Dynamic SOQL and Secure Platform Encryption

    ​What is Dynamic SOQL?​​

    Dynamic SOQL is the creation of a SOQL string at run time within Apex. It enables users to create more flexible applications.

     

    ​​How is Dynamic SOQL located within Salesforce?​​

    Search the code base for all references to:

    • Database.query
    • database.countQuery
    • database.getquerylocator

     

    Dynamic SOQL Analysis and the Shield Platform Encryption Analysis Engine​​

    Due to the nature of Secure’s Platform Encryption Analysis engine, queries which are formed at runtime (Dynamic SOQL) cannot be analyzed and must be checked manually. Ensure the field is not used in a way that breaks the SOQL query. For each reference, check the query strings for:

    • Aggregates > MIN, MAX, etc.
    • ORDER BY clauses
    • GROUP BY clauses
    • WHERE clauses
      • Fuzzy matching not supported for encryption (CONTAINS, LIKE, >=, <=, etc.,)
      • Exact matches are supported for determination encryption ONLY (=, !=, IN)

    The result of any All Clear field that is referenced in the above changes that field result to Blocked by Configuration.  If the result of any existing Blocked by Configuration field is referenced above, the blocked reason is added to the items requiring remediation prior to field encryption.

    « Previous ArticleNext Article »