The previous article examined an issue related to lookup fields in a lookup relationship. In short, if you have automation created on a child object that should run when a lookup to a parent record becomes null, the automation will not perform the expected steps if the parent record is deleted elsewhere, e.g. by an Apex trigger.
The idea of building Python application
This article looks at an application, written in Python, that searches for process and workflow rule automation issues in Salesforce organizations. Why only processes and workflow rules, you may ask — why not look in the Apex code. The answer is simple: finding this type of issue in the code requires a powerful analyzer with a complex assessment algorithm, creating which is a time- and resource-intensive task. We were aiming to confirm the theory that the type of situations in question are possible when automation is being created by inexperienced developers, which is not surprising, as the type of situation was not even described in official Salesforce documentation. As we searched a certain number of organizations manually for similar vulnerabilities, we found that each of these had broken automations like that. Thus, the idea was born to create an application capable of locating most, if not all, such automations. The manual search provided us with an overview of possible “broken” automations, i.e. where a lookup field was checked for a null value. Our application can also identify so-called “warnings”, i.e. where a lookup field is checked for a changed value.
Where can I find an application?
Repository that contains the project code: https://github.com/vadimsmilgin/check_automation.
We will now briefly look at the core application files.
You may have guessed that our application uses process, workflow, and SObject metadata. We use ANT Migration Tool for retrieving it. You can consult this document for instructions on ANT. The metadata is stored in the Sample folder, in the application root folder. Renaming application files and folders are not recommended.
For locating errors and warnings, the application uses regular expressions that were identified by investigating only a certain number of organizations, so there is no guarantee that all possible issues will be found.
How to use the application?
The application is already suitable for use on Windows and macOS. To use the application in your system, review README.docx for instructions on installing all prerequisite programs, running the application, and obtaining a result. The result will be written to the application root folder as a JSON object, for ease of reading, with a name formatted as result_(current_date).txt. As you might have guessed, the result consists of two sections. The first one consists of a Process Builder error stating the process name and lookup field name, and a workflow rule error stating the workflow rule name and lookup field name. Further information, such as a description, may be present. If it is available, it means that the lookup field is being used by a formula, and the description is displayed for a quick error review or as a warning. We still recommend opening the organization and viewing the error message in its entirety for a clearer understanding of the error or warning. We do not display a description for other cases, as it is difficult to assemble coherent text from metadata, and going to the organization and reviewing the situation is easier.
The second section consists of warnings and has a similar structure to errors. After reviewing the displayed result, you can go through all of the automation yourself to detect other issues like this and identify further programs that were not detected by the script.
Example of a result based on the automation discussed in the previous article.
{ "Errors": { "Process_Builders": [ { "name": "Update_City_on_Contact", "lookup_fields": [ "ParentId__c" ] } ] }, "Warnings": {} }
The same example, with formula instead of the conditions.
{
"Errors": {
"Process_Builders": [
{
"name": "Update_City_on_Contact",
"lookup_fields": [
{
"fields": [
"ParentId__c"
],
"description": [
"AND(\nISCHANGED([Child__c].ParentId__c,\nISNULL([Child__c].ParentId__c) \n)"
]
}
]
}
]
},
"Warnings": {}
}
This application provides core functionality for identifying vulnerabilities in automation. There is room for improvement, although this article only looks at one option for automated detection of this type of issue.
Still having issues with your installation?
Contact us, we are ready to solve it.