Base Class CRUD Security Checking Not Configurable

[tmowbrey]

In the domain base class SObjectDomain, currently code is structured such that all trigger paths must go through a security check. While this is optimal for most use cases, I have come across a specific use case in which this is limiting. Today, we have a site set up for customers to come and buy small parts for our product. We do not have a need to authenticate these users and so are not using a customer portal. As expected this site uses the Guest User License which restricts the ability to edit or delete standard object records. As our store runs through utilization of standard objects, while the customer is adding items to the cart and proceeding through checkout we have triggers that need to fire on update to set up their purchase profile correctly.

Changing that security methods such that they would be easily modified outside the base class to allow for specific exceptions would be a great help.

[afawcett]

Quick update on this, i'm working on an update to FLS and CRUD support accross the patterns, including is the ability to configure enforcement, hope to have something out in the next week or so.

[afawcett]

This is now configurable via the Configuration property, see this blog for more details on this property and of course the source code, e.g. Configuration.disableTriggerCRUDSecurity(); call in the constructor will disable.