Contents
What is the apex redirectrule rule in PMD?
Checks against redirects to user-controlled locations. This prevents attackers from redirecting users to phishing sites. This rule is defined by the following Java class: net.sourceforge.pmd.lang.apex.rule.security.ApexOpenRedirectRule
Do you need to validate CRUD permission before using APEX?
The spirit of the requirement is to honor the access control configuration choices that org admins make within ISV application offerings. If an admin explicitly restricts access control for sharing/CRUD/FLS then ISV offerings should respect that.
What does the rule validate in PMD source code analyzer?
The rule validates you are checking for access permissions before a SOQL/SOSL/DML operation. Since Apex runs in system mode not having proper permissions checks results in escalation of privilege and may produce runtime errors. This check forces you to handle such scenarios.
Can you remove a rule from the VS Code PMD ruleset?
Theoretically, you should be able to remove this rule from the VS Code PMD ruleset (or build a custom ruleset xml which doesn’t include it), if you don’t want to be warned about a concern that may not apply to your application’s situation. Looks like the VS Code PMD plugin allows for a custom ruleset.
Are there any side effects to using DML in apex?
ApexCSRF: Having DML operations in Apex class constructor or initializers can have unexpected side effects:… AvoidDirectAccessTriggerMap: Avoid directly accessing Trigger.old and Trigger.new as it can lead to a bug. Triggers should be …
Rules that are related to code documentation. ApexDoc: This rule validates that: ApexDoc comments are present for classes, methods, and properties th… Rules to detect constructs that are either broken, extremely confusing or prone to runtime errors.