Sign Up ›
  • Felix Markman 16
  • NEWBIE
  • 0 Points
  • Member since 2017
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 3
    Questions
  • 4
    Replies
2 replies

Stuck on 'Prevent Open Redirects in Your Code' Challenge

Hello,
I'm working on the 3rd part of the App Logic Vulnerability Prevention Module.  

I followed the steps provided in the module to Force Local Redirects Only, but I keep seeing 'Challenge Not Yet Complete, The code does not appear to protect against open redirects. Make sure you have modify the save function to force local redirects only by removing any prepending '/' and then re-adding a '/' prior to saving the PageReference.'

My Code for the save method. Any ideas what's wrong? 

public PageReference save() {
        PageReference savePage;
        if (Schema.SObjectType.Resource_Type__c.isCreateable()) {
            try {

                insert rtype;

                String completion = ApexPages.currentPage().getParameters().get('finishURL');
                system.debug('First$' + completion);
                if (completion.startsWith('/')) {
                    system.debug('Second$' + completion);
                    completion = completion.replaceFirst('/','');

                    system.debug('Third$' + completion);
                }
                savePage = new PageReference('/' + completion);

                savePage.setRedirect(true);
                return savePage;


            } catch (exception e) {
                ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'Unable to update requisitions.  Exception: ' + e.getMessage()));
                return null;
            }
        } else {
            ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'You do not have permission to update requisitions'));
            return null;
        }
    }

 
2 replies

Error id: SCFAVLVV when attempting to complete exercise 6 in Lightning Experience Rollout Specialist

Hello,

I'm seeing this error when trying to validate my step 6 in the Lightning Experience Rollout Specialist Superbadge. It says to post to the developer forums: 

Error id: SCFAVLVV when attempting to complete exercise 6 in Lightning Experience Rollout Specialist
0 replies

How to achieve test coverage for loop?

I'm stumped because I cannot cover a simple for loop in my test class on the Opportunity object. Lines 15 through 28 are not being covered by my test class. I've inserted the Contracts, and yet the for loop is skipped. What has to be done for the for loop to receive coverage? Thank you

 

```Trigger updateContracts on Opportunity (before update) { for(Opportunity o: Trigger.New){ // Find Contracts associated to current Opportunity; // Order by Craeated Date to make most recent Contract show as first entry [0] Contract[] contracts = new List<Contract>(); contracts = [SELECT Id, SBQQ__Opportunity__c, Contract_Status__c, Primary_Quote_Start_Date__c FROM Contract WHERE SBQQ__Opportunity__c =: o.Id AND Contract_Status__c != 'Expired' ORDER BY CreatedDate DESC]; // Creating two distinct lists to prevent collision where same Contract enters expiration and resubmission (update) Contract[] expiredContracts = new List<Contract>(); Contract[] updatedContracts = new List<Contract>(); for(contract c : contracts){ // hold most recent contract in a variable Contract latestContract = contracts[0]; // check if it's the latest contract, skip over the latest contract if(c <> latestContract && o.Submission_Counter__c > 0){ //c.Writable_End_Date__c = System.today(); c.Contract_Status__c = 'Expired'; expiredContracts.add(c); }if(o.Resubmit_Counter__c > 0 && o.Probability < 90){ // Resubmit to Checkout has been clicked indicating user wishes to update existing Contract c.StartDate = c.Primary_Quote_Start_Date__c; updatedContracts.add(c); }if(c == latestContract){ c.Resubmit_Resend_Email_Notice__c = true; } } // update existing Contract on Resubmit without creating new lines if(o.Amendment_Opportunity__c == true){ Contract[] amendedContract = new List<Contract>(); amendedContract = [SELECT Id FROM Contract WHERE Id =: o.SBQQ__AmendedContract__c]; Contract amendmentContract = amendedContract[0]; // increment Amendment Counter on Contract to delete existing lines and CPQ package will create new lines if(o.StageName == 'CPQ - Closed Won' && ((o.Submission_Counter__c > trigger.oldMap.get(o.Id).Submission_Counter__c) || o.Submission_Counter__c == 1)){ amendmentContract.Amendment_Counter__c = o.Amendment_Opp_Amendment_Counter__c; amendmentContract.Amendment_Text_For_Submission_eMail__c = o.Text_for_Email_Alert__c; update amendmentContract; } // If Amendment Opportunity is resubmitted, update checkbox that will trigger email update if(o.StageName == 'CPQ - Closed Won' && ((o.Resubmit_Counter__c > trigger.oldMap.get(o.Id).Resubmit_Counter__c) || o.Resubmit_Counter__c == 1)){ amendmentContract.Amendment_Counter__c = o.Amendment_Opp_Amendment_Counter__c; amendmentContract.Amendment_Text_For_Submission_eMail__c = o.Text_for_Email_Alert__c; update amendmentContract; } } if(updatedContracts != null){ update updatedContracts; } if(expiredContracts != null){ update expiredContracts; } } }```

 

Test class: 

 

@isTest (SeeAllData = true) private class updateContractsTestClass { static testMethod void validateUpdateContracts() { Opportunity opp = new Opportunity(Submission_Counter__c = 1, Resubmit_Counter__c = null, Name='ColorB', StageName='CPQ - Closed Won', CloseDate=Date.newInstance(1960, 2, 17)); insert opp; Opportunity opp2 = new Opportunity(Resubmit_Counter__c = 1, Submission_Counter__c = 1, Name='ColorC', StageName='CPQ - Closed Won', CloseDate=Date.newInstance(1960, 2, 17)); insert opp2; SBQQ__Quote__c quote = new SBQQ__Quote__c(SBQQ__Opportunity2__c = opp.id, SBQQ__StartDate__c = Date.newInstance(2017, 3, 27), SBQQ__Primary__c = true, SBQQ__SubscriptionTerm__c = 12); insert quote; SBQQ__Quote__c quote1 = new SBQQ__Quote__c(SBQQ__Opportunity2__c = opp2.id, SBQQ__StartDate__c = Date.newInstance(2017, 2, 17), SBQQ__Primary__c = true, SBQQ__SubscriptionTerm__c = 12); insert quote1; opp.SBQQ__PrimaryQuote__c = quote.id; update opp; opp2.SBQQ__PrimaryQuote__c = quote1.id; update opp2; opp = [SELECT id, SBQQ__PrimaryQuote__r.SBQQ__StartDate__c FROM Opportunity WHERE Name = 'ColorB']; update opp; opp2 = [SELECT id FROM Opportunity WHERE Name = 'ColorC']; update opp2; // inserting Account to then reference it in the Contract (required by contract) Account testAccount = new Account(Name='testAccount'); insert testAccount; Id accountId = [SELECT Id FROM Account LIMIT 1].Id; List<Contract> contractsList = new List<Contract>(); insert contractsList; Contract firstContract = new Contract (AccountID = accountId, SBQQ__Opportunity__c = opp2.id, Contract_Status__c = 'Pending Checkout', Amendment_Counter__c = 1); insert firstContract; update firstContract; contractsList.add(firstContract); Contract latestContract = new Contract(AccountID = accountId, SBQQ__Opportunity__c = opp.id, Contract_Status__c = 'Pending Checkout'); insert latestContract; update latestContract; contractsList.add(latestContract); update contractslist; // handle Amendment Opportunities Opportunity amendmentOpp = new Opportunity(Submission_Counter__c = 1, Resubmit_Counter__c = 1, SBQQ__AmendedContract__c = firstContract.Id, Name='AmendmentOpp', StageName='1 - Qualification', CloseDate=Date.newInstance(1960, 2, 17)); insert amendmentOpp; amendmentOpp.Resubmit_Counter__c = 2; update amendmentOpp; Opportunity closedAmendmentOpp = new Opportunity(Submission_Counter__c = 1, Resubmit_Counter__c = 1, SBQQ__AmendedContract__c = latestContract.Id, Name='ClosedAmendmentOpp', StageName='CPQ - Closed Won', CloseDate=Date.newInstance(1960, 2, 17)); insert closedAmendmentOpp; } }

2 replies

Stuck on 'Prevent Open Redirects in Your Code' Challenge

Hello,
I'm working on the 3rd part of the App Logic Vulnerability Prevention Module.  

I followed the steps provided in the module to Force Local Redirects Only, but I keep seeing 'Challenge Not Yet Complete, The code does not appear to protect against open redirects. Make sure you have modify the save function to force local redirects only by removing any prepending '/' and then re-adding a '/' prior to saving the PageReference.'

My Code for the save method. Any ideas what's wrong? 

public PageReference save() {
        PageReference savePage;
        if (Schema.SObjectType.Resource_Type__c.isCreateable()) {
            try {

                insert rtype;

                String completion = ApexPages.currentPage().getParameters().get('finishURL');
                system.debug('First$' + completion);
                if (completion.startsWith('/')) {
                    system.debug('Second$' + completion);
                    completion = completion.replaceFirst('/','');

                    system.debug('Third$' + completion);
                }
                savePage = new PageReference('/' + completion);

                savePage.setRedirect(true);
                return savePage;


            } catch (exception e) {
                ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'Unable to update requisitions.  Exception: ' + e.getMessage()));
                return null;
            }
        } else {
            ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'You do not have permission to update requisitions'));
            return null;
        }
    }

 
2 replies

Error id: SCFAVLVV when attempting to complete exercise 6 in Lightning Experience Rollout Specialist

Hello,

I'm seeing this error when trying to validate my step 6 in the Lightning Experience Rollout Specialist Superbadge. It says to post to the developer forums: 

Error id: SCFAVLVV when attempting to complete exercise 6 in Lightning Experience Rollout Specialist
2 replies

Looking for Feedback on my new Salesforce CPQ How-to Youtube Channel

I'm starting a Youtube Channel dedicated to making valuble Salesforce CPQ tutorials. Please check my channel here and post a comment describing the how-to video you want to see. 

Thanks in advance, 

Mister CPQ  
2 replies

App Logic Vulnerability Prevention Prevent Open Redirects in Your Code

Not able to pass this Challenge PFB screen shot.
My Save Method code.

  
public PageReference save(){
        PageReference savePage;
        if (Schema.SObjectType.Resource_Type__c.isCreateable()){
            try{

                insert rtype;

                String completion = ApexPages.currentPage().getParameters().get('finishURL');
                system.debug('First$'+completion);
        if(completion.startsWith('/')){
        system.debug('Second$'+completion);
            completion.replaceFirst('/','');
system.debug('Third$'+completion);
        }
        savePage = new PageReference('/'+completion);
        
        savePage.setRedirect(true);
        return savePage;
            

            }catch (exception e){
                ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'Unable to update requisitions.  Exception: ' + e.getMessage()));
                return null;
            } 
        }else{
            ApexPages.addmessage(new ApexPages.message(ApexPages.severity.ERROR, 'You do not have permission to update requisitions'));
            return null;
        }
    }


User-added image