@j-schreiber/sf-cli-security-audit 0.20.1 → 0.20.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -3
- package/lib/libs/audit-engine/registry/roles/roleManager.js +6 -0
- package/lib/libs/audit-engine/registry/roles/roleManager.js.map +1 -1
- package/lib/libs/audit-engine/registry/roles/userRole.d.ts +22 -3
- package/lib/libs/audit-engine/registry/roles/userRole.js +38 -14
- package/lib/libs/audit-engine/registry/roles/userRole.js.map +1 -1
- package/lib/libs/audit-engine/registry/shape/shapeValidation.js +15 -4
- package/lib/libs/audit-engine/registry/shape/shapeValidation.js.map +1 -1
- package/lib/salesforce/describes/orgDescribe.d.ts +6 -0
- package/lib/salesforce/describes/orgDescribe.js +10 -1
- package/lib/salesforce/describes/orgDescribe.js.map +1 -1
- package/messages/auditShapeValidation.md +4 -0
- package/messages/rules.enforceClassificationPresets.md +4 -0
- package/oclif.manifest.json +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -89,7 +89,7 @@ FLAG DESCRIPTIONS
|
|
|
89
89
|
essentially control, if a permission is allowed in a certain profile / permission set.
|
|
90
90
|
```
|
|
91
91
|
|
|
92
|
-
_See code: [src/commands/org/audit/init.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.
|
|
92
|
+
_See code: [src/commands/org/audit/init.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.2/src/commands/org/audit/init.ts)_
|
|
93
93
|
|
|
94
94
|
## `sf org audit run`
|
|
95
95
|
|
|
@@ -134,7 +134,7 @@ FLAG DESCRIPTIONS
|
|
|
134
134
|
never truncated.
|
|
135
135
|
```
|
|
136
136
|
|
|
137
|
-
_See code: [src/commands/org/audit/run.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.
|
|
137
|
+
_See code: [src/commands/org/audit/run.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.2/src/commands/org/audit/run.ts)_
|
|
138
138
|
|
|
139
139
|
## `sf org scan user-perms`
|
|
140
140
|
|
|
@@ -183,7 +183,7 @@ FLAG DESCRIPTIONS
|
|
|
183
183
|
userPermissions.yml.
|
|
184
184
|
```
|
|
185
185
|
|
|
186
|
-
_See code: [src/commands/org/scan/user-perms.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.
|
|
186
|
+
_See code: [src/commands/org/scan/user-perms.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.20.2/src/commands/org/scan/user-perms.ts)_
|
|
187
187
|
|
|
188
188
|
<!-- commandsstop -->
|
|
189
189
|
|
|
@@ -117,6 +117,12 @@ export default class RoleManager extends EventEmitter {
|
|
|
117
117
|
});
|
|
118
118
|
}
|
|
119
119
|
}
|
|
120
|
+
else if (role.isDenied({ name: perm.name, type: permissionType })) {
|
|
121
|
+
result.violations.push({
|
|
122
|
+
identifier,
|
|
123
|
+
message: messages.getMessage('violations.permission-is-denied', [role.roleName]),
|
|
124
|
+
});
|
|
125
|
+
}
|
|
120
126
|
else {
|
|
121
127
|
result.warnings.push({
|
|
122
128
|
identifier,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"roleManager.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/roles/roleManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAA6B,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxG,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AASlE,OAAiB,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAErF,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,oCAAoC,CAAC,CAAC;AAEnH,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,YAAY;IAGf;IAF5B,KAAK,GAA6B,EAAE,CAAC;IAE7C,YAAoC,WAA8B;QAChE,KAAK,EAAE,CAAC;QAD0B,gBAAW,GAAX,WAAW,CAAmB;QAEhE,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzE,MAAM,cAAc,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAC3C,IAAI,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC/B,oBAAoB,CAAC,eAAe,CAClC,QAAQ,CAAC,UAAU,CAAC,iCAAiC,EAAE;wBACrD,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,QAAQ;wBACnC,cAAc;qBACf,CAAC,CACH,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,qBAAqB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC3D,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,GAAG,mBAAmB,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;YAC/G,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACI,eAAe,CAAC,WAAgC,EAAE,cAAyB;QAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QAC1C,CAAC;QACD,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC;QAC7F,MAAM,iBAAiB,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,mBAAmB,EAAE,cAAc,CAAC,CAAC;QACjG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACjE,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC7D,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;;;;;OAMG;IACI,WAAW,CAAC,QAAgB;QACjC,MAAM,kBAAkB,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/C,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;OAMG;IACI,OAAO,CAAC,YAAoB,EAAE,eAAuB;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAChD,OAAO,QAAQ,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACI,OAAO,CAAC,QAAgB;QAC7B,MAAM,kBAAkB,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,QAAQ,CAAC,WAAW,CAAC,mCAAmC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,wBAAwB;IAEhB,eAAe,CACrB,OAA4B,EAC5B,cAAkC,EAClC,cAAyB;QAEzB,MAAM,MAAM,GAAe,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACxC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACpD,MAAM,UAAU,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,cAAc,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7G,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;YACvE,IAAI,kBAAkB,EAAE,CAAC;gBACvB,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;oBACtE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;wBACrB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kCAAkC,CAAC;qBACjE,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC;oBACpF,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;wBACrB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,2CAA2C,EAAE;4BACxE,kBAAkB,CAAC,cAAc;4BACjC,OAAO,CAAC,IAAI;yBACb,CAAC;qBACH,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;oBAC7E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACnB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,6BAA6B,CAAC;qBAC5D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBACnB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oCAAoC,CAAC;iBACnE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,WAAW,CAAC,QAAgB,EAAE,QAA4B;QAChE,IAAI,QAAQ,KAAK,iBAAiB,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,QAAQ,KAAK,mBAAmB,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,QAAgB;QACtC,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,eAAe,EAAE,CAAC;YAC5C,OAAO,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,iBAAiB,CAAC,QAAgB;QACxC,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,iBAAiB,EAAE,CAAC;YAC9C,OAAO,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC1F,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AAED,SAAS,kBAAkB,CACzB,QAAgB,EAChB,IAA0C;IAE1C,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED,SAAS,SAAS,CAAC,QAAgB;IACjC,OAAO,QAAQ,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC"}
|
|
1
|
+
{"version":3,"file":"roleManager.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/roles/roleManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAA6B,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxG,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AASlE,OAAiB,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAErF,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,oCAAoC,CAAC,CAAC;AAEnH,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,YAAY;IAGf;IAF5B,KAAK,GAA6B,EAAE,CAAC;IAE7C,YAAoC,WAA8B;QAChE,KAAK,EAAE,CAAC;QAD0B,gBAAW,GAAX,WAAW,CAAmB;QAEhE,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzE,MAAM,cAAc,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAC3C,IAAI,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC/B,oBAAoB,CAAC,eAAe,CAClC,QAAQ,CAAC,UAAU,CAAC,iCAAiC,EAAE;wBACrD,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,QAAQ;wBACnC,cAAc;qBACf,CAAC,CACH,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,qBAAqB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC3D,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,GAAG,mBAAmB,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;YAC/G,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACI,eAAe,CAAC,WAAgC,EAAE,cAAyB;QAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QAC1C,CAAC;QACD,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC;QAC7F,MAAM,iBAAiB,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,mBAAmB,EAAE,cAAc,CAAC,CAAC;QACjG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACjE,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC7D,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;;;;;OAMG;IACI,WAAW,CAAC,QAAgB;QACjC,MAAM,kBAAkB,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/C,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;OAMG;IACI,OAAO,CAAC,YAAoB,EAAE,eAAuB;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAChD,OAAO,QAAQ,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACI,OAAO,CAAC,QAAgB;QAC7B,MAAM,kBAAkB,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,QAAQ,CAAC,WAAW,CAAC,mCAAmC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,wBAAwB;IAEhB,eAAe,CACrB,OAA4B,EAC5B,cAAkC,EAClC,cAAyB;QAEzB,MAAM,MAAM,GAAe,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACxC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACpD,MAAM,UAAU,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,cAAc,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7G,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;YACvE,IAAI,kBAAkB,EAAE,CAAC;gBACvB,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;oBACtE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;wBACrB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kCAAkC,CAAC;qBACjE,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC;oBACpF,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;wBACrB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,2CAA2C,EAAE;4BACxE,kBAAkB,CAAC,cAAc;4BACjC,OAAO,CAAC,IAAI;yBACb,CAAC;qBACH,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;oBAC7E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACnB,UAAU;wBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,6BAA6B,CAAC;qBAC5D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC;gBACpE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;oBACrB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,iCAAiC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;iBACjF,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBACnB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oCAAoC,CAAC;iBACnE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,WAAW,CAAC,QAAgB,EAAE,QAA4B;QAChE,IAAI,QAAQ,KAAK,iBAAiB,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,QAAQ,KAAK,mBAAmB,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,QAAgB;QACtC,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,eAAe,EAAE,CAAC;YAC5C,OAAO,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,iBAAiB,CAAC,QAAgB;QACxC,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,iBAAiB,EAAE,CAAC;YAC9C,OAAO,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC1F,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AAED,SAAS,kBAAkB,CACzB,QAAgB,EAChB,IAA0C;IAE1C,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED,SAAS,SAAS,CAAC,QAAgB;IACjC,OAAO,QAAQ,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC"}
|
|
@@ -1,13 +1,32 @@
|
|
|
1
1
|
import { PermissionClassifications, UserPrivilegeLevel } from '../shape/schema.js';
|
|
2
2
|
import { RoleManagerConfig, TypedPermission, UserRoleCompareResult } from './roleManager.types.js';
|
|
3
|
+
type UserRolePermissions = {
|
|
4
|
+
allowed: Set<string>;
|
|
5
|
+
denied: Set<string>;
|
|
6
|
+
};
|
|
3
7
|
export default class UserRole {
|
|
4
8
|
roleName: string;
|
|
5
|
-
private
|
|
6
|
-
private
|
|
9
|
+
private userPermissions;
|
|
10
|
+
private customPermissions;
|
|
7
11
|
private roleOrdinalValue?;
|
|
8
|
-
constructor(roleName: string,
|
|
12
|
+
constructor(roleName: string, userPermissions: UserRolePermissions, customPermissions: UserRolePermissions, roleOrdinalValue?: number | undefined);
|
|
13
|
+
/**
|
|
14
|
+
* Evaluates if a permission is explicitly denied
|
|
15
|
+
*
|
|
16
|
+
* @param permission
|
|
17
|
+
* @returns
|
|
18
|
+
*/
|
|
19
|
+
isDenied(permission: TypedPermission): boolean;
|
|
20
|
+
/**
|
|
21
|
+
* Evaluates if a permission of type userPermission or customPermission
|
|
22
|
+
* is allowed for the role.
|
|
23
|
+
*
|
|
24
|
+
* @param permission
|
|
25
|
+
* @returns
|
|
26
|
+
*/
|
|
9
27
|
isAllowed(permission: TypedPermission): boolean;
|
|
10
28
|
compareWith(otherRole: UserRole): UserRoleCompareResult;
|
|
11
29
|
}
|
|
12
30
|
export declare function newRoleFromDefinition(roleName: string, config: RoleManagerConfig): UserRole;
|
|
13
31
|
export declare function newRoleFromOrdinals(roleName: UserPrivilegeLevel, perms?: PermissionClassifications): UserRole;
|
|
32
|
+
export {};
|
|
@@ -5,33 +5,54 @@ Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
|
|
|
5
5
|
const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'rules.enforceClassificationPresets');
|
|
6
6
|
export default class UserRole {
|
|
7
7
|
roleName;
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
userPermissions;
|
|
9
|
+
customPermissions;
|
|
10
10
|
roleOrdinalValue;
|
|
11
|
-
constructor(roleName,
|
|
11
|
+
constructor(roleName, userPermissions, customPermissions, roleOrdinalValue) {
|
|
12
12
|
this.roleName = roleName;
|
|
13
|
-
this.
|
|
14
|
-
this.
|
|
13
|
+
this.userPermissions = userPermissions;
|
|
14
|
+
this.customPermissions = customPermissions;
|
|
15
15
|
this.roleOrdinalValue = roleOrdinalValue;
|
|
16
16
|
}
|
|
17
|
+
/**
|
|
18
|
+
* Evaluates if a permission is explicitly denied
|
|
19
|
+
*
|
|
20
|
+
* @param permission
|
|
21
|
+
* @returns
|
|
22
|
+
*/
|
|
23
|
+
isDenied(permission) {
|
|
24
|
+
if (permission.type === 'customPermissions') {
|
|
25
|
+
return this.customPermissions.denied.has(permission.name.toLowerCase());
|
|
26
|
+
}
|
|
27
|
+
else {
|
|
28
|
+
return this.userPermissions.denied.has(permission.name.toLowerCase());
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Evaluates if a permission of type userPermission or customPermission
|
|
33
|
+
* is allowed for the role.
|
|
34
|
+
*
|
|
35
|
+
* @param permission
|
|
36
|
+
* @returns
|
|
37
|
+
*/
|
|
17
38
|
isAllowed(permission) {
|
|
18
39
|
if (permission.type === 'customPermissions') {
|
|
19
|
-
return this.
|
|
40
|
+
return this.customPermissions.allowed.has(permission.name);
|
|
20
41
|
}
|
|
21
42
|
else {
|
|
22
|
-
return this.
|
|
43
|
+
return this.userPermissions.allowed.has(permission.name);
|
|
23
44
|
}
|
|
24
45
|
}
|
|
25
46
|
compareWith(otherRole) {
|
|
26
47
|
const missingPermsInOther = new Array();
|
|
27
48
|
const missingPermsInThis = new Array();
|
|
28
49
|
const isOrdinallyHigher = this.roleOrdinalValue && otherRole.roleOrdinalValue ? this.roleOrdinalValue >= otherRole.roleOrdinalValue : true;
|
|
29
|
-
const merged = new Set([...this.
|
|
50
|
+
const merged = new Set([...this.userPermissions.allowed, ...otherRole.userPermissions.allowed]);
|
|
30
51
|
for (const perm of merged) {
|
|
31
|
-
if (!this.
|
|
52
|
+
if (!this.userPermissions.allowed.has(perm)) {
|
|
32
53
|
missingPermsInThis.push(perm);
|
|
33
54
|
}
|
|
34
|
-
if (!otherRole.
|
|
55
|
+
if (!otherRole.userPermissions.allowed.has(perm)) {
|
|
35
56
|
missingPermsInOther.push(perm);
|
|
36
57
|
}
|
|
37
58
|
}
|
|
@@ -51,7 +72,7 @@ export function newRoleFromDefinition(roleName, config) {
|
|
|
51
72
|
export function newRoleFromOrdinals(roleName, perms) {
|
|
52
73
|
const roleOrdinalValue = resolvePresetOrdinalValue(roleName);
|
|
53
74
|
if (!perms || roleName === UserPrivilegeLevel.UNKNOWN) {
|
|
54
|
-
return new UserRole(roleName, new Set(), new Set(), roleOrdinalValue);
|
|
75
|
+
return new UserRole(roleName, { allowed: new Set(), denied: new Set() }, { allowed: new Set(), denied: new Set() }, roleOrdinalValue);
|
|
55
76
|
}
|
|
56
77
|
const allAllowed = new Set();
|
|
57
78
|
for (const [permName, permDef] of Object.entries(perms)) {
|
|
@@ -59,7 +80,7 @@ export function newRoleFromOrdinals(roleName, perms) {
|
|
|
59
80
|
allAllowed.add(permName);
|
|
60
81
|
}
|
|
61
82
|
}
|
|
62
|
-
return new UserRole(roleName, allAllowed, new Set(), roleOrdinalValue);
|
|
83
|
+
return new UserRole(roleName, { allowed: allAllowed, denied: new Set() }, { allowed: new Set(), denied: new Set() }, roleOrdinalValue);
|
|
63
84
|
}
|
|
64
85
|
function resolvePresetOrdinalValue(value) {
|
|
65
86
|
const indexOfValue = Object.values(UserPrivilegeLevel).indexOf(value);
|
|
@@ -100,7 +121,7 @@ function buildAllowedPerms(rolePermDef, permClassifications, allowedClassificati
|
|
|
100
121
|
}
|
|
101
122
|
}
|
|
102
123
|
if (!rolePermDef) {
|
|
103
|
-
return allowedPerms;
|
|
124
|
+
return { allowed: allowedPerms, denied: new Set() };
|
|
104
125
|
}
|
|
105
126
|
if (rolePermDef.allowed) {
|
|
106
127
|
for (const permName of rolePermDef.allowed) {
|
|
@@ -117,6 +138,9 @@ function buildAllowedPerms(rolePermDef, permClassifications, allowedClassificati
|
|
|
117
138
|
allowedPerms.delete(permName);
|
|
118
139
|
}
|
|
119
140
|
}
|
|
120
|
-
return
|
|
141
|
+
return {
|
|
142
|
+
allowed: allowedPerms,
|
|
143
|
+
denied: new Set(rolePermDef.denied ? rolePermDef.denied.map((p) => p.toLowerCase()) : []),
|
|
144
|
+
};
|
|
121
145
|
}
|
|
122
146
|
//# sourceMappingURL=userRole.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"userRole.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/roles/userRole.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAEL,mBAAmB,EACnB,kBAAkB,EAClB,mBAAmB,GAEpB,MAAM,oBAAoB,CAAC;AAS5B,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,oCAAoC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"userRole.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/roles/userRole.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAEL,mBAAmB,EACnB,kBAAkB,EAClB,mBAAmB,GAEpB,MAAM,oBAAoB,CAAC;AAS5B,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,oCAAoC,CAAC,CAAC;AAOnH,MAAM,CAAC,OAAO,OAAO,QAAQ;IAElB;IACC;IACA;IACA;IAJV,YACS,QAAgB,EACf,eAAoC,EACpC,iBAAsC,EACtC,gBAAyB;QAH1B,aAAQ,GAAR,QAAQ,CAAQ;QACf,oBAAe,GAAf,eAAe,CAAqB;QACpC,sBAAiB,GAAjB,iBAAiB,CAAqB;QACtC,qBAAgB,GAAhB,gBAAgB,CAAS;IAChC,CAAC;IAEJ;;;;;OAKG;IACI,QAAQ,CAAC,UAA2B;QACzC,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QAC1E,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACI,SAAS,CAAC,UAA2B;QAC1C,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAEM,WAAW,CAAC,SAAmB;QACpC,MAAM,mBAAmB,GAAG,IAAI,KAAK,EAAU,CAAC;QAChD,MAAM,kBAAkB,GAAG,IAAI,KAAK,EAAU,CAAC;QAC/C,MAAM,iBAAiB,GACrB,IAAI,CAAC,gBAAgB,IAAI,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,IAAI,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC;QACnH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;QAChG,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;YAC1B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5C,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChC,CAAC;YACD,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjD,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QACD,OAAO;YACL,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,CAAC,IAAI,iBAAiB;YAChE,kBAAkB;YAClB,mBAAmB;SACpB,CAAC;IACJ,CAAC;CACF;AAED,MAAM,UAAU,qBAAqB,CAAC,QAAgB,EAAE,MAAyB;IAC/E,MAAM,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,iBAAiB,CACjC,WAAW,EAAE,eAAe,EAC5B,MAAM,CAAC,KAAK,CAAC,eAAe,EAC5B,WAAW,EAAE,sBAAsB,CACpC,CAAC;IACF,MAAM,WAAW,GAAG,iBAAiB,CACnC,WAAW,EAAE,iBAAiB,EAC9B,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAC9B,WAAW,EAAE,sBAAsB,CACpC,CAAC;IAEF,OAAO,IAAI,QAAQ,CAAC,QAAQ,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,QAA4B,EAAE,KAAiC;IACjG,MAAM,gBAAgB,GAAG,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAC7D,IAAI,CAAC,KAAK,IAAI,QAAQ,KAAK,kBAAkB,CAAC,OAAO,EAAE,CAAC;QACtD,OAAO,IAAI,QAAQ,CACjB,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,GAAG,EAAU,EAAE,MAAM,EAAE,IAAI,GAAG,EAAU,EAAE,EACzD,EAAE,OAAO,EAAE,IAAI,GAAG,EAAU,EAAE,MAAM,EAAE,IAAI,GAAG,EAAU,EAAE,EACzD,gBAAgB,CACjB,CAAC;IACJ,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;IACrC,KAAK,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,IAAI,gBAAgB,IAAI,4BAA4B,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YAC7E,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IACD,OAAO,IAAI,QAAQ,CACjB,QAAQ,EACR,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,GAAG,EAAU,EAAE,EAClD,EAAE,OAAO,EAAE,IAAI,GAAG,EAAU,EAAE,MAAM,EAAE,IAAI,GAAG,EAAU,EAAE,EACzD,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAyB;IAC1D,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACtE,OAAO,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,GAAG,YAAY,CAAC;AAC/D,CAAC;AAED,SAAS,4BAA4B,CAAC,KAAa;IACjD,OAAO,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;AACjH,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB,EAAE,QAA0B;IAC/D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC,QAAQ,CAAC,CAAC;IAC9C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,QAAQ,CAAC,WAAW,CAAC,mCAAmC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9E,CAAC;IACD,MAAM,WAAW,GAAG,EAAE,CAAC;IACvB,IAAI,mBAAmB,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAChD,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,UAAU,CAAC,WAAW,IAAI,EAAE,EAAE,CAAC;YACnD,MAAM,cAAc,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,cAAc,EAAE,CAAC;gBACnB,KAAK,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;YACrC,CAAC;iBAAM,CAAC;gBACN,MAAM,QAAQ,CAAC,WAAW,CAAC,0CAA0C,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,WAAW,EAAE,CAAC;AACzB,CAAC;AAED,SAAS,iBAAiB,CACxB,WAAsC,EACtC,mBAA+C,EAC/C,sBAAiC;IAEjC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IACvC,IAAI,sBAAsB,IAAI,mBAAmB,EAAE,CAAC;QAClD,KAAK,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;YACtE,IAAI,sBAAsB,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;gBAC5D,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,GAAG,EAAU,EAAE,CAAC;IAC9D,CAAC;IACD,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;QACxB,KAAK,MAAM,QAAQ,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YAC3C,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;QACzB,KAAK,MAAM,QAAQ,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC5C,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvB,KAAK,MAAM,QAAQ,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;YAC1C,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IACD,OAAO;QACL,OAAO,EAAE,YAAY;QACrB,MAAM,EAAE,IAAI,GAAG,CAAS,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KAClG,CAAC;AACJ,CAAC"}
|
|
@@ -14,6 +14,14 @@ export const validator = (parseResult) => {
|
|
|
14
14
|
if (parseResult.inventory.users) {
|
|
15
15
|
errors.push(...validateRoledEntity(parseResult.controls.roles, parseResult.inventory.users, 'users'));
|
|
16
16
|
}
|
|
17
|
+
const defaultRole = parseResult.policies.users?.options.defaultRoleForMissingUsers;
|
|
18
|
+
const defaultRoleExistsAndIsValid = defaultRole !== undefined && parseResult.controls.roles[defaultRole] !== undefined;
|
|
19
|
+
if (defaultRole && !defaultRoleExistsAndIsValid) {
|
|
20
|
+
errors.push({
|
|
21
|
+
message: messages.getMessage('DefaultRoleForMissingUsersDoesNotExist', [defaultRole]),
|
|
22
|
+
path: ['policies', 'users', 'options', 'defaultRoleForMissingUsers'],
|
|
23
|
+
});
|
|
24
|
+
}
|
|
17
25
|
}
|
|
18
26
|
if (!parseResult.policies || Object.keys(parseResult.policies).length === 0) {
|
|
19
27
|
errors.push({
|
|
@@ -29,8 +37,11 @@ export function verifyRoleDefinitions(roles, orgDescribe) {
|
|
|
29
37
|
if (!isPermissionControl(roleDef.permissions) || !roleDef.permissions) {
|
|
30
38
|
continue;
|
|
31
39
|
}
|
|
32
|
-
for (const permissionBlockName of [
|
|
33
|
-
|
|
40
|
+
for (const permissionBlockName of [
|
|
41
|
+
{ listName: 'userPermissions', isValid: (permName) => orgDescribe.isValid(permName) },
|
|
42
|
+
{ listName: 'customPermissions', isValid: (permName) => orgDescribe.isValidCustomPerm(permName) },
|
|
43
|
+
]) {
|
|
44
|
+
const permBlock = roleDef.permissions[permissionBlockName.listName];
|
|
34
45
|
if (!permBlock) {
|
|
35
46
|
continue;
|
|
36
47
|
}
|
|
@@ -38,9 +49,9 @@ export function verifyRoleDefinitions(roles, orgDescribe) {
|
|
|
38
49
|
const namedPerms = permBlock[permProp];
|
|
39
50
|
if (namedPerms) {
|
|
40
51
|
for (const permName of namedPerms) {
|
|
41
|
-
if (!
|
|
52
|
+
if (!permissionBlockName.isValid(permName)) {
|
|
42
53
|
warnings.push({
|
|
43
|
-
path: ['Controls', 'Roles', roleName, permissionBlockName, permProp, permName],
|
|
54
|
+
path: ['Controls', 'Roles', roleName, permissionBlockName.listName, permProp, permName],
|
|
44
55
|
message: messages.getMessage('PermissionDoesNotExistOnOrg'),
|
|
45
56
|
});
|
|
46
57
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shapeValidation.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/shapeValidation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAI5C,OAAO,EAA0B,mBAAmB,EAAgC,MAAM,aAAa,CAAC;AAExG,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,sBAAsB,CAAC,CAAC;AAErG,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,WAAiE,EAAiB,EAAE;IAC5G,MAAM,MAAM,GAAkB,EAAE,CAAC;IACjC,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;QAC9G,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC;YACzC,MAAM,CAAC,IAAI,CACT,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAC3G,CAAC;QACJ,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC;QACxG,CAAC;IACH,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAClD,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,UAAU,qBAAqB,CAAC,KAA6B,EAAE,WAAwB;IAC3F,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAe,CAAC;IAC1C,KAAK,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACtE,SAAS;QACX,CAAC;QACD,KAAK,MAAM,mBAAmB,IAAI,
|
|
1
|
+
{"version":3,"file":"shapeValidation.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/shapeValidation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAI5C,OAAO,EAA0B,mBAAmB,EAAgC,MAAM,aAAa,CAAC;AAExG,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,sBAAsB,CAAC,CAAC;AAErG,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,WAAiE,EAAiB,EAAE;IAC5G,MAAM,MAAM,GAAkB,EAAE,CAAC;IACjC,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;QAC9G,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC;YACzC,MAAM,CAAC,IAAI,CACT,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAC3G,CAAC;QACJ,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC;QACxG,CAAC;QACD,MAAM,WAAW,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,0BAA0B,CAAC;QACnF,MAAM,2BAA2B,GAC/B,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,SAAS,CAAC;QACrF,IAAI,WAAW,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAChD,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,wCAAwC,EAAE,CAAC,WAAW,CAAC,CAAC;gBACrF,IAAI,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,4BAA4B,CAAC;aACrE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAClD,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,UAAU,qBAAqB,CAAC,KAA6B,EAAE,WAAwB;IAC3F,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAe,CAAC;IAC1C,KAAK,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACtE,SAAS;QACX,CAAC;QACD,KAAK,MAAM,mBAAmB,IAAI;YAChC,EAAE,QAAQ,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAC,QAAgB,EAAE,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YAC7F,EAAE,QAAQ,EAAE,mBAAmB,EAAE,OAAO,EAAE,CAAC,QAAgB,EAAE,EAAE,CAAC,WAAW,CAAC,iBAAiB,CAAC,QAAQ,CAAC,EAAE;SACjG,EAAE,CAAC;YACX,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpE,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,SAAS;YACX,CAAC;YACD,KAAK,MAAM,QAAQ,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,UAAU,CAAU,EAAE,CAAC;gBAClE,MAAM,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACvC,IAAI,UAAU,EAAE,CAAC;oBACf,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;wBAClC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;4BAC3C,QAAQ,CAAC,IAAI,CAAC;gCACZ,IAAI,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC;gCACvF,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,6BAA6B,CAAC;6BAC5D,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAA6B,EAC7B,OAAqC,EACrC,UAAkB;IAElB,MAAM,MAAM,GAAkB,EAAE,CAAC;IACjC,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,qBAAqB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAClE,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -37,6 +37,12 @@ export default class OrgDescribe {
|
|
|
37
37
|
* @param permissionName
|
|
38
38
|
*/
|
|
39
39
|
isValid(permissionName: string): boolean;
|
|
40
|
+
/**
|
|
41
|
+
* Checks if the permission is valid custom permission for the org
|
|
42
|
+
*
|
|
43
|
+
* @param permissionName
|
|
44
|
+
*/
|
|
45
|
+
isValidCustomPerm(permissionName: string): boolean;
|
|
40
46
|
/**
|
|
41
47
|
* Finds all custom permissions that exist on the target org.
|
|
42
48
|
*
|
|
@@ -69,6 +69,15 @@ export default class OrgDescribe {
|
|
|
69
69
|
return (this.userPermissions.has(permissionName.toLowerCase()) &&
|
|
70
70
|
this.userPermissions.get(permissionName.toLowerCase())?.name === permissionName);
|
|
71
71
|
}
|
|
72
|
+
/**
|
|
73
|
+
* Checks if the permission is valid custom permission for the org
|
|
74
|
+
*
|
|
75
|
+
* @param permissionName
|
|
76
|
+
*/
|
|
77
|
+
isValidCustomPerm(permissionName) {
|
|
78
|
+
return (this.customPermissions.has(permissionName.toLowerCase()) &&
|
|
79
|
+
this.customPermissions.get(permissionName.toLowerCase())?.name === permissionName);
|
|
80
|
+
}
|
|
72
81
|
/**
|
|
73
82
|
* Finds all custom permissions that exist on the target org.
|
|
74
83
|
*
|
|
@@ -88,7 +97,7 @@ async function fetchCustomPermissions(con) {
|
|
|
88
97
|
const customPerms = await con.query(CUSTOM_PERMS_QUERY);
|
|
89
98
|
if (customPerms.records.length > 0) {
|
|
90
99
|
for (const cp of customPerms.records) {
|
|
91
|
-
result.set(cp.DeveloperName, {
|
|
100
|
+
result.set(cp.DeveloperName.toLowerCase(), {
|
|
92
101
|
name: cp.DeveloperName,
|
|
93
102
|
label: cp.MasterLabel,
|
|
94
103
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"orgDescribe.js","sourceRoot":"","sources":["../../../src/salesforce/describes/orgDescribe.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,sCAAsC,CAAC;AAE5D,OAAO,EAAE,kBAAkB,EAAkC,MAAM,wBAAwB,CAAC;AAE5F,4DAA4D;AAC5D,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAClC,MAAM,CAAC,OAAO,OAAO,WAAW;IAC9B;;OAEG;IACI,MAAM,CAAC,QAAQ,GAAG,IAAI,GAAG,EAAuB,CAAC;IAChD,iBAAiB,CAA2B;IAC5C,eAAe,CAA2B;IAElD,gBAAuB,CAAC;IAExB;;;;;;OAMG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAiB;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QACrE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;QAC/B,IAAI,CAAC,eAAe,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;QACvD,IAAI,CAAC,iBAAiB,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;QAC3D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACI,kBAAkB,CAAC,cAAsB;QAC9C,MAAM,aAAa,GAAG,cAAc,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,CAAC;QACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,EAAE,CAAC;YACjD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YACD,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACzE,IACE,cAAc,KAAK,aAAa;gBAChC,CAAC,aAAa,CAAC,MAAM,IAAI,sBAAsB,IAAI,cAAc,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,EAC5F,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,kBAAkB;QACvB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC;IACnD,CAAC;IAED;;;;OAIG;IACI,OAAO,CAAC,cAAsB;QACnC,OAAO,CACL,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACtD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC,EAAE,IAAI,KAAK,cAAc,CAChF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,oBAAoB;QACzB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAC;IACrD,CAAC;;AAGH,KAAK,UAAU,oBAAoB,CAAC,GAAiB;IACnD,MAAM,aAAa,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,aAAa,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,CAAC;IAC1D,OAAO,SAAS,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;AACjD,CAAC;AAED,KAAK,UAAU,sBAAsB,CAAC,GAAiB;IACrD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAqB,kBAAkB,CAAC,CAAC;IAC5E,IAAI,WAAW,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,EAAE,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,aAAa,EAAE;
|
|
1
|
+
{"version":3,"file":"orgDescribe.js","sourceRoot":"","sources":["../../../src/salesforce/describes/orgDescribe.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,sCAAsC,CAAC;AAE5D,OAAO,EAAE,kBAAkB,EAAkC,MAAM,wBAAwB,CAAC;AAE5F,4DAA4D;AAC5D,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAClC,MAAM,CAAC,OAAO,OAAO,WAAW;IAC9B;;OAEG;IACI,MAAM,CAAC,QAAQ,GAAG,IAAI,GAAG,EAAuB,CAAC;IAChD,iBAAiB,CAA2B;IAC5C,eAAe,CAA2B;IAElD,gBAAuB,CAAC;IAExB;;;;;;OAMG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAiB;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QACrE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;QAC/B,IAAI,CAAC,eAAe,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;QACvD,IAAI,CAAC,iBAAiB,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;QAC3D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACI,kBAAkB,CAAC,cAAsB;QAC9C,MAAM,aAAa,GAAG,cAAc,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,CAAC;QACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,EAAE,CAAC;YACjD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YACD,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACzE,IACE,cAAc,KAAK,aAAa;gBAChC,CAAC,aAAa,CAAC,MAAM,IAAI,sBAAsB,IAAI,cAAc,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,EAC5F,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,kBAAkB;QACvB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC;IACnD,CAAC;IAED;;;;OAIG;IACI,OAAO,CAAC,cAAsB;QACnC,OAAO,CACL,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACtD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC,EAAE,IAAI,KAAK,cAAc,CAChF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,iBAAiB,CAAC,cAAsB;QAC7C,OAAO,CACL,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACxD,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC,EAAE,IAAI,KAAK,cAAc,CAClF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,oBAAoB;QACzB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAC;IACrD,CAAC;;AAGH,KAAK,UAAU,oBAAoB,CAAC,GAAiB;IACnD,MAAM,aAAa,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,aAAa,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,CAAC;IAC1D,OAAO,SAAS,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;AACjD,CAAC;AAED,KAAK,UAAU,sBAAsB,CAAC,GAAiB;IACrD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAqB,kBAAkB,CAAC,CAAC;IAC5E,IAAI,WAAW,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,EAAE,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,EAAE;gBACzC,IAAI,EAAE,EAAE,CAAC,aAAa;gBACtB,KAAK,EAAE,EAAE,CAAC,WAAW;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,SAAS,CAAC,GAAG,QAAwC;IAC5D,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,KAAK,UAAU,sBAAsB,CAAC,GAAiB;IACrD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;IACpD,MAAM,sBAAsB,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC7D,OAAO,CAAC,MAAM;SACX,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;SACvD,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACjB,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QACvD,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE;YACjD,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC;YACjC,IAAI,EAAE,QAAQ;SACf,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACL,OAAO,sBAAsB,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,wBAAwB,CAAC,GAAiB;IACvD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAsB,CAAC;IACpD,MAAM,YAAY,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IACpE,KAAK,MAAM,OAAO,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACpD,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YAChG,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAS,aAAa,CAAC,QAAiB;IACtC,OAAO,QAAQ,EAAE,UAAU,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;AACtD,CAAC"}
|
|
@@ -18,6 +18,10 @@ Permission is classified as "%s" and not allowed in role "%s".
|
|
|
18
18
|
|
|
19
19
|
Permission is BLOCKED and not allowed for any role.
|
|
20
20
|
|
|
21
|
+
# violations.permission-is-denied
|
|
22
|
+
|
|
23
|
+
Permission is denied by role "%s".
|
|
24
|
+
|
|
21
25
|
# warnings.permission-unknown
|
|
22
26
|
|
|
23
27
|
Permission classified as UNKNOWN. Update classification to LOW or higher to resolve.
|
package/oclif.manifest.json
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@j-schreiber/sf-cli-security-audit",
|
|
3
3
|
"description": "Salesforce CLI plugin to automate highly configurable security audits",
|
|
4
|
-
"version": "0.20.
|
|
4
|
+
"version": "0.20.2",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
7
7
|
"url": "git+https://github.com/j-schreiber/js-sf-cli-security-audit"
|