Lightning Components

with sharing: By default apex class runs in system context mode (means objects/field permissions and sharing-rules are not applied for the current user). If a class defined as with sharing, it enforces user permissions and sharing rules.

Syntax to define with sharing:

• When a class is declared with the "With Sharing" keyword, the record-level security rules defined in Salesforce are enforced.
• The code will respect the organization-wide defaults (OWDs) and sharing settings of the objects being accessed.
• Users will only be able to access records they have the appropriate access to based on their profile, role, sharing rules, etc.
• "With Sharing" is the default behavior for Apex classes if the keyword is not explicitly specified.

public with sharing class ExamplewithsharingClass {
// write your code.
}

without sharing: If you define a class with this keyword, sharing rules for the current user is not enforced. for example, you can use this keyword if you want to turn off sharing-rule enforcement when a class is called from other class that is defined using with sharing keyword.
If you don’t define apex class with any keyword (with sharing or without sharing), it runs in system mode i.e. without sharing mode.

Syntax to define without sharing:

• When a class is declared with the "Without Sharing" keyword, the record-level security rules are bypassed.
• The code will not enforce any sharing rules or OWDs.
• Users executing the code will have full access to all records, regardless of their profile or other access permissions.
• Be cautious when using "Without Sharing" as it can potentially expose sensitive data if not used carefully.

public without sharing class ExamplewithoutsharingClass{
//write your code.
}

Inheritance and Sharing: Use inherited sharing keyword to run the apex class in sharing-mode of the class that is called it.

• When a class with sharing or without sharing is extended by another class, the sharing behavior of the parent class is inherited by the child class.
• If the parent class is declared with "with sharing", the child class will also enforce the sharing rules unless explicitly declared as "without sharing".
• If the parent class is declared with "without sharing", the child class can either continue without sharing or override it with "with sharing".

Syntax to define inherited sharing:

public without sharing class ExampleinheritedsharingClass{
//write your code.
}

Note:

It's important to note that the "With Sharing" and "Without Sharing" keywords only affect the enforcement of record-level security within the Apex class they are applied to. The sharing behavior is not propagated to any other code that might be called or executed from within the class.

By explicitly using "With Sharing" or "Without Sharing" in your Apex classes, you can control how the sharing rules impact the data accessed and ensure compliance with the desired security requirements.

Sharing Enforcement Levels:
Salesforce provides three levels of sharing enforcement: "System", "Default", and "Enforced". "System" (default) enforces the sharing rules defined in the organization's configuration. "Default" enforces the sharing rules based on the class declaration (with or without sharing). "Enforced" ensures the sharing rules are always enforced, even if the code is being executed by a user with "Modify All Data" or "View All Data" permissions. You can explicitly specify the enforcement level using the "@SharingEnforced" annotation at the class level.

Sharing Rules and CRUD Operations:
The "With Sharing" and "Without Sharing" keywords primarily impact the record-level security based on sharing rules. They do not affect object-level security, such as the ability to perform CRUD (Create, Read, Update, Delete) operations on objects. Object-level security is still enforced based on user profiles, permissions, and field-level security settings.

Considerations and Best Practices:
It is recommended to use "With Sharing" by default for Apex classes to respect the organization's sharing settings and maintain data security. "Without Sharing" should be used sparingly and only when necessary, such as for utility classes or specific scenarios where the code requires access to all records. When using "Without Sharing", it is crucial to perform manual security checks and validation to ensure data protection.