In the previous recipes, we saw security techniques, such as access rules, security groups, and record rules. With these techniques, you can avoid unauthorized access. Sometimes, however, you have complex business cases in which you want to access or modify records, even if the user doesn't have access to them. For example, let's say the public user doesn't have access to the leads records, but by submitting the website form, the user can generate leads records in the backend.

Using sudo(), you can access recordsets as a superuser. We already saw sudo() in the Changing the user that performs an action recipe of Chapter 9, Advanced Server-Side Development Techniques. Here, we will see that even if you have given ACL rules or have added a security group on the field, you can still get access through sudo().