! userCanCreate( objList[0] ) )
{
cudViolationHandler.handleUnableToInsertRecords( objList );
return;
Expand Down Expand Up @@ -195,7 +195,7 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD

SobjectType type = SobjectUtils.getSobjectType( objList[0] );

if ( shouldCheckCud( type ) && ! SobjectUtils.isUpdateable( objList[0] ) )
if ( shouldCheckCud( type ) && ! userCanUpdate( objList[0] ) )
{
cudViolationHandler.handleUnableToUpdateRecords( objList );
return;
Expand All @@ -222,7 +222,7 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD

SobjectType type = SobjectUtils.getSobjectType( objList[0] );

if ( shouldCheckCud( type ) && ! SobjectUtils.isDeletable( objList[0] ) )
if ( shouldCheckCud( type ) && ! userCanDelete( objList[0] ) )
{
cudViolationHandler.handleUnableToDeleteRecords( objList );
return;
Expand All @@ -244,7 +244,7 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD

SobjectType type = SobjectUtils.getSobjectType( objList[0] );

if ( shouldCheckCud( type ) && ! SobjectUtils.isCreateable( objList[0] ) )
if ( shouldCheckCud( type ) && ! userCanCreate( objList[0] ) )
{
cudViolationHandler.handleUnableToPublishEvents( objList );
return;
Expand Down Expand Up @@ -296,6 +296,7 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD
* @param List<SObject> The new list of records, after the field values were stripped
* @return Set<String> The new, potentially reduced list of 'removed fields
*/
@testVisible
private Set<String> unstripAccessible( Set<String> removedFields, List<Sobject> originalRecords, List<Sobject> strippedRecords )
{
SobjectType type = SobjectUtils.getSobjectType( originalRecords[0] );
Expand Down Expand Up @@ -419,6 +420,21 @@ public inherited sharing class SecureDml extends fflib_SobjectUnitOfWork.SimpleD
}
}

private virtual Boolean userCanCreate( Sobject record )
{
return SobjectUtils.isCreateable( record );
}

private virtual Boolean userCanUpdate( Sobject record )
{
return SobjectUtils.isUpdateable( record );
}

private virtual Boolean userCanDelete( Sobject record )
{
return SobjectUtils.isUpdateable( record );
}

/**
* CudViolationHandler that ensures that exceptions are thrown when CUD violations occur
*/
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

@isTest
private without sharing class SecureDmlTest
{
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>52.0</apiVersion>
<status>Active</status>
</ApexClass>

0 comments on commit 98d3472

Please sign in to comment.