BhanuPrakash sfdc: February 2022

Sunday, 20 February 2022

Salesforce Data management & Integration

1.Big objects

2.External Objects.

3.Canvas APP.

Big objects :

A big object stores and manages massive amounts of data on the Salesforce platform.

We can archive data from other objects or bring massive datasets from outside systems into a big object to get a full view of your customers.

Clients and external systems use a standard set of APIs to access big object data. A big object provides consistent performance,

whether we have 1 million records, 100 million, or even 1 billion. This scale gives a big object its power and defines its features.

Big Object Use Cases

Some of the use cases for Big Object are: -

360° view of the customer— Extend your Salesforce data model to include detailed information from loyalty programs, feeds, clicks,

billing and provisioning information, and more.

Auditing and tracking— Track and maintain a long-term view of Salesforce or product usage for analysis or compliance purposes.

Historical archive— Maintain access to historical data for analysis or compliance purposes while optimizing the performance of your

core CRM or Lightning Platform applications.

Implementation - Key Consideration :-

Big Objects have few limitations which should be considered before making any decision: -

Big objects support custom Lightning and Visualforce components rather than standard UI elements home pages, detail pages, list views, and so on.

Big Object storage doesn't count against organization data storage limit. Based upon Salesforce edition, up to 1 million records are free.

Additional record capacity can be bought in blocks (50M but can vary) and price is negotiable.

We can query big objects using standard SOQL or with Async SOQL. Async SOQL schedules and runs queries asynchronously in the background,

so it can run queries that normally time out with regular SOQL. Async SOQL is the most efficient way to process the large amount of data in a

big object. Async SOQL is available as add-on license.

Big objects support only object and field permissions (FLS and CRUD), not regular or standard sharing rules.

Search, Reports and Dashboards are not allowed on Big Objects - As Big Objects are designed for very large data volumes,

these features are not yet available in Salesforce. However, there are a few workarounds for reporting on Big Objects : -

Use Einstein Analytics, which you can report on Big Objects

Summarize the information you want to report for Async SOQL, and store the result in an intermediate custom object.

Then we can report on that custom object

Big Objects support only Lookup, Date/Time, Email, Number, Phone, Text, Text Area (Long) and URL data type.

However, we can use workarounds — like creating a formula field on custom object and copying that value as text in the targeted Big Object.

Salesforce does not support flows, triggers, and process builder on Big Objects.

Big objects don't support encryption. If you archive encrypted data from a standard or custom object, it is stored as clear text on the big object.

You can’t use Salesforce Connect external objects to access big objects in another org.

How can We Query Big Objects?

If we know that you are querying small amount of records then you can use SOQL

And the another way is “Async SOQL”

AsyncSOQL: To manage millions and millions of records in your custom big objects salesforce introduced AsyncSOQL.

But Async SOQL is included only with the licensing of additional big object capacity.

SOQL – Can retrieve records within the governor limits

Async SOQL – Can retrieve billions of records

2.External Objects:

How to Connect?

Salesforce Connect provides multiple options to connect to external systems with the help of the following adaptors:

1.OData 2.0 adapter or OData 4.0 adapter

2.Cross-org adapter

3.Custom adapter created via Apex

Note :

Record level access is not configurable for External Objects.

Record access ("all or nothing") is provided via Object Permissions at the Profile level.

For example, given External Object alpha__x a Profile could be configured to have "Read" access or no visibility at all,

depending on your business requirements.

External Object Relationships :

Two special types of lookup relationships are available for external objects: external lookups and indirect lookups.

Custom web Application run on external Server :

Salesforce Connect Limitations :

Salesforce Connect has some limitations that are important to remember and follow while using it:

The maximum number of external objects that can be created per organization: 100

The maximum number of joins per query across external objects and other types of objects: 4

The maximum length of the OAuth token issued by an external system: 4,000 characters

The maximum page size for server-driven paging: 2,000 rows

Canvas apps :

What is Canvas ?

1.Canvas is a set of tools and JavaScript APIs that allow for easy integration with a 3rd party application.

2.It allows you to take your new or existing applications and make them available to your users as part of their Salesforce experience.

3.Under the hood, Canvas apps are loaded into Salesforce through an iframe.

What is a Canvas app ?

A Canvas app is a special type of connected app within Salesforce that allows users to access the external system directly

from within the Salesforce UI. Canvas includes tools that handle:

1.Authentication

2.Context

3.Cross-domain XHR

4.Events

The Canvas SDK :

The Canvas SDK is used from JavaScript in an app that supports JavaScript to access Salesforce data that the user has access to.

The data requests that Canvas apps make happen in the context of the Salesforce user.

You will include the Canvas SDK in your external app in order to access Salesforce Data and publish/subscribe to events using the Streaming API.

This is easily included from your Salesforce org using a URL:

src="https://curious-impala-skkpwh-dev-ed.lightning.force.com/canvas/sdk/js/52.0/canvas-all.js">

</script>

Sunday, 6 February 2022

Salesforce Bulk API Using PK Chunking

Bulk API provides a programmatic option to quickly retrieve and load data from and to Salesforce.

It is based on the REST principle and is optimized for managing large data volume.

But if the table has more than 10 million records, the process will time out or hit errors.

Here is where you need PK chunking. PK Chunking splits the query into smaller chunks automatically, thereby making the process easier and faster.

Salesforce support custom index own custom fields that will help us easily locate the rows without scanning

every row in the database.

Index points to the row of data.

They use the clolumns to identify the data row without scanning the full table.

Salesforce IDs:

This is the fastest way to find a record in the database by using the ID in the specific query.

Bulk API provides a programatic option to load or retrieve your org's data to and from salesforce.

Bulk API is optimised for retrieving a large set of data.

We can use it to query,queryall,insert ,update or upsert records.

If your table is massive then the bulk queries usually times out or gives errors as it finds it hard to complete the process.

What is PK Chunking?

->PK stands for Primary Key.

-> Feature enabled in spring '15.

-> Automatically split the query based on Primary Key.

-> Execute a query for each chunk and return the data.

-> Makes large queries manageable in Bulk API.

The query is divided into smaller queries,and each queries will retrieve a smaller portion of data

in parallel thereby making the process easy and faster.

Extract queries are run with successive boundaries,and the number of records to be retrieved by each query is called

the chunk size.

Each query retrieve the maximum number of records as the chunk size.

ex:

The first query retrieves is for the records to do a specified starting ID and the

starting ID plus the chunk size,and the next part is the next chunk of record

and the process will continue until all the data is retrieved.

When to use PK Chunking?

->Objects more than 10 million records to improve performance.

->When a bulk query consistently times out.

Supported Objects

-> Standard (Not all Objects)

-> Custom

-> Sharing tables(If Parent is supported)

-> History tables(If Parent is supported)

Common Errors during Data Management

-> Query not 'selective' enough

Non-selective query against large object type(more than 100000 rows).

->Query takes too long

No response from the server.

->Time limit exceeded

Your request exceeded the time limit for processing.

->Too much data returned in query

Too many query rows : 50001

Remoting response size exceeded maximum of 15 MB.

How to enable PK Chunking?

we need to add certain parameters to the Bulk API request headers to enable PK chunking.

Parameter

1.Field name : Sforce-Enable-PKChunking

2.Field values : TRUE -Enable PKChunking,FALSE-Disable PKChunking

3.chunksize : Number of records in each chunk.Default-2,000,Maximum size-2,50,000

4.Parent : Parent object when PK chunking for queries on sharing objects.

5.startRow : 15/18-character Record ID.Lower boundary for the first chunk.

ex : Sforce-Enable-PKChunking: chunkSize=50000; startRow=00130000000xEftMGH

Limitations :

-> PK chunking cannot be enabled for queries with

Order By

Filtering on any Id fields

Limit Clause

-> Enabling PK chunking in Dataloader is still an idea.

-> Each chunk is processed as a separate batch that counts towards your daily batch limit.

Salesforce Sharing and Security

Profiles

-Object and field security

-Org permissions

-One per user

Permission Set :

Permission sets has offered the ability to grant nearly all the same permissions as the profile,

but usually are limited to one or two specific use cases, or one or two specific permissions per permission set.

-> Good for one off permissions

-> Multiple Per user

why Still Use Profiles?

1.Default record types are always assigned at the profile level.

2.Page layout assignments are also assigned at the profile level.

Permission set groups :

-> can contain multiple permission sets

-> Based on job function

-> Can included muted permissions

Record Access :

1.Organization-wide defaults (OWD)

Different access levels

-> Controlled by Parent

-> Private

-> Public Read Only

-> Public Read/Write

External Sharing Model

-> Similar to internal sharing model

-> Access must be more restrictive or equal

2.Roles and role hierarchy

-> Vertical sharing

-> Vertical sharing with users above in hierarchy.

3.Sharing rules

-> Horizontal sharing with users (Bulk)

-> Based on ownership or criteria

-> Can share with role, role and subordinates,or group.

4.Manual Sharing

-> Horizontal sharing (Single record)

-> Flexible sharing (Single Record) : Share records you own with specific users.

-> Sharing button on records : Unavailable if OWD are Public Read/Write.

Public Groups and Queues :

Public Groups :

Can segment group of users that need the same access;Can specify Grant Access using Hierarchies to share with hierarchy of group users.

Queues :

Can assign records to teams that share a workload:any queue member can take ownership of record owned by the queue.

Restriction rules:

Restriction rules function as the opposite of sharing rules, and it will remove access to records, but they will be applied after all other sharing has taken place.

5.Team sharing

People have consistent teams they work on records with

-> Account

-> Opportunity

-> Case

-> Enabled by admin with roles added.

-> Team members specified by users.

-> Account,Opportunity and Case teams.

Account Team :

Salesforce Admin can enable Account Teams and create roles.

Users can specify their own account teams that they want to work with and assign roles.

Users can automatically add team to new accounts.

Team members get access to account.

-> Read

-> Read/Write

Team members can inherit access to child contacts and opportunities.

Opportunity Team :

Works similar to Account Teams.

Admin will enable for org and create roles.

Users can specify their own Opportunity teams.

Users will ger Read or Read/Write access to opportunities.

Team members are granted Read access to parent account.

Case Teams:

Case teams work similar to account and opportunity teams with some slight tweaks.

Admin will enable for org and create roles that determine access.

Note : But in the case of case teams, it's the roles that will actually determine what access a user will get.

Team members can get Read or Read/Write access to case or be added as private members with no access.

Predefined Case Teams:

Admins can predefine case teams so that you can quickly add people who you frequently work with.

Predefined case teams are going to work similar to the account and opportunity teams except they have to be configured by the Salesforce administrator.

6.Enterprise Territory management

-> Specific use cases

-> Additional layer of security and sharing.

-> Configure Users

Assign users to one or more territories.

-> Configure Accounts

Assign account records to one or more territories.

-> Ahow it works

Access determined by territories.

-> Additional Objects

Configure opportunity,case and Contact access.

-> Define access

Configure default access and territory specific access.

Enterprise Territory Management Access

-> Available default access levels dependent on OWD.

-> Accounts (View,View/Edit,View/Edit/Transfer/Delete)

->Opportunities (No access,View,View/Edit)

->Contacts and Cases (No access,View,View/Edit)

-> Can set territory specific access when creating new territories.

Territory Hierarchy :

can create territory hierarchies by setting territories as parents to other territories.

Access Inheritance :

Child territory's access level is inherited by parent territories above it.

Note :

->Assign access based on territory

->Can create territory hierarchy

->Child territory's access is inherited by parent.

Salesforce Org Security Features :

1.Multi-factor Authentication(MFA)

Enforce security when logging in with MFA.

-> Profile level

Configure each profile's Session Security Level Required at Login to High Assurance.

-> Org level

In Setup, configure Session Security Levels in Session Settings to add Multi-factor Authentication to the High Assurance Column.

2.Trusted IP Ranges

Defined at the org level : user will need to provide a security code received via email or text if outside the range.

-> Trusted Ips at org level.

3.Login IP Ranges

Defined at the profile level:user will be denied access if outside the range.

-> Login Ips at profile level.

4.Login Hours

Defined at the profile level:user will be denied access if outside the range.

-> Login hours at Profile level.

Delegated Administration :

-> Assign limited adim permissions to users who aren't admins.

-> Create and edit users in roles and subordinate roles.

-> Add and remove profiles and permission sets.

-> Login as Users

-> Manage custom objects

Note : Grant admin permissions to non-admins

Saturday, 5 February 2022

Mulesoft and Anypoint Platform

what is an API?

API stands for "Application Programming Interface".

-> API's deliver user requests to back-end systems & deliver responses back to the user.

-> API's act as a communication bridge between a product or service &

other Products or services without having to know how they are implemented.

Mule Runtime :

-> Mule Runtime is an integration engine that runs Mule apps.

-> Mule apps connect systems,services, APIs & devices using Mulesoft's API-led connectivity.

-> Mule Runtime supports domains & Policies.

-> The Mule apps,domains & Policies all share an XML domain-specific language.

Why would you use Mulesoft?

Mulesoft unifies apps,data & devices delivering a single view of customers,automates business processes

& builds connected experiences that power great digital experiences.

An eneterprises increase the amount of apps in use they need universal API Management.

Mulesoft has the Anypoint Platform for full API Lifecycle management.

What is the Anypoint Platform?

The Anypoint Platform is made up of many products & Services that help you with your full API Lifecycle.

1.Design & Build APIs as well as integrations across your enterprise.

2.Reduce time to market with APIs for partner & customer apps.

3.Automate security for threat protection at every layer.

Anypoint Platform Hosting Options :

1.Control Plane

2.Runtime Plane

Control Plane :

Where you design,deploy,manage APIs & Mule applications.

Runtime Plane :

Where your APIs & Mule applications are deployed as well as made available to users.

There are many options available for running Anypoint where you want to run it such as cloud,on-premises or containers.

1.CloudHUb

Mulesoft's Anupoint Platfrom PAAS solution

2.On-premises/IAAS

Run your own Mule servers on your own hardware being on-premises bare metal or VMs or VMs running in cloud IAAS.

Configure & run Anypoint Platfrom Private Cloud Edition(PCE) & Maintain all data storage,processing,transmission,& control plane functionality locally.

3.Kubernetes/Pivotal Cloud Foundry

->Anypoint Runtime Fabric(ARF) is running Anypoint as containers on Kubernetes.

->ARF can run on a pure K8s cluster or cloud managed K8s service such as Amazon Elastic Kubernetes Service(Amazon EKS),

Azure Kubernetes Service(AKS),or Google Kubernetes Engine(GKE).

-> Run Anupoint within the infrastructure provided by pivotal Cloud Foundry(PCF).

-> Deploy Mule applications to PCF using the Runtime Manager UI.

4.Mulesoft Government Cloud

A secure Paas,FedRAMP-compliant deployment environment hosted and managed by Mulesoft.

MuleSoft Licensing :

Annual Subscriptions OR Enterprise License Agreements

Licensing for Mulesoft is a annual subscription-based.

The Mulesoft plans are consistent regardless of deployment approach:On-premises,Cloud or a Hybrid of two.

Mulesoft licensing is driven by the number of cores needed to run APIs or apps.

A core is a unit of processing power,they can be physical or virtual & are priced the same.

Mulesoft Support Models :

1.GOLD

2.PLATINUM

3.TITANIUM

What is MuleSoft CloudHub?

CloudHub is the Platfrom as a Service(PAAS) component of Anypoint Platfrom.

CloudHub is the hosting of the Anypoint Platfrom components in Mulesoft's cloud.

With CloudHUb you can deploy Mule Apps,design & create APIs ,Integrate with on-premises apps,or cloud apps/services,identity integrations,secrets management,manage access,mointor & alert,hosted private exchange & more.

Mulesoft CloudHub Architecture

Anypoint Runtime Manager is the interface to the Anypoint Platfrom &

is how CloudHub is accessed & Managed.

The CloudHub architecture includes two major components:

1.Anypoint platfrom services

2.Worker Cloud

Anypoint Platform Components :

The Anypoint Platform is unique in the API Platfrom landscape in that it can be used to develop & execute APIs as well as the ability to manage & orchestrate API-led integration across the enterprise.

1.Anypoint Design Center

Anypoint Design Center is a web based dev environment used to create API specifications,fragments & Mule apps.

It consists of two tools :

a.API Designer

b.Flow Designer

API Designer :

API Designer enables you to create API specifications in multiple modeling languages & create RAML API fragments.

Flow Designer :

Flow Designer,lets you create Mule applications to integrate systems into workflows.

2.Anypoint Studio

-> Anypoint Studio is Mulesoft's integration development environment(IDE) for building & testing APIs & Mule Apps as well as integrations.

-> Anypoint Studio is Eclipse-based & installs locally on a developers Computer supporting Windows,Linux and Mac.

-> You can build API Specifications & flows in Anypoint Studio.

-> From Anypoint studio you can handle many tasks some including :

Run an API locally

Deploy an API to CloudHub

Publish to an Exchange

Work with MUnit testing

Configure API specification files and Mule domains

what is the Mule App?

Mule apps perform system integrations.

Mule apps use components,connectors & modules as well as read,write & process data.

Under the hood Mule apps are XML

Mule apps can be developed with Anypoint Studio,Flow Designer or with other IDEs for the advanced developers.

The Foundation of Mule apps are components that execute business logic on messages that flow through your apps.

Mule apps are configured to run in the mule Runtime engine.

Mule Apps have three categories of components:

1.Core Components

2.Connectors

3.Modules

Core Components :

Core components support programmatic operations on Mule Apps such as flow control,error handling,

batch & transforming data flowing through your Mule Apps.

Connectors :

Connectors group components that were created integrate Mule Apps with external sources,

such as 3rd party API endpoints like Salesforce,SAP,Slack ect...

Modules

Modules group components that were created to add flexibility Mule Apps allowing to aggregate values,

compress data,use Java features,processing JSON & Much More.

DataWeave Language :

DataWeave is MuleSoft's primary functional programming language used for transforming data.

DataWeave can also be used to configure MuleSoft components & connectors.

DataWeave is also available as a command-line tool.

Flows :

Flows contains a series of Mule components that receive or process messages.

A Flow consists of a sequence of cards,with each card representing a core component,connector,module or API.

Mule Apps have a scope of Flow & Subflow components this is where they process messages.

Mule Apps can have a single flow or subflows.

Subflows are typically used to divide a Mule App into Functional Modules or for error-handling purposes.

You can schedule Flows via the Runtime Manager or they can have Mule Sources like an HTTP listener to trigger the flows execution.

Share data with Experience Cloud and External Users

Community Cloud is now Experience Cloud.

Used to build multiple customer touchpoints through digital experiences.

->Customer Service

->Partner Management

->External apps

Digital Experience :

If you are working with a new org that has not yet created a community, then you will have to enable digital experiences before you can start creating any sites.

Note :

New orgs will enable digital experiences.

-> Select a unique domain.

External sharing model different than internal model.

User Access Considerations :

which users need access ?

-> Internal users

-> Partners

-> Customers

-> Guest users

External users or customers will only have access to the customer site,

and external users known as partners will only have access to the partner site.

External Login-based Licenses

1.External Apps

2.Customer Community

3.Customer Community Plus

4.Partner Community/Channel Account

External Apps License :

For the External Apps licenses, it was designed for light B2C or business-to-consumer usage scenarios.

It is typically seen as a sort of commerce portal.

Most importantly, it offers minimal access to Salesforce data and allows access to just a few standard objects.

2.Customer Community License

The Customer Community license is also used for business-to-consumer solutions, but it offers access to more Salesforce objects

than the External Apps license does. These objects include data like cases and events, along with data related to customer service

such as the work order and service appointment.

3.Customer Community Plus License

For customer-based sites that focus around driving sales, the Customer Community Plus license is available. This license offers the same sharing benefits as the full internal license does.

4.Partner Community License

Good for B2B scenarios where you need access to leads,opportunities and campaigns.

Channel Account :

Salesforce offers a similar license known as the Channel Account license.

In terms of features and access, it is essentially the same as the Partner Community one.

It is just packaged a little differently.

This one is perfect for companies with sites that need to calculate usage based on the number of partners and not individual use.

Guest User Profile :

Special kind of profile access for unaunthenticated users.

Each site is assigned a guest user for unauthenticated access.

"secure guest user record access' setting :

Having this enabled means that org-wide defaults for guest users will always be private for all objects, regardless of what external org-wide settings

have been enabled for this org. And this is a good thing since it helps tighten security for any public-facing sites that can be accessed by

unauthenticated users. This means that in order for guest users to have access to data they need, they will need to

specifically create sharing rules for these guest users.

Customer Community Login vs Customer Community :

The "Customer Community Login" licenses are for logins-per-month pricing, and the "Customer Community" licenses are for named-user licensing.

High Volume Customer Portal license :

These are intended for sites with thousands or millions of users, but they are limited in what access they provide.

External Sharing Options :

1.Sharing Sets

2.Share Groups

3.Account Role Hierarchy

4.External Role Hierarchy

5.Account Relationships

6.Super Users

When it comes to associating these options with specific licenses, sharing sets and share groups are available to users

with the Customer Community license since this license is not role-based.

keep in mind that the default level set for external access cannot be more permissive than the access for internal users.

Sharing Sets and Share Groups :

Sharing Sets:

Grants access to records associated with :

->Account or contact records that match the user's account or contact.

-> works with access mappings

Use Profiles and not roles to grant access.

Sharing sets work by granting access to records via something known as an access mapping.

Access Mappings :

Assume that there is a need to grant external users access to the case object.

When setting up a sharing set, you will need to specify whether the ID associated with an account matches the related account ID for that case

or whether this match comes from the ID associated with the contact. You will then need to specify what access level should be allowed,

and this can be either public read-only or public read/write.

Share Groups:

Share groups work together with sharing sets to grant access to internal users for any records owned by external users that are part of the sharing set.

But there can only be one share group associated with a sharing set.

Account Role Hierarchies :

Account role hierarchies to facilitate sharing with external users.

Default partner roles :

The first is a partner user, followed by a partner manager, and partner executive.

Whenever the first external user is enabled for a partner account, an account role hierarchy is created.

If the number of roles for the site remains at three, then this will include a partner user at the bottom of the hierarchy,

and above that will be the partner manager and partner executive at the very top.

Account Relationships:

Used to connect two partner accounts.

Configured with clicks and not code.

Configure data to be shared through rules.

To take advantage of this feature, it will first need to be enabled in the org, and once it is, it cannot be disabled.

External Account Hierarchies :

External account hierarchies is a feature that was introduced as a beta feature in the Summer '20 release and has now since moved to general availability.

It works very similar to the role hierarchy that is used for internal users since it opens up access vertically to users with higher roles.

It is just that this feature is used for external users assigned a role-based license, and here is the thing that separates it from account relationships.

It does not require setting up sharing rules.

Note :

Just like account relationships, this is a feature not enabled by default. But once it is turned on in an org, it cannot be disabled.

If it is enabled, a new external account hierarchy object will be created.

Note :

Use of the more advanced sharing features may come with the advantage of wider access for external users, but there are always tradeoffs to consider for that wider access.

Super Users :

Super users are what was once known as portal super users.

Super users allow site users to view the records of other users that are either at the same level or below them in the hierarchy.

This feature is available to users assigned the Customer Community Plus or Partner Community licenses only.

it must first be enabled by toggling it on in digital settings.

As long as super user access has been enabled in the org and each of these partner managers has been enabled as a partner super user,

they should have access to each other's records.

This feature is limited to certain objects such as opportunities, leads, cases, and custom objects.

Summary :

1.Which external user sharing feature available is dependent on license-either role based or non-role based.

2.External User sharing features :

->Sharing sets and share groups

These two features are only available with the customer community license, which is non role-based.

This means the feature must work with a profile to open up access.

It also means they can perform well for simple sites with thousands or millions of users.

These are known as high-volume sites.

-> Account role hierarchy

Beyond this are the advanced sharing features which are role-based. It begins with the account role hierarchy.

-> Account Relationships and sharing rules

If a more granular level of access is needed, there are account relationships, which work together with sharing rules.

-> External Role Hierarchy

For sites that do not want to work with sharing rules, there is a new feature known as the external role hierarchy.

->Super Users

They will be able to share records with users that are at the same level or below them in the hierarchy.

Note :

1.A site user's access begins with the user's baseline record access along with the external org-wide defaults set for the org.

2.These external org-wide defaults can never be more permissive than the equivalent internal setting,

which is logical since you would never want an external user to have more access than an internal one.

3.It is considered a best practice to limit the number of customer and partner account roles allowed in an org.

4.it is important to remember that by using features that allow more granular sharing, well, this results in a trade off where there will also be more limits along with possible site performance problems.

Guest User Profile :

Restricted access for unaunthenticated users.

-> Greatly enhanced in summer 20, etc

-> Use sharing rules to grant access.

-> Guest users cannot own new records.

Records should be assigned to default owner.

Sharing Sets :

-> Grants access to records that match the user's account or contact record.

-> Use profiles and not roles to grant access.

-> Only one sharing set per object and profile.

Friday, 4 February 2022

Data Modeling in Salesforce

Schema Builder

Schema Builder gives you a visual overview of all the objects, object relationships, and fields on all of the objects.

The Schema Builder gives you three main functions.

1.Get a drone-level view of your org

You can visualize and edit your data model directly from the Schema Builder.

This is the only standard tool in Salesforce that gives you an overall visual of your data model.

2.Create objects

you can create objects in the Schema Builder.

You can set the attributes and do all those things you can do from the object manager.

Note :

The only thing you cannot do from Schema Builder is to create a tab, but that can be done in the standard way.

3.Create fields and object relationships

you can create fields and object relationship fields in the Schema Builder.

It's an easy-to-use drag-and-drop tool, and you can create any data type field except for geolocation fields.

Summary :

1.Schema Buider gives a visual high-level view of the data model.

2.Create custom objects,fields and object relationships.

3.A powerful drag and drop tool.

4.Far more efficient than using the object manager.

Object Relationship :

1.Lookup

A lookup field establishes a one-to-many, parent-child relationship between the objects.

The lookup field is on the child object. It allows the child records to be in a related list on the parent record.

1.Both records retain their own security and sharing independently of each other.

2.The parent and the child records, have separate ownership.

3.By default, there is no cascade delete. In other words, if the parent is deleted, the child records will not also be deleted automatically.

This could be requested of Salesforce to enable this, but it's dangerous.

Carefully consider if you really want child records to be deleted when the parent is deleted, before you request this of Salesforce.

4.If the lookup field is required, then you cannot delete the parent record.

5.The OWD settings on the parent and child objects are independent of each other.

Lookup Field Options

what to do if the lookup parent record is deleted?

a.Clear the value of the lookup field.

b.Don't allow deletion of the lookup record that's part of the relationship.

This is probably the most common option chosen by Salesforce customers.

c.By default, no cascade delete.

d.Cascade delete by request to Salesforce to "enable cascade delete" feature.

2.Master-detail

A master detail field establishes a one-to-many parent-child relationship.

The master-detail field is on the child object.

This is why we see the child or detail records in a related list on the parent or master object.

-> Inherited Security :

Master-detail fields establish a tight relationship. There is inherited record security.

If a user could access the parent, they could access all the child records.

-> Inherited Ownership :

There is inherited ownership. If the user owns the parent, they will own all the child records.

->Two master-detail fields per object.

There is a maximum of two master-detail fields per object.

Note : The total number of relationship fields, which are lookups and master details combined, is 40 per object.

-> Cascade delete

Using a master-detail field means that there is cascade delete for the detail records.

If the master is deleted, the detail or child records are also deleted.

-> OWD for the detail object will be 'controlled by parent'

The OWD on the detail object will be set to controlled by parent and it cannot be changed.

Master-detail Field Options

a.Allow reparenting :

When creating the master-detail field, you can allow reparenting of the detail records, which is a best practice.

If the master record must be deleted, the detail records can be reparented to another master record.

b.Sharing Setting :

When you create the field, you set the minimum access required on the master to create, read, edit, or delete the related detail records.

->Read only allows users with at least read access on the master record to create, read, edit, or delete the related detail records

->Read/write allows users with at least read/write access on the master record to create, read, edit, or delete the related detail records.

Advantage of Master-detail Relationship :

1.Allows for the creation of rollup summary fields on the parent(master)object.

You can create them on any custom object that is on the master side of the relationship, the parent.

You can create them on any standard object that is on the master side of a master-detail relationship.

2.Rollups can calculate the count, sum, min, or max on the child records.

->Count gives account of all or a filtered subset of detailed records.

->Number, currency, and percent fields are available when you select sum as a rollup type.

->Number, currency, percent, date, and datetime fields are available when you select min or max as a rollup type.

->Min and max work with date fields, min would give you the most recent, and max would give you the oldest.

Lookup and Master-detail Filters :

There are times when you might not want to look up all the records using the lookup or master-detail, but a subset of records.

It is very common to have a desire to view just a subset of records with lookups or master-detail fields.

Filter criteria allows you to filter based on the current child record that you're working with, the lookup or parent record,

the user record of the user, their permissions or role, and any records related to the parent object.

Note :

1.Lookup filters restrict results to a subset of records.

2.Filter criteria allows comparing fields and values on :

->The current (child) record.

->The lookup (parent) record.

->The user's record,permissions and role.

-> Records directly related to the target(parent) object.

Junction Objects :

The purpose of a junction object is to create a many-to-many relationship.

Note :

The standard object cannot be on the detail side of a master-detail relationship.

The first master-detail relationship you create on the junction object becomes the primary relationship.

So when you create a junction object, you will strategize a bit to determine which of the master-detail relationships you want to be the primary.

The junction object inherits the look and feel of the primary master object.

Additionally, the primary object will be the primary object in standard report types.

Salesforce will create standard reports using the primary object as the primary report type in the report and also use the secondary object as the primary in the report type.

Sharing access to the junction object record is determined by the users sharing access to both associated master records and the Sharing Setting option on the master‑detail relationship field.

Note :

User selects minimum level of access required on master record to CRED related detail records.

Read only, which means that if the OWD of both objects is set to public read only or public read/write,

they will be able to create junction object records.

But if either one of the object's OWD is set to public read only, and either of the master-detail records sharing on the field is read/write,

the user will get an insufficient privileges error.

1.The junction object records inherit the value of the Owner field from their associated primary master record.

2.Objects on the detail side of the relationship do not have a visible Owner field.

Note :

Two standard report types are created with junction objects.

Salesforce creates a report type with the primary master object, the junction object,

and the secondary master object in the primary master object's report category.

Salesforce also creates a standard report type with the secondary master object, the junction object,

and the primary master object in the secondary master object's report category.

Record Deletion Implications :

1.The junction object records are deleted when either associated master record is deleted and they are placed in the Recycle Bin.

2.If both associated master records are deleted, the junction object record is deleted permanently and cannot be restored.

Junction objects establish a many-to-many relationship.

The first master‑detail relationship created on the junction object is the primary relationship, and it causes the junction object to inherit look and feel, and also affects the standard report types created.

The sharing access to a junction object record is determined by the user sharing access to both associated master records in the OWD and the Sharing Setting option on the relationship field.

If the OWD on the object is public read‑only, then you cannot put read/write on the master‑detail relationship or you will get insufficient privileges.

Note :

You could use lookup relationships for creating the many-to-many relationship,

but that will not support the entire features of the many-to-many concepts that you get by using master-detail fields.

Converting Relationship Fields and Data Skews :

1.Converting a master-detail field to a lookup field

You cannot convert a master-detail field into a lookup if there are any roll-up summary fields on the master object.

This is because lookups do not support roll‑up summary fields.

We need to delete our roll-up summary field and erase it out of memory before we can convert the master-detail to a lookup.

Converting a master-detail relationship to a lookup for a custom object on the detail side changes the organization-wide defaults for the object to Public read/write.

2.Converting a lookup field to a master-detail field

We can convert a lookup relationship to a master-detail if the lookup fields in all the records contains a value, that's because that is required in a master-detail relationship.

Converting a lookup to a master-detail relationship changes the organization-wide default to controlled by parent and field sharing setting is updated to read/write.

Data Skews :

if you do have an org that has 10,000 records in any object, you need to consider Data Skews.

There are three types of skews.

1.Account Data Skew

2.Lookup Data Skew

3.Ownership Data Skew

Account Data Skew :

Since the account object in Salesforce maintains special relationships with many child objects,

if too many child records are associated with an account, it creates issues with record locking and sharing performance.

ex :

An account record with over 10,000 contact records if you're updating that many child records with the same account parent and multiple threads.

For each update, the system locks both the child being changed and its parent to maintain integrity in the database.

OwnerShip Data Skew :

This is defined as a single user or queue owning most of the records of a particular object.

it can cause performance issues if that user is moved around the role hierarchy or moved into or out of a role or group

that is the source group for a sharing role. In these cases, Salesforce must do a lot of calculations in the sharing tables of records,

which can lead to long-running recalculation of access rights. Distributing ownership of records across a greater number of users

will decrease the chances of having long-running updates occurring.

Lookup Data Skew :

This happens when a large number of records are associated to a single record in the lookup object.

An example would be 300,000 account records with a lookup to a custom object with three records in it,

and one of those three records must be chosen with the lookup field on the account.

Every time an account is inserted or updated, the relevant lookup target records, which are the three custom object records, have to be locked.

If this were not so, and someone deleted one of the three custom object records while the insert or update was happening,

it would cause Salesforce to blow up, or at least be a reference integrity issue.

how can these skews be mitigated?

1.For account record skews, consider breaking any account with more than 10,000 child records into separate accounts.

2.For ownership skews, if a single user owns more than 10,000 records, they should not hold the role in the role hierarchy.

If they do, put them in a separate role at the top of the hierarchy.

Another way to mitigate would be to distribute ownership of the records to another user or users.

3.For lookup fields, consider using a picklist instead of a lookup field, or distribute the skew to a wider number of records.

Thursday, 3 February 2022

Personalized Emails in Salesforce Marketing Cloud

Email :

The full compilation of all of the marketer's thoughts and is received by the actual customer or the recipient.

Template :

That email, however, is based off of a template, a framework of components and sections that make up that email.

Content Blocks :

That email and template have content blocks, a compilation of different types of pieces of content.

Content :

Content can be images, buttons, words, and code.

Content Builder :

Content Builder is actually where we're going to create the emails, the templates, and the content blocks

These out-of-the-box templates come in many different types in order provide you a wide range of templates that you can get started with.

These are all responsive, and they've all been tested through Marketing Cloud, although you should perform your own testing on every single send that goes out.

Template-Based Email Type :

which means it's based on an existing template, either one that it comes out of the box or one that we previously saved.

why do you want to personalize?

1.To provide a better customer experience.

2.To retain existing customers.

But if you think from a marketer's perspective, you're really trying to achieve two different things.

1.Higher Open Rates

You're trying to get more people to open your email so they can see the content.

You can do this by changing your preheader or your subject line and providing more personalized communication and content around that to drive a better open rate.

2.Higher Click through Rates.

The second thing that you want to achieve is you want to achieve a higher click through rate.

This is the end goal of email communication. You have content that you know your customers are going to like or products

that your customers are going to like, and you want to be able to provide those products or content in a timely manner,

in a personalized way so that a person can see that information and go to the page. So you can do this by changing your banner information,

your call to action, the products on the page, or the content you show them to drive that higher click through rate, and at the end of the day,

drive value to your customers.

Items needed for Personalization :

1.Use Case :

The full picture along with how each personalized piece of content will work together.

2.Data :

The ability to know when to show which personalization to a customer.

3.Email

The combination of all the assets & Logic to display the correct information.

Personalization stats :

1.Throughout the years, it's been found that personalized emails deliver six times higher transaction rates.

2.It's also been proven over the years that 67% of people who unsubscribe from a brand's promotional email indicate that they have received too many irrelevant emails.

So it's very key to have an engaged customer who is receiving content they're actually engaged in.

How can you personalize emails in Marketing Cloud?

1.Dynamic Content

2.AMPscript

3.Segmented emails

4.Guide Template Language

1.Dynamic Content

Dynamic content allows you to build personalization with no code using logic and a configuration screen in order to bake in the personalization you need into your email.

2.AMPscript

The second common way you can do personalization in Marketing Cloud is using AMPscript,

Marketing Cloud's out-of-the-box scripting language that has extensive functions to enable personalization and email communication.

3.Segmented emails

it is a little bit more manual, but also accomplishes the end goal. It's using segmented emails.

So instead of actually personalize the emails, you would just create different variations of your emails and send to your different audiences

so they receive the actual content they want. This way is a little bit more manual, time-consuming, and doesn't have all the advantages

of pure personalization, but again accomplishes the goal here.

4.Guide Template Language

Using another scripting language in Marketing Cloud called Guide Template Language.

Guide Template Languages are very common when you're doing e‑commerce or transactional plays where you're trying to pull in information about the customer,

potentially receipt information, and showing that information so that it's contextual to their experience.

what do you personalize?

1.Image

2.Content

3.Products

You want to personalize the images that are in the email, the content that actually makes up the copy, and also the products that you're showing to your end user if you have products.

Personalization Strings:

AMPscript that allows you to personalize your emails without a whole lot of complicated code behind it.

ex : %%emailaddr%%

You can use the %%emailaddr%% in order to display this to the email.

The's %%s coming before and after the string indicates that it's a personalization string to Marketing Cloud.

%%firstname%%

Value for the subscriber's first name as entered in the profile attribute Full Name.

This string pulls the value before the space.

%%_subscriberkey%%

Subscriber key is the unique identifier of an individual in the system to Marketing Cloud.

%%FIELDNAME%%

This field name potentially could be filled in with whatever column that you have in your date extension that you're trying to send to.

Note :

1.SubscriberKey, which is a unique identifier inside of Marketing Cloud.

2.There are a few ways that data can get into Marketing Cloud. One of them is through integrations, another is through manual entry, and a third is through uploading data into Marketing Cloud through files.

Tips for a fault tolerant email :

1.Always have a backup plan when there is no data.

2.Investigate the size of your audience ahead of time.

3.Test every audience/personalization variation.

Send a Personalized Email with AMPscript :

%%[

set @firstName =AttributeValue("FirstName")

set @firstNamePersonalization = IF( NOT EMPTY(@firstName),@firstName,"Customer)

]%%

</span>

Hey %%=v(@firstNamePersonalization)=%%

%%[

set @interest=AttributeValue("Interest");

IF @interest=="Mountain climbing" THEN

set @subject="New Mountain boots inside!"

ELSEIF @interest =="Rock climbing" THEN

set @subject="Looking for other climbers in your area?"

ELSE

set @subject="Find the top ranked walking trails in your location!"

ENDIF

]%%

</span>

%%=v(@subject)=%%

Tuesday, 1 February 2022

How to avoid SOQL Injection?

1. Use Bind variable instead of dynamic query and use static query

ex:

String searchText = '%'+Name+'%';

[SELECT Id, Name,Type,Rating,Phone,Active__c FROM Account where Name Like :searchText];

2. Use escapeSingleQuotes method to sanitize user-supplied input

ex :

String query = 'SELECT Id, Name,Type,Rating,Phone,Active__c FROM Account where Name Like

\'%'+String.escapeSingleQuotes(Name)+'%\' ';

List<Account> res = Database.query(query);

3.WITH SECURITY ENFORCED

ex:

String searchText = '%'+Name+'%';

return [SELECT Id, Name,Type,Rating,Phone,Active__c FROM Account where Name Like :searchText

WITH SECURITY_ENFORCED];