You need to sign in to do that
Don't have an account?
stv_dev
Invoke Apex Web Service from Custom Button in Professional Edition
H,
i have some process in my managed package that deletes records and recreates it again.
Can someone confirm if below solution will work in Professional Edition?
maybe by PE token, Client ID or any other solution.
Custom button with Execute JavaScript Behavior that invokes Apex Web Service
Custom Buton Code:
{!requireScript("/soap/ajax/26.0/connection.js")}
{!requireScript("/soap/ajax/26.0/apex.js")}
var result = sforce.apex.execute("ClassName","MethodName", {methodVariable:record.Id});
-----------------------------------
Apex Code:
global class ClassName {
webservice static String MethodName(String methodVariable)
{
...
}
}
Thank you
By default there should not be any security issue with you putting a visualforce page/apex behind a custom button. That is very common. Check out the security.force.com coding guidelines to see if that helps identify what will resolve that security issue in your code.
http://wiki.developerforce.com/page/Secure_Coding_Cross_Site_Request_Forgery
http://wiki.developerforce.com/page/Secure_Coding_Guideline
All Answers
No, I wouldn't do it that way using the AJAX toolkit. That is not allowed since the clientId will be exposed as plaintext:
http://www.salesforce.com/us/developer/docs/packagingGuide/index_Left.htm#StartTopic=Content/dev_packages_api_access.htm#dev_packages_api_access
Instead, could you put a Visualforce page behind the custom button that invokes apex logic to do the same thing? The page is really just a way to invoke the apex and not really a UI?
HI aalbert,
thank you for quick response.
Actually it was my original solution:
calling VF page , delete / create records runs during the page loading (in constructor ) and after completing, redirects to standard page layout record.
But Salesforce checkmark tool that checks security of the code, recognized delete records as
By default there should not be any security issue with you putting a visualforce page/apex behind a custom button. That is very common. Check out the security.force.com coding guidelines to see if that helps identify what will resolve that security issue in your code.
http://wiki.developerforce.com/page/Secure_Coding_Cross_Site_Request_Forgery
http://wiki.developerforce.com/page/Secure_Coding_Guideline
Thank you!