Practice simplifying object- and field-level security checks with new Spring ’19 in Apex code

August 8, 2019August 8, 2019 konaguru Leave a comment

updated challenge code

@RestResource(urlMapping='/secureApexRest')
global with sharing class SecureApexRest {
    @HttpGet
    global static Contact doGet(){
        Id recordId = RestContext.request.params.get('id');
        Contact result;
        if (recordId == null){
            throw new FunctionalException('Id parameter is required');
        }
        try {
            List&lt;Contact> results = [SELECT id, Name, Secret_Key__c FROM Contact WHERE Id = :recordId WITH SECURITY_ENFORCED];
            if (!results.isEmpty()) {
                result = results[0];
            }
        }
        catch(QueryException  ex) {
            throw new SecurityException('You don\'t have access to all contact fields required to use this API');
        }
        return result;
    }
    public class FunctionalException extends Exception{}
    public class SecurityException extends Exception{}
}

@RestResource(urlMapping='/secureApexRest')

global with sharing class SecureApexRest {

@HttpGet

global static Contact doGet(){

Id recordId = RestContext.request.params.get('id');

Contact result;

if (recordId == null){

throw new FunctionalException('Id parameter is required');

}

try {

List<Contact> results = [SELECT id, Name, Secret_Key__c FROM Contact WHERE Id = :recordId WITH SECURITY_ENFORCED];

if (!results.isEmpty()) {

result = results[0];

}

catch(QueryException ex) {

throw new SecurityException('You don\'t have access to all contact fields required to use this API');

}

return result;

}

public class FunctionalException extends Exception{}

public class SecurityException extends Exception{}

}

Get to know more about AI, Machine Learning

November 8, 2018November 27, 2018 konaguru Leave a comment

Important articles stumbled upon while exploring on AI, Machine Learning

Amazon’s own ‘Machine Learning University’ now available to all developers

https://aws.training/machinelearning

How to identify User Theme?

November 6, 2018November 8, 2018 konaguru Leave a comment

Use these variables to identify the CSS used to render Salesforce web pages to a user. Both variables return one of the following values.

Theme1—Obsolete Salesforce theme
Theme2—Salesforce Classic 2005 user interface theme
Theme3—Salesforce Classic 2010 user interface theme
Theme4d—Modern “Lightning Experience” Salesforce theme
Theme4t—Salesforce mobile app theme
Theme4u—Lightning Console theme
PortalDefault—Salesforce Customer Portal theme
Webstore—Salesforce AppExchange theme

<apex:page>
    <apex:pageBlock title="My Content" rendered="{!$User.UITheme == 'Theme2'}">
        // this is the old theme...
    </apex:pageBlock>

    <apex:pageBlock title="My Content" rendered="{!$User.UITheme == 'Theme3'}">
       // this is the classic theme ...
    </apex:pageBlock>
</apex:page>

<apex:page>

<apex:pageBlock title="My Content" rendered="{!$User.UITheme == 'Theme2'}">

// this is the old theme...

</apex:pageBlock>

<apex:pageBlock title="My Content" rendered="{!$User.UITheme == 'Theme3'}">

// this is the classic theme ...

</apex:pageBlock>

</apex:page>

Did you know?

October 30, 2018October 30, 2018 konaguru Leave a comment

Manage License link doesn't exists for Managed Packages in Sandbox orgs. 
All the users by default will have access to Managed Package in Sandbox orgs.

1 2	Manage License link doesn't exists for Managed Packages in Sandbox orgs. All the users by default will have access to Managed Package in Sandbox orgs.

2. The inner class will be the only thing that runs outside of sharing context, everything else will still be in sharing context.

public with sharing class MyClass
{
	public static void doStuff()
	{		
		Records[] list = new MyClassUtil().executeQuery();		
		//Do stuff here
	}
	
	/**
	 * Class to bypass sharing for the single case where non-admins need to query the permission set
	 */
	private without sharing class MyClassUtil
	{
		public Records[] executeQuery()
		{
			//execute and return the records here
		}
	}
}

public with sharing class MyClass

{

public static void doStuff()

{

Records[] list = new MyClassUtil().executeQuery();

//Do stuff here

}

/**

* Class to bypass sharing for the single case where non-admins need to query the permission set

private without sharing class MyClassUtil

{

public Records[] executeQuery()

{

//execute and return the records here

}

APEX Code Snippets

October 25, 2018October 25, 2018 konaguru Leave a comment

Reading inline Query data in APEX

/* Code snippet to read inline query data into APEX */
 
List<Account> accounts = new List<Account>();

accounts = [select id, (select id, firstname, lastname from contacts ) from Account where id in (select accountid from AccountShare where USerOrGroupId = '00531000007eCfF')];

List<Contact> contacts = new List<Contact>();

for(Account account : accounts ) {
    
    for(Contact contact: account.Contacts) {
        
        System.debug('Contact Object details  ' + contact );
    }
    
}

/* Code snippet to read inline query data into APEX */

List<Account> accounts = new List<Account>();

accounts = [select id, (select id, firstname, lastname from contacts ) from Account where id in (select accountid from AccountShare where USerOrGroupId = '00531000007eCfF')];

List<Contact> contacts = new List<Contact>();

for(Account account : accounts ) {

for(Contact contact: account.Contacts) {

System.debug('Contact Object details ' + contact );

}

JSONGenerator

This example generates a JSON string in pretty print format by using the methods of the JSONGenerator class

/*
 This example generates a JSON string in pretty print 
 format by using the methods of the JSONGenerator class
*/

// JSON Generate - Start  
        JSONGenerator gen = JSON.createGenerator(true);
        gen.writeStartArray();
        for(Opportunity opt : opty) {            
            gen.writeStartObject();
            gen.writeStringField('Id', opt.Id);
            gen.writeStringField('Type', opt.Type);
            gen.writeStringField('Name', opt.name);
            gen.writeStringField('StageName', opt.StageName);
            gen.writeNumberField('Probability', opt.Probability);
            gen.writeDateTimeField('LastModifiedDate', opt.LastModifiedDate);
            gen.writeDateField('CloseDate', opt.CloseDate);   
            gen.writeEndObject();
        }
        gen.writeEndArray();
        // JSON Generate - End

This example generates a JSON string in pretty print

format by using the methods of the JSONGenerator class

// JSON Generate - Start

JSONGenerator gen = JSON.createGenerator(true);

gen.writeStartArray();

for(Opportunity opt : opty) {

gen.writeStartObject();

gen.writeStringField('Id', opt.Id);

gen.writeStringField('Type', opt.Type);

gen.writeStringField('Name', opt.name);

gen.writeStringField('StageName', opt.StageName);

gen.writeNumberField('Probability', opt.Probability);

gen.writeDateTimeField('LastModifiedDate', opt.LastModifiedDate);

gen.writeDateField('CloseDate', opt.CloseDate);

gen.writeEndObject();

}

gen.writeEndArray();

// JSON Generate - End

Salesforce Hacks

October 22, 2018October 22, 2018 konaguru Leave a comment

Salesforce Hidden Tab

In case if Tab doesn’t exists for any object and if you want to get a tab view with out configuring a tab simply append first three letters of the ID to the salesforce URL after .com/

Best Salesforce Google Chrome extensions

October 20, 2018October 21, 2018 konaguru Leave a comment

Salesforce Navigator

Best of its kind. with control-shift-space you can reach to many setup pages in salesforce. I would suggest must have by every architect.

Force.com Logins

Too many salesforce username/passwords to remember. My favourite place to store all the logins. with one click I go to the org I want.

Salesforce Organizer

Salesforce Organizer better than Force.com Logins Extension. Intuitively adds your username/passwords to Organizer list whenever you try to login with a new salesforce username/password account

Salesforce Dev Tools

A powerful toolkit for Salesforce developer, includes Query Editor, Apex code, objects reference doc, ERDs generator, and others.Salesforce DevTools is a simple but powerful Salesforce developer chrome extension for doing the below things :

・Salesforce data modal (ERDs) generator.
・Easy export Objects Reference to Excel file.
・Display fields API name on Salesforce object detail page.
・Quick generate Apex code / SOQL.
・Quick access to new record page, list page and object setting page of any object.
・All Check / Select on profile edit page and field permissions edit page.

Salesforce Inspector

Productivity tools for Salesforce administrators and developers to inspect data and metadata directly from the Salesforce UI.

Extension to add a metadata layout on top of the standard Salesforce UI to improve the productivity and joy of Salesforce configuration, development, and integration work.

Do it with SOQL

October 19, 2018October 24, 2018 konaguru Leave a comment

Deleting User Trace Logs

If you go to User Debug Log, you may see many user trace logs created by a user. Deleting one at a time is time-consuming. An easy solution is to execute below SOQL in Developer console and deleting them ( you can select multiple rows and can delete in one shot )

SELECT Id, CreatedDate, CreatedById, ExpirationDate, TracedEntityId, ApexCode, 
ApexProfiling, Callout, Database, System, Validation, Visualforce, Workflow 
FROM TraceFlag

SELECT Id, CreatedDate, CreatedById, ExpirationDate, TracedEntityId, ApexCode,

ApexProfiling, Callout, Database, System, Validation, Visualforce, Workflow

FROM TraceFlag

Mass Delete Attachments

Though Data loader is one option to do it, you can also use Developer console Query editor to mass delete attachments ( execute the query with appropriate constraints and select the rows you want to delete and hit delete button )

select id from Attachment limit 10

1	select id from Attachment limit 10

Bulk Delete ApexLogs

Its very painful to use Salesforce provided ‘Delete All’ logs button as it on;t deletes log files displayed in that page. Quick way of deleting log files using SOQL is executing below SOQL in developer console and use ‘Delete’ button

select id from ApexLog

1	select id from ApexLog

Salesforce Certified Identity and Access Management – Spring ’18 Release Exam

July 31, 2018July 31, 2018 konaguru Leave a comment

An administrator resets a user password in Salesforce.

Which attribute will be updated with the “True” value in the Identity URL or UserInfo endpoint?

A.		email_verified
B.		password_updated
C.		password_reset
D.		active

Universal Containers (UC) uses Salesforce for all of its internal users. Recently UC started getting a lot of complaints from users regarding locked user accounts due to users not being able to reset their passwords.

What is the recommended solution a Salesforce adminisrator can follow to solve this problem?

A.		Implement a third-party Identity Provider to centralize user management and authentication policies.
B.		Modify password policies and set Password Expires to “Never Expires” so that users can log in without any interruption.
C.		Configure social media authentication provider to allow users to log in via their social media credentials.
D.		Enable two-factor authentication using Lightning Login to allow users to log in without their passwords.

Universal Containers uses Customer Community for its customers and wants to make sure that there is an extra layer of security to avoid unauthorized access.

What is the recommended way of enabling two-factor authentication for external users?

A.		Update external user profile to allow users to verify their identity and avoid unauthorized access.
B.		Use an AppExchange application to implement two-factor authentication for external users.
C.		Use dynamic login on the customer community to allow customers to verify their identity.
D.		Use custom login flows to implement two-factor authentication for external users.

Universal Containers (UC) uses an external website to allow its customers to perform self-service functions. The website doesn’t support autentication through SAML or OpenID Connect. UC has decided to impement Salesforce and authenticate its users via Salesforce.

What is the recommended solution to allow users to authenticate via Salesforce on the external website?

A.		Configure a connected app in Salesforce and use username-password flow to allow customer to authenticate on the website.
B.		Configure Salesforce as a Service Provider, and implement custom federation services using existing Identity Store.
C.		Configure Customer Community identity providers, and use Embedded Login to allow customers to authenticate on the website using configured identity providers.
D.		Migrate the website to Customer Community to allow a seamless experience and set existing passwords as their customer community user passwords.

Universal Containers (UC) uses Customer Community to allow its customers to register and perform self-service functions. Due to the growth of the business and the customer base, UC wants to deliver a different experience to its customers based on runtime circumstances.

What is the secure and recommended way of enabling this?

A.		Develop Lightning components to deliver different experience to customers using their information stored in Salesforce.
B.		Use custom login flows to deliver different experiences by extracting the source from the URL where the customer is visiting from.
C.		Use an AppExchange product to customize the Customer Community login experience and deliver a personalized experience to customers
D.		Enable dynamic login experience by adding expid request parameter in the client configuraiton SSO initialization URL.

Best Salesforce tools

April 8, 2018October 20, 2018 konaguru Leave a comment

SOQL Query Builder

SQOL Builder tool built by Jitedra Zaa helps you to get to the place where you can generate your queries, execute your queries in a jiffy

https://soqlbuilder.herokuapp.com/

S	M	T	W	T	F	S
« Aug
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31