johnbelosf
commented
1 year ago Hi @RiyazRanger the team will get back to you on this. If you have already scanned your solution with Code Analyzer with scanner:run and have resolved any security issues or identified false positives, please feel free to proceed with the Security Review submission without using Graph Engine with scanner:run:dfa.
We are optimizing the Graph Engine experience specifically for Security Review, so we are conscious that partners might face some issues in the meantime.
RiyazRanger
git2gus[bot]
stephen-carter-at-sf
Describe the bug Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: TodoException: What should I do if ApexValue from StandardCondition is not an ApexBooleanValue, ApexCustomValue, ApexForLoopValue, or ApexSingleValue: ApexValue=ApexValue(ApexSoqlValue) {status=INITIALIZED, declarationVertex=null, valueVertex=SoqlExpression{properties={FirstChild=true, BeginLine=86, DefiningType_CaseSafe=allocationtablehandler, LastChild=false, Query=[SELECT Id, PermissionSet.Name,AssigneeId FROM PermissionSetAssignment WHERE AssigneeId = :Userinfo.getUserId() WITH SECURITY_ENFORCED], DefiningType=AllocationTableHandler, EndLine=86, childIdx=0, BeginColumn=62}}, resolvedValues={}, returnedFrom=null, invocableExpression=null, method=null}, parent=Unknown{conditionType=UNKNOWN, properties={FirstChild=true, BeginLine=90, DefiningType_CaseSafe=allocationtablehandler, LastChild=false, DefiningType=AllocationTableHandler, EndLine=90, childIdx=0, BeginColumn=41}}, vertex=MethodCallExpressionVertex{fullMethodName=psa.PermissionSet.Name.contains, referenceVertex=LazyVertex{result=ReferenceExpression{properties={FirstChild=true, Names=[psa, PermissionSet, Name], BeginLine=90, DefiningType_CaseSafe=allocationtablehandler, LastChild=false, DefiningType=AllocationTableHandler, EndLine=90, Name_CaseSafe=psa.permissionset.name, childIdx=0, BeginColumn=18, ReferenceType=METHOD, Name=psa.PermissionSet.Name}}}, chainedNames=[psa, PermissionSet, Name], properties={FirstChild=true, FullMethodName=psa.PermissionSet.Name.contains, BeginLine=90, FullMethodName_CaseSafe=psa.permissionset.name.contains, DefiningType_CaseSafe=allocationtablehandler, LastChild=true, DefiningType=AllocationTableHandler, EndLine=90, MethodName_CaseSafe=contains, childIdx=0, BeginColumn=41, MethodName=contains}}: com.salesforce.rules.fls.apex.operations.SchemaBasedValidationAnalyzer.getDerivedApexValue(SchemaBasedValidationAnalyzer.java:89);com.salesforce.rules.fls.apex.operations.SchemaBasedValidationAnalyzer.getDerivedApexValue(SchemaBasedValidationAnalyzer.java:117);com.salesforce.rules.fls.apex.operations.SchemaBasedValidationAnalyzer.checkForValidation(SchemaBasedValidationAnalyzer.java:74);com.salesforce.rules.fls.apex.operations.FlsValidationCentral.checkSchemaBasedFlsValidation(FlsValidationCentral.java:69);com.salesforce.rules.fls.apex.AbstractFlsVisitor.afterVisit(AbstractFlsVisitor.java:80);com.salesforce.rules.fls.apex.ReadFlsRuleVisitor.afterVisit(ReadFlsRuleVisitor.java:61)
"Urgency": How is this Business stopping? I have to check security Review for App Exchange To Reproduce Steps to reproduce the behavior: List lstcurrentUserPerSet = [SELECT Id, PermissionSet.Name,AssigneeId FROM PermissionSetAssignment WHERE AssigneeId = :Userinfo.getUserId() WITH SECURITY_ENFORCED];
Boolean userHasProjectUserpermission = false;
for ( PermissionSetAssignment psa : lstcurrentUserPerSet ) {
System.debug('##psa.PermissionSet.Name : ' + psa.PermissionSet.Name);
if ( psa.PermissionSet.Name.contains('Projects_User') ) {
userHasProjectUserpermission = true;
system.debug('user_has_projectUserpermission = '+userHasProjectUserpermission);
}
}
Expected behavior A clear and concise description of what you expected to happen.
Screenshots If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
OS: [iOS] Scanner Version [v0.1.1] Additional context Add any other context about the problem here.
"Workaround": Have you found any ways to sidestep the problem?