Hello, I am running a  Force.com Source Scanner for my AppExchane project and I am still getting this issue even though the logic seems to be correct:

This query looks for Delete operations that are performed without checking for isDeletable(). This may be a false positive if your code accesses only objects whose security is managed by your app and not the admin (for example OAuth states). It may also be a false positive if checks are performed outside of the dataflow (automatically in a visualforce inputfield tag or manually in a constructor), or if this is an enterprise object or other object whose permissions are not set by the admin.

Following code is triggering this issue:
 

SecurityEnforcer.validateCanDelete(listToDelete);
Database.delete(listToDelete, false);

In the SecurityEnforcer class is following logic to check whether the user has delete permission to records that I am trying to delete -> If not an Exception is throwed..

else if(ProcessType.REMOVE.equals(pType) && (!objDescribe.isAccessible() || !objDescribe.isDeletable())) {
                throw new Exception(); //example
            }

What I think is happeing is that the logic is correct but the Source Scanner just doesn't check it correctly and is throwing these not genuine issues...

Has somebody experienced similar issue or can someobody help me to solve it? Thanks in advance :).

Hello,
does anyone know the equation behind the Excel PPMT function? I desperately need it for implementing it into the Apex.
Thanks in advance.

Hello,
I was just wondering if anyone could explain to me, what this parameter - QueueableContext context -  in an execute method stand for ?

 

Hello I am trying to wrap multiple files which I've uploaded through Lightning:input component. With help of FileReader I am building an array of rendered bodies of those files. Here is the code, which is working fine
When i log the whole array - "rendered", I can see that there are expected values, however, when I try to get that specific value - "render[0]", I am getting an undefined.



Does anyone know where could be the problem? 
Thanks in advance.

Hello,
I builded a table with multiple rowspans. It has following structure:

    <table>
      <tr>
        <td rowspan="6">parent column</td>
        <td rowspan="4">column 2 A</td>
        <td rowspan="3">column 3 AA</td>
        <td rowspan="2">column 4 AAA</td>
        <td rowspan="1">column 5 AAAA</td>
      </tr>
      <tr>
        <td rowspan="1">column 5 AAAB</td>
      </tr>
      <tr>
        <td rowspan="1">column 4 AAB</td>
      </tr>
      <tr>
        <td rowspan="1">column 3 AB</td>
      </tr>
      <tr>
        <td rowspan="2">Column 2 B</td>
        <td rowspan="1">Column 3 BA</td>
      </tr>
      <tr>
        <td rowspan="1">Column 3 BB</td>
        <td rowspan="1">Column 4 BBA</td>
      </tr>
    </table>

Now when I will hover over any table detail element I do not want to change the background color of the whole row, but only of the whole Parent - Child relationship.

For Example when I will hover over column 4 AAB, following columns should change the background color: parent column, column 2A, column 3 AA, column 4 AAB.

Hello,
I'm trying to use a Lightnig:input field for a decimal number. However when I put in it a decimal number it throws me an error. Is lightning:input field meant also for Decimal number? If not, what else should I use for two way data binding field? 
Thanks in advance.

Hi,
I am trying to solve Step 7, but I'm still getting following error:
Challenge Not yet complete... here's what's wrong: 
Ensure that you implement all the pagination methods using the corresponding StandardSetController methods.
I've tried to copy code, that i've found on this website, but it still doesn't let me pass the challenge even though the vs page is working as expected ..
Please help me..

My code:
class OrderExtension:

/**
 * @name OrderExtension
 * @description This class is provided for you to facilitate the Super Badge
**/
public class OrderExtension {

    public Order orderRecord {get;set;}
    public List<OrderItem> orderItemList {get;set;}
    public String selectedFamily {get;set;}
    public List<chartHelper.chartData> pieData {get;set;}
    public Decimal total {get;set;}

    public Map<Id,OrderItem> orderItemMap;
    ApexPages.StandardSetController standardSetController;

    public OrderExtension(ApexPages.StandardController standardController){
        orderRecord = (Order)standardController.getRecord();
        orderItemMap = new Map<id,OrderItem>();
        orderItemList = new List<OrderItem>();
        
        if ( orderRecord.Id != null ){
            orderRecord = queryOrderRecord(orderRecord.Id);
            if (!orderRecord.orderitems.isEmpty()) {
                pieData = new List<chartHelper.chartData>();
                total =0;
                for (orderItem o: orderRecord.orderItems) {
                    orderItemMap.put(o.Product2Id, o);
                    pieData.add(new ChartHelper.ChartData(o.Product2.Name, o.Quantity * o.UnitPrice));
                    total += o.Quantity * o.UnitPrice;
                    
                }
            }
            
        } 
        refresh(null);
        loadData();
    }
    
    public void refresh(String family) {
        if (family == null || family == Constants.SELECT_ONE) {
            List<pricebookentry> p = [SELECT Product2.Family, Product2.Name, Product2.Quantity_Remaining__c, UnitPrice, Product2Id FROM pricebookentry WHERE isActive=true];
            standardSetController = new ApexPages.StandardSetController(p);
            standardSetController.setPageSize(Constants.DEFAULT_ROWS);
        } else {
            List<pricebookentry> p = [SELECT Product2.Family, Product2.Name, Product2.Quantity_Remaining__c, UnitPrice, Product2Id FROM pricebookentry WHERE isActive=true AND Product2.Family =: selectedFamily];
            standardSetController = new ApexPages.StandardSetController(p);
            standardSetController.setPageSize(Constants.DEFAULT_ROWS);
          
        }
    }

    //ToDo: Implement your own method to populate orderItemList
    //  that you will call after pagination and/or family selection
    public void loadData() {

            orderItemList.clear();
            
            for (sObject so: standardSetController.getRecords()) {
                pricebookentry oe = (pricebookentry)so;
                
                if (orderItemMap.containsKey(oe.Product2Id)) {
                    orderItemList.add(orderItemMap.get(oe.Product2Id));
                } else {
                    orderItemList.add(new orderItem(product2Id = oe.Product2Id, product2 = oe.Product2, UnitPrice = oe.UnitPrice, Quantity =0));
                    //orderItemMap.put(oe.Product2Id, oe.orderItem);
                }
            }
        
    }

    /**
     * @name OnFieldChange
     * @description
    **/
    public void OnFieldChange(){
        pieData = new List<chartHelper.chartData>();
        total = 0;
        for (OrderItem o: orderItemList) {
            orderItemMap.put(o.Product2Id, o);
            if (o.Quantity > 0) {
                pieData.add(new ChartHelper.ChartData(o.Product2.Name, o.Quantity * o.UnitPrice));
                total += o.Quantity * o.UnitPrice;
            }
        }
    }

    /**
     * @name SelectFamily
     * @description
    **/
    public void SelectFamily(){
        //ToDo: Implement logic to filter based on the selected product family
        refresh(selectedFamily);
        loadData();
    }

    /**
     * @name Save
     * @description
    **/
    public void Save(){
        //ToDo: Implement logic to save the Order and populated OrderItems
        Savepoint sp = Database.setSavepoint();
        
        if (orderRecord.Id != null) {
            List<OrderItem> old = [SELECT Id, Quantity,Product2Id FROM OrderItem WHERE OrderId =: orderRecord.Id];
            List<OrderItem> toDelete = new List<OrderItem>();
            List<OrderItem> toSave = new List<OrderItem>();
            for (OrderItem o: old) {
                if (orderItemMap.get(o.Product2Id).Quantity == 0 && o.Quantity!=0) {
                    toDelete.add(o);
                }
            }
            for (orderItem o: orderItemMap.values()) {
                if (o.Quantity > 0) {
                    toSave.add(o);
                }
            }
            Try {
                update orderRecord;
                if (!toDelete.isEmpty()) {
                    delete toDelete;
                }
                upsert toSave;
            } catch(Exception e) {
                apexPages.addMessage(new ApexPages.message(ApexPages.Severity.ERROR, Constants.ERROR_MESSAGE));
            
                Database.rollback(sp);
            }
        } else {
            Order order = new Order(AccountId = orderRecord.AccountId, Name = OrderRecord.Name,EffectiveDate= orderRecord.EffectiveDate,
                                  Status= orderRecord.Status);
            
            List<OrderItem> toSave = new List<OrderItem>();
            for (orderItem o: orderItemList) {
                if (o.Quantity > 0) {
                    toSave.add(o);
                }
            }
            
            Try {
                insert order;
                if(!toSave.isEmpty()) {
                    insert toSave;
                }
            } catch(Exception e) {
                apexPages.addMessage(new ApexPages.message(ApexPages.Severity.ERROR, Constants.ERROR_MESSAGE));
            
                Database.rollback(sp);
            }
        }
       // Order order = new Order()

    }


    /**
     * @name First
     * @description
    **/
    public void First(){
        standardSetController.first();
        loadData();
    }


    /**
     * @name Next
     * @description
    **/
    public void Next(){
        standardSetController.next();
        loadData();
    }


    /**
     * @name Previous
     * @description
    **/
    public void Previous(){
        standardSetController.previous();
        loadData();
    }

    /**
     * @name Last
     * @description
    **/
    public void Last(){
        standardSetController.last();
        loadData();
    }

    /**
     * @name GetHasPrevious
     * @description
    **/
    public Boolean GetHasPrevious(){
        return standardSetController.getHasPrevious();
    }

    /**
     * @name GetHasNext
     * @description
    **/
    public Boolean GetHasNext(){
        return standardSetController.getHasNext();
    }

    /**
     * @name GetTotalPages
     * @description
    **/
    public Integer GetTotalPages(){
        return (Integer)Math.ceil(standardSetController.getResultSize() / (Decimal)Constants.DEFAULT_ROWS);
    }

    /**
     * @name GetPageNumber
     * @description
    **/
    public Integer GetPageNumber(){
        return standardSetController.getPageNumber();
    }

    /**
     * @name GetFamilyOptions
     * @description
    **/
    public List<SelectOption> GetFamilyOptions(){
        List<SelectOption> familyOptions = new List<SelectOption>();
        familyOptions.add(new SelectOption(Constants.SELECT_ONE, Constants.SELECT_ONE));
        
        for( Schema.PicklistEntry f : Constants.PRODUCT_FAMILY)
        {
            familyOptions.add(new SelectOption(f.getLabel(), f.getValue()));
        }       
        return familyOptions;
    }

    /**
     * @name QueryOrderRecord
     * @description
    **/
    public static Order QueryOrderRecord(Id orderId){
        return [
            SELECT Id, AccountId, EffectiveDate, Name, Status, Pricebook2Id,
                (
                    SELECT Id, OrderId, Quantity, UnitPrice, PricebookEntryId, Product2Id,
                         Product2.Name, Product2.Family, Product2.Quantity_Remaining__c
                    FROM OrderItems
                )
            FROM Order
            WHERE Id = :orderId
        ];
    }

}

Thanks.

Account and AccountHistory are two custom objects. When account record is deleted, one record of accounthistory should be created.

Hi SF specialists, I have a question here regarding to Security scan: enforcing CRUD. For the example case deletion, but we also have problems with update and creation.
 
Before I delete a record, I apply deletable check for the custom object, like:
    Schema.sObjectType.customObject.isDeletable();
Which works fine for single record.
 
But if I use something like following and delete a list at one action, the automatic security scanner reports an issue: CRUD Delete - Apex Serious Security Risk.
    if(Schema.sObjectType.customObject.isDeletable()){
            List<Database.Deleteresult> deleteResults = Database.delete(customObjectList);            
            System.Debug('Delete Result'+deleteResults);
      }
customObjectList is set correctly and the code executes WITHOUT any problem. Just the security scanner doesn't recognize the deletable check and reports issue. Same for create and update.
Reported issues like following:
    Object: customObjectList in file: /classes/DummySearch.cls
        L 54: List<Database.Deleteresult> deleteResults = Database.delete(customObjectList);
Any advice/workaround I can fix this problem and pass the security scan?
Thank you very much in advance.
 
Scanner Link: http://security.force.com/sourcescanner