What should the developer use to enforce sharing permission for the currently logged-in user while using the custom search tool?

Universal Containers implemented a private sharing model for the Account object. A custom Account search tool was developed with Apex to help sales representatives find accounts that match multiple criteria they specify. Since its release, users of the tool report they can see Accounts they do not own.

What should the developer use to enforce sharing permission for the currently logged-in user while using the custom search tool?
A . Use the schema describe calls to determine if the logged-in users has access to the Account object.
B. Use the without sharing keyword on the class declaration.
C. Use the UserInfo Apex class to filter all SOQL queries to returned records owned by the logged-in user.
D. Use the with sharing keyword on the class declaration.

View Answer

Answer: D

Explanation:

Use the with sharing keyword on the class declaration. The with sharing keyword ensures that the Apex code respects the object-level, field-level, and record-level sharing settings for the user who is running the Apex code. This means that the code will only return records that the user has access to, according to their Sharing Settings. You can find more information about the with sharing keyword in the official Salesforce documentation (https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_keywords_sharing.htm).