
You can complete this from the following trailhead link, https://trailhead.salesforce.com/help?article=Spring-19-Platform-Developer-I-Maintenance
What we need to achieve today
In this exercise, you’ll begin with a code that contains manual field- and object-level security checks before a SOQL query. You will then refactor the code into a simplified implementation that relies on WITH SECURITY_ENFORCED to handle field- and object-level security checks.
- Create the Secret Key custom text field on the Contact object as specified in the Get Ready for the Hands-on Challenge section above.
- Create a new Apex class named SecureApexRest.
- Copy and paste the SecureApexRest code provided above. This code is already secured with the conventional field- and object-level access checks.
- Add the WITH SECURITY_ENFORCED clause to the SOQL query on line 13 in the code provided. This will make the manual Schema.SObjectType checks are redundant.
- Refactor the code to remove the redundant object and field level access checks.
- Maintain existing behavior by ensuring that failing results are checked in a SecurityException, rather than any other type of exception. This will require catching the System.QueryException that WITH SECURITY_ENFORCED throws and throwing a new SecurityException.
Step 1. Create the Secret Key custom field on Contact Object.
Setup -> Object Manager -> Contact -> Fields & Relationships -> New

Click Next and Uncheck the visible for Standard Users.

Step 2. Create a new Apex Class -> SecureApexRest
Copy the following code into the class then Save and Check the challenge!
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
@RestResource(urlMapping='/secureApexRest') global with sharing class SecureApexRest { @HttpGet global static Contact doGet(){ Id recordId = RestContext.request.params.get('id'); Contact result; if (recordId == null){ throw new FunctionalException('Id parameter is required'); } try{ List<Contact> results = [SELECT id, Name, Secret_Key__c FROM Contact WHERE Id = :recordId WITH SECURITY_ENFORCED]; if (!results.isEmpty()) { result = results[0]; } }catch (QueryException e){ throw new SecurityException('You don\'t have access to all contact fields required to use this API'); } return result; } public class FunctionalException extends Exception{} public class SecurityException extends Exception{} } |
For the previous challenge, check the following link
LEARN WHAT’S NEW FOR PLATFORM DEVELOPERS IN SPRING ’19