@j-schreiber/sf-cli-security-audit 0.20.0 → 0.20.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -3
- package/lib/commands/org/audit/run.js.map +1 -1
- package/lib/libs/audit-engine/auditRun.d.ts +4 -0
- package/lib/libs/audit-engine/auditRun.js +11 -5
- package/lib/libs/audit-engine/auditRun.js.map +1 -1
- package/lib/libs/audit-engine/registry/context.types.d.ts +2 -2
- package/lib/libs/audit-engine/registry/roles/roleManager.js +6 -0
- package/lib/libs/audit-engine/registry/roles/roleManager.js.map +1 -1
- package/lib/libs/audit-engine/registry/roles/userRole.d.ts +22 -3
- package/lib/libs/audit-engine/registry/roles/userRole.js +38 -14
- package/lib/libs/audit-engine/registry/roles/userRole.js.map +1 -1
- package/lib/libs/audit-engine/registry/shape/shapeValidation.js +15 -4
- package/lib/libs/audit-engine/registry/shape/shapeValidation.js.map +1 -1
- package/lib/libs/conf-init/auditConfig.js +5 -2
- package/lib/libs/conf-init/auditConfig.js.map +1 -1
- package/lib/libs/conf-init/defaultClassifications.d.ts +2 -2
- package/lib/libs/conf-init/defaultClassifications.js.map +1 -1
- package/lib/libs/quick-scan/userPermissionScanner.js +12 -9
- package/lib/libs/quick-scan/userPermissionScanner.js.map +1 -1
- package/lib/salesforce/connection.d.ts +52 -0
- package/lib/salesforce/connection.js +130 -0
- package/lib/salesforce/connection.js.map +1 -0
- package/lib/salesforce/describes/orgDescribe.d.ts +19 -2
- package/lib/salesforce/describes/orgDescribe.js +26 -1
- package/lib/salesforce/describes/orgDescribe.js.map +1 -1
- package/lib/salesforce/index.d.ts +1 -0
- package/lib/salesforce/index.js +1 -0
- package/lib/salesforce/index.js.map +1 -1
- package/lib/salesforce/mdapi/genericSettingsMetadata.d.ts +2 -2
- package/lib/salesforce/mdapi/genericSettingsMetadata.js.map +1 -1
- package/lib/salesforce/mdapi/mdapi.d.ts +4 -4
- package/lib/salesforce/mdapi/mdapi.js +8 -8
- package/lib/salesforce/mdapi/mdapi.js.map +1 -1
- package/lib/salesforce/mdapi/metadataRegistryEntry.d.ts +3 -3
- package/lib/salesforce/mdapi/metadataRegistryEntry.js +1 -9
- package/lib/salesforce/mdapi/metadataRegistryEntry.js.map +1 -1
- package/lib/salesforce/mdapi/namedMetadataToolingQueryable.d.ts +2 -2
- package/lib/salesforce/mdapi/namedMetadataToolingQueryable.js +1 -1
- package/lib/salesforce/mdapi/namedMetadataToolingQueryable.js.map +1 -1
- package/lib/salesforce/mdapi/namedMetadataType.d.ts +2 -2
- package/lib/salesforce/mdapi/namedMetadataType.js.map +1 -1
- package/lib/salesforce/mdapi/singletonMetadataType.d.ts +2 -2
- package/lib/salesforce/mdapi/singletonMetadataType.js.map +1 -1
- package/lib/salesforce/repositories/connected-apps/connected-apps.d.ts +2 -2
- package/lib/salesforce/repositories/connected-apps/connected-apps.js.map +1 -1
- package/lib/salesforce/repositories/connected-apps/oauth-tokens.d.ts +2 -2
- package/lib/salesforce/repositories/connected-apps/oauth-tokens.js +3 -7
- package/lib/salesforce/repositories/connected-apps/oauth-tokens.js.map +1 -1
- package/lib/salesforce/repositories/perm-sets/permission-sets.d.ts +2 -2
- package/lib/salesforce/repositories/perm-sets/permission-sets.js.map +1 -1
- package/lib/salesforce/repositories/profiles/profiles.d.ts +2 -2
- package/lib/salesforce/repositories/profiles/profiles.js.map +1 -1
- package/lib/salesforce/repositories/users/users.d.ts +3 -3
- package/lib/salesforce/repositories/users/users.js +6 -6
- package/lib/salesforce/repositories/users/users.js.map +1 -1
- package/messages/auditShapeValidation.md +4 -0
- package/messages/rules.enforceClassificationPresets.md +4 -0
- package/messages/salesforceConnectionErrors.md +11 -0
- package/oclif.manifest.json +1 -1
- package/package.json +1 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { EventEmitter } from 'node:events';
|
|
2
|
-
import
|
|
2
|
+
import SfConnection from '../../connection.js';
|
|
3
3
|
import { SfOauthToken } from './connected-app.types.js';
|
|
4
4
|
type QueryOptions = {
|
|
5
5
|
/** Result size for query when batching starts */
|
|
@@ -11,7 +11,7 @@ export default class OAuthTokens extends EventEmitter {
|
|
|
11
11
|
private readonly con;
|
|
12
12
|
private readonly defaultOptions;
|
|
13
13
|
private readonly maxUserCount;
|
|
14
|
-
constructor(con:
|
|
14
|
+
constructor(con: SfConnection);
|
|
15
15
|
queryAll(options?: QueryOptions): Promise<SfOauthToken[]>;
|
|
16
16
|
private batchQueryTokens;
|
|
17
17
|
private fetchTokenChunk;
|
|
@@ -27,9 +27,7 @@ export default class OAuthTokens extends EventEmitter {
|
|
|
27
27
|
allTokens = await this.batchQueryTokens(userIds, definitiveOptions);
|
|
28
28
|
}
|
|
29
29
|
else {
|
|
30
|
-
const tokenResult = await this.con.query(OAUTH_TOKEN_QUERY
|
|
31
|
-
autoFetch: true,
|
|
32
|
-
});
|
|
30
|
+
const tokenResult = await this.con.query(OAUTH_TOKEN_QUERY);
|
|
33
31
|
allTokens = tokenResult.records;
|
|
34
32
|
if (!tokenResult.done) {
|
|
35
33
|
ResolveLifecycle.emitWarn(messages.getMessage('warning.NotAllOauthTokenReturned', [tokenResult.totalSize, tokenResult.records.length]));
|
|
@@ -59,14 +57,12 @@ export default class OAuthTokens extends EventEmitter {
|
|
|
59
57
|
return subResults.flat();
|
|
60
58
|
}
|
|
61
59
|
else {
|
|
62
|
-
const direktResult = await this.con.query(formatTokenSoql(userIds)
|
|
63
|
-
autoFetch: true,
|
|
64
|
-
});
|
|
60
|
+
const direktResult = await this.con.query(formatTokenSoql(userIds));
|
|
65
61
|
return direktResult.records;
|
|
66
62
|
}
|
|
67
63
|
}
|
|
68
64
|
async fetchUserIds() {
|
|
69
|
-
const userResult = await this.con.query(ALL_EXISTING_USER_IDS, {
|
|
65
|
+
const userResult = await this.con.query(ALL_EXISTING_USER_IDS, false, {
|
|
70
66
|
autoFetch: true,
|
|
71
67
|
maxFetch: this.maxUserCount,
|
|
72
68
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-tokens.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/connected-apps/oauth-tokens.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,
|
|
1
|
+
{"version":3,"file":"oauth-tokens.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/connected-apps/oauth-tokens.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AACzE,OAAO,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAG5C,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,eAAe,EACf,eAAe,EACf,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAEtB,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AASjG,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,YAAY;IAOf;IANnB,cAAc,GAAiB;QAC9C,kBAAkB,EAAE,OAAO,CAAC,OAAO,CAAC,+BAA+B,CAAC,IAAI,IAAI;QAC5E,iBAAiB,EAAE,OAAO,CAAC,OAAO,CAAC,4BAA4B,CAAC,IAAI,GAAG;KACxE,CAAC;IACe,YAAY,CAAC;IAE9B,YAAoC,GAAiB;QACnD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAc;QAEnD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,IAAI,OAAO,CAAC;IACxE,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,OAAsB;QAC1C,MAAM,iBAAiB,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC;QACjE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAC5D,IAAI,SAAyB,CAAC;QAC9B,IAAI,WAAW,CAAC,SAAS,GAAG,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;YACjE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1C,SAAS,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QACtE,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAe,iBAAiB,CAAC,CAAC;YAC1E,SAAS,GAAG,WAAW,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;gBACtB,gBAAgB,CAAC,QAAQ,CACvB,QAAQ,CAAC,UAAU,CAAC,kCAAkC,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAC7G,CAAC;YACJ,CAAC;QACH,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;YAC7C,gBAAgB,CAAC,QAAQ,CACvB,QAAQ,CAAC,UAAU,CAAC,kCAAkC,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CACnG,CAAC;QACJ,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,UAAoB,EAAE,OAAqB;QACxE,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACvE,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QAC5F,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;IACxB,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,OAAiB,EAAE,OAAqB;QACpE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,CAAC,SAAS,GAAG,OAAO,CAAC,kBAAkB,IAAI,OAAO,CAAC,iBAAiB,GAAG,CAAC,EAAE,CAAC;YACxF,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,iBAAiB,GAAG,CAAC,CAAC,CAAC;YACnE,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;YACxD,MAAM,cAAc,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAC7C,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE;gBAC1B,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;gBAC9C,iBAAiB,EAAE,gBAAgB;aACpC,CAAC,CACH,CAAC;YACF,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACrD,OAAO,UAAU,CAAC,IAAI,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAe,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;YAClF,OAAO,YAAY,CAAC,OAAO,CAAC;QAC9B,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,YAAY;QACxB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAgB,qBAAqB,EAAE,KAAK,EAAE;YACnF,SAAS,EAAE,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,YAAY;SAC5B,CAAC,CAAC;QACH,IAAI,UAAU,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YAC7C,gBAAgB,CAAC,QAAQ,CACvB,QAAQ,CAAC,UAAU,CAAC,mCAAmC,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,CACpG,CAAC;QACJ,CAAC;QACD,OAAO,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/D,CAAC;CACF"}
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import EventEmitter from 'node:events';
|
|
2
|
-
import { Connection } from '@salesforce/core';
|
|
3
2
|
import { PermissionSet } from '../perm-sets/perm-sets.types.js';
|
|
3
|
+
import SfConnection from '../../connection.js';
|
|
4
4
|
import { ResolvePermSetOptions } from './perm-sets.types.js';
|
|
5
5
|
export default class PermissionSets extends EventEmitter {
|
|
6
6
|
private readonly con;
|
|
7
7
|
private readonly mdapi;
|
|
8
|
-
constructor(con:
|
|
8
|
+
constructor(con: SfConnection);
|
|
9
9
|
resolve(opts?: Partial<ResolvePermSetOptions>): Promise<Map<string, PermissionSet>>;
|
|
10
10
|
private retrievePermsetsFromOrg;
|
|
11
11
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission-sets.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/perm-sets/permission-sets.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"permission-sets.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/perm-sets/permission-sets.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AACvC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AAGzC,OAAO,EAAyB,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAC1F,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,CAAC,OAAO,OAAO,cAAe,SAAQ,YAAY;IAGlB;IAFnB,KAAK,CAAQ;IAE9B,YAAoC,GAAiB;QACnD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAc;QAEnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,IAAqC;QACxD,MAAM,OAAO,GAAG,2BAA2B,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACzD,MAAM,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;QACtG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9E,MAAM,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnH,MAAM,OAAO,GAAG,IAAI,GAAG,EAAyB,CAAC;QACjD,KAAK,MAAM,WAAW,IAAI,kBAAkB,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACnD,MAAM,YAAY,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACnD,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,OAAO,CAAC,YAAY,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;gBAC1F,SAAS;YACX,CAAC;YACD,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;gBACpD,SAAS;YACX,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE;gBACvB,QAAQ,EAAE,YAAY;gBACtB,QAAQ,EAAE,aAAa,CAAC,QAAQ,IAAI,IAAI;gBACxC,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACzF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,uBAAuB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAkB,qBAAqB,CAAC,CAAC;QAC9E,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7E,CAAC;CACF"}
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
import
|
|
1
|
+
import SfConnection from '../../connection.js';
|
|
2
2
|
import { Profile, ResolveProfilesOptions } from './profile.types.js';
|
|
3
3
|
export default class Profiles {
|
|
4
4
|
private readonly con;
|
|
5
5
|
private readonly mdapi;
|
|
6
|
-
constructor(con:
|
|
6
|
+
constructor(con: SfConnection);
|
|
7
7
|
/**
|
|
8
8
|
* Resolves all profiles from the org, optionally with metadata
|
|
9
9
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profiles.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/profiles/profiles.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"profiles.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/profiles/profiles.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,sBAAsB,CAAC;AAEzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAkD,4BAA4B,EAAE,MAAM,oBAAoB,CAAC;AAElH,MAAM,CAAC,OAAO,OAAO,QAAQ;IAGS;IAFnB,KAAK,CAAQ;IAE9B,YAAoC,GAAiB;QAAjB,QAAG,GAAH,GAAG,CAAc;QACnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,OAAO,CAAC,IAAsC;QACzD,MAAM,cAAc,GAAG,4BAA4B,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QACtE,MAAM,MAAM,GAAG,IAAI,GAAG,EAAmB,CAAC;QAC1C,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAgB,kBAAkB,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC,CAAC;QAC5G,MAAM,QAAQ,GAAG,cAAc,CAAC,YAAY;YAC1C,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CACtB,SAAS,EACT,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAC3E;YACH,CAAC,CAAC,EAAE,CAAC;QACP,KAAK,MAAM,SAAS,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAChD,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE;gBACjC,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,EAAE;gBAC/B,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,QAAQ;gBACpC,IAAI,EAAE,SAAS,CAAC,OAAO,CAAC,IAAI;gBAC5B,QAAQ,EAAE,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC;aAC3C,CAAC,CAAC;YACH,IAAI,cAAc,CAAC,YAAY,IAAI,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;gBAClF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}
|
|
@@ -1,11 +1,11 @@
|
|
|
1
|
-
import
|
|
1
|
+
import SfConnection from '../../connection.js';
|
|
2
2
|
import { ResolveUsersOptions, User } from './user.types.js';
|
|
3
3
|
export default class Users {
|
|
4
|
-
private readonly
|
|
4
|
+
private readonly con;
|
|
5
5
|
private readonly mdapiRepo;
|
|
6
6
|
private readonly usersMaxFetch;
|
|
7
7
|
private readonly startingBatchSize;
|
|
8
|
-
constructor(
|
|
8
|
+
constructor(con: SfConnection);
|
|
9
9
|
/**
|
|
10
10
|
* Resolve all users from the target connection. Options controls
|
|
11
11
|
* additional properties that are resolved.
|
|
@@ -8,13 +8,13 @@ import { buildScopedLoginHistoryQuery, USERS_QUERY } from './queries.js';
|
|
|
8
8
|
Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
|
|
9
9
|
const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'metadataretrieve');
|
|
10
10
|
export default class Users {
|
|
11
|
-
|
|
11
|
+
con;
|
|
12
12
|
mdapiRepo;
|
|
13
13
|
usersMaxFetch;
|
|
14
14
|
startingBatchSize;
|
|
15
|
-
constructor(
|
|
16
|
-
this.
|
|
17
|
-
this.mdapiRepo = MDAPI.create(this.
|
|
15
|
+
constructor(con) {
|
|
16
|
+
this.con = con;
|
|
17
|
+
this.mdapiRepo = MDAPI.create(this.con);
|
|
18
18
|
this.usersMaxFetch = envVars.resolve('SAE_MAX_USERS_LIMIT') ?? 100_000;
|
|
19
19
|
this.startingBatchSize = 256;
|
|
20
20
|
}
|
|
@@ -63,7 +63,7 @@ export default class Users {
|
|
|
63
63
|
}
|
|
64
64
|
// PRIVATE ZONE
|
|
65
65
|
async fetchUsers(opts) {
|
|
66
|
-
const usersOnOrg = await this.
|
|
66
|
+
const usersOnOrg = await this.con.query(USERS_QUERY, false, {
|
|
67
67
|
autoFetch: true,
|
|
68
68
|
maxFetch: this.usersMaxFetch,
|
|
69
69
|
});
|
|
@@ -103,7 +103,7 @@ export default class Users {
|
|
|
103
103
|
}
|
|
104
104
|
async fetchLoginAggregateChunks(userIds, chunkSize, daysToAnalyse) {
|
|
105
105
|
const initialIdChunks = chunkArray(userIds, chunkSize);
|
|
106
|
-
const loginAggregateProms = initialIdChunks.map((idChunk) => this.
|
|
106
|
+
const loginAggregateProms = initialIdChunks.map((idChunk) => this.con.query(buildScopedLoginHistoryQuery(idChunk, daysToAnalyse)));
|
|
107
107
|
const loginAggregates = await Promise.all(loginAggregateProms);
|
|
108
108
|
return loginAggregates.map((queryResult) => queryResult.records).flat();
|
|
109
109
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"users.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/users/users.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"users.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/users/users.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,KAAK,MAAM,sBAAsB,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EAAuB,yBAAyB,EAAoB,MAAM,iBAAiB,CAAC;AACnG,OAAO,EAAE,4BAA4B,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEzE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AAEjG,MAAM,CAAC,OAAO,OAAO,KAAK;IAKY;IAJnB,SAAS,CAAQ;IACjB,aAAa,CAAC;IACd,iBAAiB,CAAC;IAEnC,YAAoC,GAAiB;QAAjB,QAAG,GAAH,GAAG,CAAc;QACnD,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,IAAI,OAAO,CAAC;QACvE,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC;IAC/B,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAAC,IAAmC;QACtD,MAAM,cAAc,GAAG,yBAAyB,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QACnE,MAAM,MAAM,GAAsB,IAAI,GAAG,EAAgB,CAAC;QAC1D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QACzD,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC9B,MAAM,GAAG,GAAS;gBAChB,MAAM,EAAE,IAAI,CAAC,EAAG;gBAChB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC1E,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAChC,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC;gBACzC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;aAC/B,CAAC;YACF,IAAI,cAAc,CAAC,eAAe,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;gBACpE,GAAG,CAAC,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;oBAC3E,uBAAuB,EAAE,UAAU,CAAC,aAAa,CAAC,IAAI;oBACtD,mBAAmB,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;oBACzE,GAAG,CAAC,UAAU,CAAC,kBAAkB,EAAE,aAAa,IAAI;wBAClD,SAAS,EAAE,UAAU,CAAC,kBAAkB,EAAE,aAAa;qBACxD,CAAC;iBACH,CAAC,CAAC,CAAC;YACN,CAAC;iBAAM,IAAI,cAAc,CAAC,eAAe,EAAE,CAAC;gBAC1C,GAAG,CAAC,WAAW,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACjC,CAAC;QACD,IAAI,cAAc,CAAC,gBAAgB,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,cAAc,CAAC,uBAAuB,EAAE,CAAC;YAC3C,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACnC,MAAM,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,sBAAsB;IAEd,KAAK,CAAC,UAAU,CAAC,IAAyB;QAChD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAS,WAAW,EAAE,KAAK,EAAE;YAClE,SAAS,EAAE,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,aAAa;SAC7B,CAAC,CAAC;QACH,IAAI,UAAU,CAAC,SAAS,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9C,gBAAgB,CAAC,QAAQ,CACvB,QAAQ,CAAC,UAAU,CAAC,yCAAyC,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAC3G,CAAC;QACJ,CAAC;QACD,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC5F,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,KAAwB,EAAE,aAAsB;QAC1E,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,oBAAoB,CACrD,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EACrD,aAAa,CACd,CAAC;QACF,MAAM,UAAU,GAAG,cAAc,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC;QAC1D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAClC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;YACnB,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAAC,OAAiB,EAAE,aAAsB;QAC1E,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;QAC9F,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,IAAI,IAAI,IAAI,WAAW,IAAI,KAAK,EAAE,CAAC;gBACvE,+EAA+E;gBAC/E,IAAI,KAAK,CAAC,SAAS,KAAK,mBAAmB,IAAI,OAAO,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACnE,2FAA2F;oBAC3F,yFAAyF;oBACzF,uGAAuG;oBACvG,OAAO,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;gBACtG,CAAC;YACH,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,yBAAyB,CACrC,OAAiB,EACjB,SAAiB,EACjB,aAAsB;QAEtB,MAAM,eAAe,GAAG,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QACvD,MAAM,mBAAmB,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC1D,IAAI,CAAC,GAAG,CAAC,KAAK,CAAwB,4BAA4B,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAC5F,CAAC;QACF,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAC/D,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1E,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,KAAwB;QACpD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,kBAAkB,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7F,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAClC,IAAI,CAAC,eAAe,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,qBAAqB,CAAC,KAAwB;QAC1D,MAAM,YAAY,GAAG,wBAAwB,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAC7E,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAClC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,WAAY,EAAE,CAAC;gBACpC,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED,SAAS,cAAc,CAAC,SAAkC;IACxD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAwB,CAAC;IAClD,KAAK,MAAM,eAAe,IAAI,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAC5C,CAAC;QACD,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC,MAAM,CAAE,CAAC,IAAI,CAAC;YAC1C,SAAS,EAAE,eAAe,CAAC,SAAS;YACpC,UAAU,EAAE,eAAe,CAAC,UAAU;YACtC,WAAW,EAAE,eAAe,CAAC,WAAW;YACxC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,CAAC;YAChD,MAAM,EAAE,eAAe,CAAC,MAAM;SAC/B,CAAC,CAAC;IACL,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAqB;IACrD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IACvC,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;YACpB,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;gBAClC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAqB;IAC/C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IACzC,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpC,CAAC"}
|
|
@@ -18,6 +18,10 @@ Permission is classified as "%s" and not allowed in role "%s".
|
|
|
18
18
|
|
|
19
19
|
Permission is BLOCKED and not allowed for any role.
|
|
20
20
|
|
|
21
|
+
# violations.permission-is-denied
|
|
22
|
+
|
|
23
|
+
Permission is denied by role "%s".
|
|
24
|
+
|
|
21
25
|
# warnings.permission-unknown
|
|
22
26
|
|
|
23
27
|
Permission classified as UNKNOWN. Update classification to LOW or higher to resolve.
|
package/oclif.manifest.json
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@j-schreiber/sf-cli-security-audit",
|
|
3
3
|
"description": "Salesforce CLI plugin to automate highly configurable security audits",
|
|
4
|
-
"version": "0.20.
|
|
4
|
+
"version": "0.20.2",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
7
7
|
"url": "git+https://github.com/j-schreiber/js-sf-cli-security-audit"
|