With Sharing and Without Sharing

Apex runs in System context. By default apex is not considering about object level and field level permissions when retrieving data.

Scenario 1:

Profile Name: Standard clone user (Cloned by standard profile) , Object: Account, Field: Rating

After login from a user who is having "Standard Clone User" profile. User still can see data from the custom lightning component even though object level and field level permissions are more restrictive as above images.

Scenario 2:

Currently OWD setting for Accounts is set to "Private" and data are not shared using role hierarchies too to make sure that the user is only seen records created by himself.

If the apex class is not give "With Sharing" or explicitly giving "With Sharing" current sharing rules remains in effect where only records owned by the user will be seen according to OWD settings.

public class getAccounts {
    
    @AuraEnabled
    public static List<Account> accounts(){
        return [SELECT ID,Name,Owner.Name,Rating FROM Account];
    }


public with sharing class getAccounts {
    
    @AuraEnabled
    public static List<Account> accounts(){
        return [SELECT ID,Name,Owner.Name,Rating FROM Account];
    }

}}

Scenario 3:

If the apex class is used with "Without Sharing" user will see all the data and data will not restricted according to OWD settings.

public without sharing class getAccounts {
    
    @AuraEnabled
    public static List<Account> accounts(){
        return [SELECT ID,Name,Owner.Name,Rating FROM Account];
    }

}

Thank you,