@j-schreiber/sf-cli-security-audit 0.20.2 → 0.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/README.md +3 -3
  2. package/lib/libs/audit-engine/index.d.ts +8 -0
  3. package/lib/libs/audit-engine/registry/definitions.d.ts +8 -0
  4. package/lib/libs/audit-engine/registry/definitions.js +2 -0
  5. package/lib/libs/audit-engine/registry/definitions.js.map +1 -1
  6. package/lib/libs/audit-engine/registry/policies/permissionSets.d.ts +4 -3
  7. package/lib/libs/audit-engine/registry/policies/permissionSets.js +1 -0
  8. package/lib/libs/audit-engine/registry/policies/permissionSets.js.map +1 -1
  9. package/lib/libs/audit-engine/registry/policies/profiles.d.ts +3 -1
  10. package/lib/libs/audit-engine/registry/policies/profiles.js +1 -0
  11. package/lib/libs/audit-engine/registry/policies/profiles.js.map +1 -1
  12. package/lib/libs/audit-engine/registry/policies/users.js +1 -1
  13. package/lib/libs/audit-engine/registry/policies/users.js.map +1 -1
  14. package/lib/libs/audit-engine/registry/policy.js +2 -6
  15. package/lib/libs/audit-engine/registry/policy.js.map +1 -1
  16. package/lib/libs/audit-engine/registry/roles/roleManager.d.ts +15 -5
  17. package/lib/libs/audit-engine/registry/roles/roleManager.js +86 -14
  18. package/lib/libs/audit-engine/registry/roles/roleManager.js.map +1 -1
  19. package/lib/libs/audit-engine/registry/roles/roleManager.types.d.ts +24 -5
  20. package/lib/libs/audit-engine/registry/roles/roleManager.types.js +3 -1
  21. package/lib/libs/audit-engine/registry/roles/roleManager.types.js.map +1 -1
  22. package/lib/libs/audit-engine/registry/roles/userRole.d.ts +28 -6
  23. package/lib/libs/audit-engine/registry/roles/userRole.js +102 -32
  24. package/lib/libs/audit-engine/registry/roles/userRole.js.map +1 -1
  25. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.d.ts +8 -0
  26. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.js +39 -0
  27. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.js.map +1 -0
  28. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnProfileLike.js +4 -16
  29. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnProfileLike.js.map +1 -1
  30. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.d.ts +0 -1
  31. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.js +17 -31
  32. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.js.map +1 -1
  33. package/lib/libs/audit-engine/registry/shape/auditConfigShape.d.ts +8 -0
  34. package/lib/libs/audit-engine/registry/shape/schema.d.ts +33 -0
  35. package/lib/libs/audit-engine/registry/shape/schema.js +24 -3
  36. package/lib/libs/audit-engine/registry/shape/schema.js.map +1 -1
  37. package/lib/salesforce/mdapi/metadataRegistry.js +3 -1
  38. package/lib/salesforce/mdapi/metadataRegistry.js.map +1 -1
  39. package/messages/rules.enforceClassificationPresets.md +10 -2
  40. package/oclif.manifest.json +1 -1
  41. package/package.json +1 -1
package/messages/rules.enforceClassificationPresets.md CHANGED
@@ -6,9 +6,9 @@ Duplicate role identifier after normalization found: %s was already defined, %s
6
6
 
7
7
  Tried to access a role that does not exist: %s.
8
8
 
9
- # RoleReferencesPermissionThatDoesNotExist
9
+ # RoleReferencesControlThatDoesNotExist
10
10
 
11
- Role %s references permission control %s that does not exist.
11
+ Role "%s" references a %s control that does not exist: %s
12
12
 
13
13
  # violations.classification-preset-mismatch
14
14
 
@@ -22,6 +22,10 @@ Permission is BLOCKED and not allowed for any role.
22
22
 
23
23
  Permission is denied by role "%s".
24
24
 
25
+ # violations.object-access-denied
26
+
27
+ Assigned role "%s" does not allow granted permission.
28
+
25
29
  # warnings.permission-unknown
26
30
 
27
31
  Permission classified as UNKNOWN. Update classification to LOW or higher to resolve.
@@ -33,3 +37,7 @@ Permission is assigned, but was not found in classification. Refresh or add manu
33
37
  # error.failed-to-resolve-role
34
38
 
35
39
  The assigned role "%s" was not valid for this audit. Check your role definitions.
40
+
41
+ # errors.profile-like-has-no-metadata
42
+
43
+ %s has no metadata and cannot be audited.
package/oclif.manifest.json CHANGED
@@ -278,5 +278,5 @@
278
278
  ]
279
279
  }
280
280
  },
281
- "version": "0.20.2"
281
+ "version": "0.21.0"
282
282
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@j-schreiber/sf-cli-security-audit",
3
3
  "description": "Salesforce CLI plugin to automate highly configurable security audits",
4
- "version": "0.20.2",
4
+ "version": "0.21.0",
5
5
  "repository": {
6
6
  "type": "git",
7
7
  "url": "git+https://github.com/j-schreiber/js-sf-cli-security-audit"