Access Security changes coming to Lightning Platform Components

 Many of you have recently received email alerts from Salesforce mentioning upcoming changes being enforced with the release of the Summer ’21 features.  With more and more data being stored on the cloud & data security becoming a focus for many cloud-based companies – it’s not a surprise to see Salesforce continue to make efforts to increase security.  Many of these new requirements will only be a good thing, as it relates to your Org and your data.  But what does it all mean?  What exactly is Salesforce enforcing now, that it wasn’t previously?  Let’s take a look at these recent updates.

SFSec1.png

·      Disable Access to Non-global Apex Controller Methods in Managed Packages

o   This update corrects access controls on Apex controller methods in managed packages. When this update is enabled, only methods marked with the global access modifier are accessible by Aura components from outside the package namespace. These access controls prevent you from using unsupported API methods that the package author didn’t intend for global access.

Prior to this update, Aura components outside of the package namespace could access non-global methods (Apex controller methods not marked with the global access modifier).

When this update is enabled, if your code incorrectly depends on non-global Apex methods in a managed package, server actions that call those methods fail. Update your code to use only the supported API methods provided by the package as global methods.

·      Enforce Access Modifiers on Apex Properties in Lightning Component Makeup

o   This update makes Lightning components consistent with the use of Apex properties in other contexts. For example, a markup expression can no longer access an Apex property with a private Apex getter. 

Although some of these changes can appear quite technical, they are intended to help enhance your Org’s security, as it relates to managed packages & prevent you from unintentionally exposing private information.  Our team at DLH is well-versed in updating & modifying components to help your Org meet these upcoming requirements.  Should your org experience some apex/server errors, as a result of these security updates – reach out to us today!

SFSec2.png