@j-schreiber/sf-cli-security-audit 0.6.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -2
- package/lib/commands/org/audit/init.js +2 -1
- package/lib/commands/org/audit/init.js.map +1 -1
- package/lib/commands/org/audit/run.js +10 -4
- package/lib/commands/org/audit/run.js.map +1 -1
- package/lib/commands/org/scan/user-perms.js +1 -2
- package/lib/commands/org/scan/user-perms.js.map +1 -1
- package/lib/libs/conf-init/auditConfig.js +5 -4
- package/lib/libs/conf-init/auditConfig.js.map +1 -1
- package/lib/libs/conf-init/policyConfigs.d.ts +7 -1
- package/lib/libs/conf-init/policyConfigs.js +29 -3
- package/lib/libs/conf-init/policyConfigs.js.map +1 -1
- package/lib/libs/conf-init/presets/loose.js +16 -0
- package/lib/libs/conf-init/presets/loose.js.map +1 -1
- package/lib/libs/conf-init/presets/strict.js +17 -0
- package/lib/libs/conf-init/presets/strict.js.map +1 -1
- package/lib/libs/{policies → core}/auditRun.d.ts +4 -4
- package/lib/libs/{policies → core}/auditRun.js +8 -14
- package/lib/libs/core/auditRun.js.map +1 -0
- package/lib/libs/core/constants.d.ts +5 -0
- package/lib/libs/core/constants.js +10 -0
- package/lib/libs/core/constants.js.map +1 -1
- package/lib/libs/core/file-mgmt/auditConfigFileManager.d.ts +4 -2
- package/lib/libs/core/file-mgmt/auditConfigFileManager.js +38 -51
- package/lib/libs/core/file-mgmt/auditConfigFileManager.js.map +1 -1
- package/lib/libs/core/file-mgmt/schema.d.ts +33 -11
- package/lib/libs/core/file-mgmt/schema.js +24 -1
- package/lib/libs/core/file-mgmt/schema.js.map +1 -1
- package/lib/libs/core/policies/connectedAppPolicy.d.ts +10 -0
- package/lib/libs/{policies → core/policies}/connectedAppPolicy.js +4 -4
- package/lib/libs/core/policies/connectedAppPolicy.js.map +1 -0
- package/lib/libs/core/policies/permissionSetPolicy.d.ts +11 -0
- package/lib/libs/{policies → core/policies}/permissionSetPolicy.js +4 -4
- package/lib/libs/core/policies/permissionSetPolicy.js.map +1 -0
- package/lib/libs/{policies → core/policies}/policy.d.ts +11 -11
- package/lib/libs/{policies → core/policies}/policy.js +5 -0
- package/lib/libs/core/policies/policy.js.map +1 -0
- package/lib/libs/core/policies/profilePolicy.d.ts +11 -0
- package/lib/libs/{policies → core/policies}/profilePolicy.js +4 -4
- package/lib/libs/core/policies/profilePolicy.js.map +1 -0
- package/lib/libs/{policies → core/policies}/salesforceStandardTypes.d.ts +14 -0
- package/lib/libs/core/policies/salesforceStandardTypes.js.map +1 -0
- package/lib/libs/core/policies/userPolicy.d.ts +11 -0
- package/lib/libs/core/policies/userPolicy.js +104 -0
- package/lib/libs/core/policies/userPolicy.js.map +1 -0
- package/lib/libs/core/policyRegistry.d.ts +23 -0
- package/lib/libs/core/policyRegistry.js +38 -0
- package/lib/libs/core/policyRegistry.js.map +1 -0
- package/lib/libs/core/registries/ruleRegistry.d.ts +1 -3
- package/lib/libs/core/registries/ruleRegistry.js +1 -1
- package/lib/libs/core/registries/ruleRegistry.js.map +1 -1
- package/lib/libs/core/registries/rules/noInactiveUsers.d.ts +9 -0
- package/lib/libs/core/registries/rules/noInactiveUsers.js +44 -0
- package/lib/libs/core/registries/rules/noInactiveUsers.js.map +1 -0
- package/lib/libs/core/registries/rules/noOtherApexApiLogins.d.ts +7 -0
- package/lib/libs/core/registries/rules/noOtherApexApiLogins.js +24 -0
- package/lib/libs/core/registries/rules/noOtherApexApiLogins.js.map +1 -0
- package/lib/libs/core/registries/rules/policyRule.d.ts +6 -1
- package/lib/libs/core/registries/rules/policyRule.js +12 -0
- package/lib/libs/core/registries/rules/policyRule.js.map +1 -1
- package/lib/libs/core/registries/types.d.ts +2 -0
- package/lib/libs/core/registries/types.js +2 -0
- package/lib/libs/core/registries/types.js.map +1 -1
- package/lib/libs/core/registries/users.d.ts +26 -0
- package/lib/libs/core/registries/users.js +10 -0
- package/lib/libs/core/registries/users.js.map +1 -0
- package/lib/libs/core/result-types.d.ts +2 -1
- package/lib/libs/core/utils.d.ts +7 -0
- package/lib/libs/core/utils.js +12 -0
- package/lib/libs/core/utils.js.map +1 -1
- package/lib/ux/auditRunMultiStage.d.ts +1 -1
- package/lib/ux/auditRunMultiStage.js +22 -19
- package/lib/ux/auditRunMultiStage.js.map +1 -1
- package/messages/org.audit.init.md +3 -3
- package/messages/org.audit.run.md +11 -3
- package/messages/org.scan.user-perms.md +8 -10
- package/messages/policies.general.md +4 -0
- package/messages/rules.users.md +11 -0
- package/oclif.manifest.json +12 -12
- package/package.json +1 -1
- package/lib/libs/policies/auditRun.js.map +0 -1
- package/lib/libs/policies/connectedAppPolicy.d.ts +0 -9
- package/lib/libs/policies/connectedAppPolicy.js.map +0 -1
- package/lib/libs/policies/permissionSetPolicy.d.ts +0 -10
- package/lib/libs/policies/permissionSetPolicy.js.map +0 -1
- package/lib/libs/policies/policy.js.map +0 -1
- package/lib/libs/policies/profilePolicy.d.ts +0 -10
- package/lib/libs/policies/profilePolicy.js.map +0 -1
- package/lib/libs/policies/salesforceStandardTypes.js.map +0 -1
- /package/lib/libs/{policies → core/policies}/salesforceStandardTypes.js +0 -0
package/README.md
CHANGED
|
@@ -31,6 +31,7 @@ Contributers are welcome! Please reach out on [Linkedin](https://www.linkedin.co
|
|
|
31
31
|
|
|
32
32
|
- [`sf org audit init`](#sf-org-audit-init)
|
|
33
33
|
- [`sf org audit run`](#sf-org-audit-run)
|
|
34
|
+
- [`sf org scan user-perms`](#sf-org-scan-user-perms)
|
|
34
35
|
|
|
35
36
|
## `sf org audit init`
|
|
36
37
|
|
|
@@ -77,7 +78,7 @@ FLAG DESCRIPTIONS
|
|
|
77
78
|
essentially control, if a permission is allowed in a certain profile / permission set.
|
|
78
79
|
```
|
|
79
80
|
|
|
80
|
-
_See code: [src/commands/org/audit/init.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.
|
|
81
|
+
_See code: [src/commands/org/audit/init.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.6.0/src/commands/org/audit/init.ts)_
|
|
81
82
|
|
|
82
83
|
## `sf org audit run`
|
|
83
84
|
|
|
@@ -108,7 +109,43 @@ EXAMPLES
|
|
|
108
109
|
$ sf org audit run -o MyTargetOrg -d configs/prod
|
|
109
110
|
```
|
|
110
111
|
|
|
111
|
-
_See code: [src/commands/org/audit/run.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.
|
|
112
|
+
_See code: [src/commands/org/audit/run.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.6.0/src/commands/org/audit/run.ts)_
|
|
113
|
+
|
|
114
|
+
## `sf org scan user-perms`
|
|
115
|
+
|
|
116
|
+
Performs a quick scan to check permission sets and profiles for user permissions.
|
|
117
|
+
|
|
118
|
+
```
|
|
119
|
+
USAGE
|
|
120
|
+
$ sf org scan user-perms -n <value>... -o <value> [--json] [--flags-dir <value>] [--api-version <value>]
|
|
121
|
+
|
|
122
|
+
FLAGS
|
|
123
|
+
-n, --name=<value>... (required) One or more permissions to be scanned.
|
|
124
|
+
-o, --target-org=<value> (required) The target org to scan.
|
|
125
|
+
--api-version=<value> Override the api version used for api requests made by this command
|
|
126
|
+
|
|
127
|
+
GLOBAL FLAGS
|
|
128
|
+
--flags-dir=<value> Import flag values from a directory.
|
|
129
|
+
--json Format output as json.
|
|
130
|
+
|
|
131
|
+
DESCRIPTION
|
|
132
|
+
Performs a quick scan to check permission sets and profiles for user permissions.
|
|
133
|
+
|
|
134
|
+
The quick scan does not need an audit config and does not create reports. The target org is scanned "in memory" and
|
|
135
|
+
simply outputs information, where the searched user permissions
|
|
136
|
+
|
|
137
|
+
EXAMPLES
|
|
138
|
+
$ sf org scan user-perms
|
|
139
|
+
|
|
140
|
+
FLAG DESCRIPTIONS
|
|
141
|
+
-n, --name=<value>... One or more permissions to be scanned.
|
|
142
|
+
|
|
143
|
+
You can specify any valid user permission on your org, such as "AuthorApex", "CustomizeApplication" or "ViewSetup".
|
|
144
|
+
If you are unsure what permissions are available on your org, initialise a new audit config and check the created
|
|
145
|
+
userPermissions.yml.
|
|
146
|
+
```
|
|
147
|
+
|
|
148
|
+
_See code: [src/commands/org/scan/user-perms.ts](https://github.com/j-schreiber/js-sf-cli-security-audit/blob/v0.6.0/src/commands/org/scan/user-perms.ts)_
|
|
112
149
|
|
|
113
150
|
<!-- commandsstop -->
|
|
114
151
|
|
|
@@ -3,6 +3,7 @@ import { Messages } from '@salesforce/core';
|
|
|
3
3
|
import AuditConfig from '../../../libs/conf-init/auditConfig.js';
|
|
4
4
|
import { isPermissionsConfig, isPolicyConfig, } from '../../../libs/core/file-mgmt/schema.js';
|
|
5
5
|
import { AuditInitPresets } from '../../../libs/conf-init/presets.js';
|
|
6
|
+
import { capitalize } from '../../../libs/core/utils.js';
|
|
6
7
|
Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
|
|
7
8
|
const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'org.audit.init');
|
|
8
9
|
const presetFlag = Flags.custom({
|
|
@@ -59,7 +60,7 @@ export default class OrgAuditInit extends SfCommand {
|
|
|
59
60
|
if (isPolicyConfig(def)) {
|
|
60
61
|
if (def.filePath) {
|
|
61
62
|
this.logSuccess(messages.getMessage('success.policy-summary', [
|
|
62
|
-
name,
|
|
63
|
+
capitalize(name),
|
|
63
64
|
Object.keys(def.content.rules).length ?? 0,
|
|
64
65
|
def.filePath,
|
|
65
66
|
]));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../../../src/commands/org/audit/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,WAAW,MAAM,wCAAwC,CAAC;AACjE,OAAO,EAIL,mBAAmB,EACnB,cAAc,GACf,MAAM,wCAAwC,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../../../src/commands/org/audit/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,WAAW,MAAM,wCAAwC,CAAC;AACjE,OAAO,EAIL,mBAAmB,EACnB,cAAc,GACf,MAAM,wCAAwC,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,gBAAgB,CAAC,CAAC;AAI/F,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAmB;IAChD,IAAI,EAAE,GAAG;IACT,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,sBAAsB,CAAC;IACpD,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;IAC5D,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;IACxC,OAAO,EAAE,gBAAgB,CAAC,MAAM;CACjC,CAAC,EAAE,CAAC;AAEL,MAAM,CAAC,OAAO,OAAO,YAAa,SAAQ,SAA6B;IAC9D,MAAM,CAAU,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IACjE,MAAM,CAAU,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,CAAU,KAAK,GAAG;QAC7B,YAAY,EAAE,KAAK,CAAC,WAAW,CAAC;YAC9B,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,YAAY,EAAE,KAAK,CAAC,SAAS,CAAC;YAC5B,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,GAAG;YACT,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,OAAO,EAAE,EAAE;SACZ,CAAC;QACF,MAAM,EAAE,UAAU;QAClB,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE;KACrC,CAAC;IAEK,KAAK,CAAC,GAAG;QACd,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QACjD,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE;YAClG,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC;YAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;SACrB,CAAC,CAAC;QACH,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QAC/B,OAAO,WAAW,CAAC;IACrB,CAAC;IAEO,YAAY,CAAC,MAAsB;QACzC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QAClD,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;IAEO,oBAAoB,CAAC,eAA8C;QACzE,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC7C,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,IAAI,CAAC,UAAU,CACb,QAAQ,CAAC,UAAU,CAAC,qCAAqC,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,CAC9F,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,aAAa,CAAC,QAAgC;QACpD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE;YAC/C,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;oBACjB,IAAI,CAAC,UAAU,CACb,QAAQ,CAAC,UAAU,CAAC,wBAAwB,EAAE;wBAC5C,UAAU,CAAC,IAAI,CAAC;wBAChB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC;wBAC1C,GAAG,CAAC,QAAQ;qBACb,CAAC,CACH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC"}
|
|
@@ -2,8 +2,9 @@ import { writeFileSync } from 'node:fs';
|
|
|
2
2
|
import path from 'node:path';
|
|
3
3
|
import { SfCommand, Flags, StandardColors } from '@salesforce/sf-plugins-core';
|
|
4
4
|
import { Messages } from '@salesforce/core';
|
|
5
|
-
import { startAuditRun } from '../../../libs/
|
|
5
|
+
import { startAuditRun } from '../../../libs/core/auditRun.js';
|
|
6
6
|
import AuditRunMultiStageOutput from '../../../ux/auditRunMultiStage.js';
|
|
7
|
+
import { capitalize } from '../../../libs/core/utils.js';
|
|
7
8
|
Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
|
|
8
9
|
const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'org.audit.run');
|
|
9
10
|
export default class OrgAuditRun extends SfCommand {
|
|
@@ -63,11 +64,14 @@ export default class OrgAuditRun extends SfCommand {
|
|
|
63
64
|
this.table({ data: polSummaries, title: '=== Summary ===', titleOptions: { bold: true } });
|
|
64
65
|
}
|
|
65
66
|
printExecutedRulesSummary(policyName, policyDetails) {
|
|
67
|
+
if (!policyDetails.enabled) {
|
|
68
|
+
return;
|
|
69
|
+
}
|
|
66
70
|
const rulesSummary = transposeExecutedPolicyRules(policyDetails);
|
|
67
71
|
if (rulesSummary.length > 0) {
|
|
68
72
|
this.table({
|
|
69
73
|
data: rulesSummary,
|
|
70
|
-
title: `--- Executed Rules for ${policyName} ---`,
|
|
74
|
+
title: `--- Executed Rules for ${capitalize(policyName)} ---`,
|
|
71
75
|
titleOptions: { underline: true },
|
|
72
76
|
});
|
|
73
77
|
}
|
|
@@ -88,10 +92,12 @@ export default class OrgAuditRun extends SfCommand {
|
|
|
88
92
|
}
|
|
89
93
|
}
|
|
90
94
|
function transposePoliciesToTable(result) {
|
|
91
|
-
return Object.entries(result.policies)
|
|
95
|
+
return Object.entries(result.policies)
|
|
96
|
+
.filter(([, policyDetails]) => policyDetails.enabled)
|
|
97
|
+
.map(([policyName, policyDetails]) => {
|
|
92
98
|
const rulesExecuted = policyDetails?.executedRules ? Object.keys(policyDetails.executedRules).length : 0;
|
|
93
99
|
return {
|
|
94
|
-
policy: policyName,
|
|
100
|
+
policy: capitalize(policyName),
|
|
95
101
|
isCompliant: policyDetails.isCompliant,
|
|
96
102
|
rulesExecuted,
|
|
97
103
|
auditedEntities: policyDetails.auditedEntities?.length ?? 0,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../../../src/commands/org/audit/run.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,aAAa,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../../../src/commands/org/audit/run.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,wBAAwB,MAAM,mCAAmC,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,eAAe,CAAC,CAAC;AAQ9F,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,SAA4B;IAC5D,MAAM,CAAU,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IACjE,MAAM,CAAU,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,CAAU,KAAK,GAAG;QAC7B,YAAY,EAAE,KAAK,CAAC,WAAW,CAAC;YAC9B,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,YAAY,EAAE,KAAK,CAAC,SAAS,CAAC;YAC5B,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,GAAG;YACT,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,OAAO,EAAE,EAAE;SACZ,CAAC;QACF,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE;KACrC,CAAC;IAEK,KAAK,CAAC,GAAG;QACd,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAChD,MAAM,WAAW,GAAG,wBAAwB,CAAC,MAAM,CAAC;YAClD,iBAAiB,EAAE,KAAK,CAAC,YAAY,CAAC;YACtC,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE;YAC9E,WAAW,EAAE,KAAK,CAAC,IAAI;SACxB,CAAC,CAAC;QACH,WAAW,CAAC,KAAK,EAAE,CAAC;QACpB,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;QACpD,WAAW,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAChF,WAAW,CAAC,kBAAkB,EAAE,CAAC;QACjC,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QACtG,MAAM,MAAM,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE,EAAE,GAAG,aAAa,EAAE,CAAC;QAC3E,WAAW,CAAC,MAAM,EAAE,CAAC;QACrB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACjD,OAAO,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,CAAC;IACjC,CAAC;IAEO,YAAY,CAAC,MAAmB;QACtC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE;YACtE,IAAI,CAAC,yBAAyB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YAC1D,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,oBAAoB,CAAC,MAAmB;QAC9C,MAAM,YAAY,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACvB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,CAAC,gCAAgC,CAAC,CAAC,CAAC;YACvE,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC;YAC7E,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,iBAAiB,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IAC7F,CAAC;IAEO,yBAAyB,CAAC,UAAkB,EAAE,aAAgC;QACpF,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO;QACT,CAAC;QACD,MAAM,YAAY,GAAG,4BAA4B,CAAC,aAAa,CAAC,CAAC;QACjE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC;gBACT,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,0BAA0B,UAAU,CAAC,UAAU,CAAC,MAAM;gBAC7D,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE;aAClC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,aAAwD;QAClF,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;aACzB,MAAM,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,WAAW,CAAC;aACjD,OAAO,CAAC,CAAC,eAAe,EAAE,EAAE;YAC3B,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,eAAe,CAAC,UAAU,EAAE,KAAK,EAAE,kBAAkB,eAAe,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACxG,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,WAAW,CAAC,MAAmB,EAAE,KAAuB;QAC9D,MAAM,QAAQ,GAAG,UAAU,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC;QAC/E,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,CAAC;QAC1D,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,2BAA2B,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACxE,OAAO,QAAQ,CAAC;IAClB,CAAC;;AAkBH,SAAS,wBAAwB,CAAC,MAAmB;IACnD,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;SACnC,MAAM,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC;SACpD,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE;QACnC,MAAM,aAAa,GAAG,aAAa,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACzG,OAAO;YACL,MAAM,EAAE,UAAU,CAAC,UAAU,CAAC;YAC9B,WAAW,EAAE,aAAa,CAAC,WAAW;YACtC,aAAa;YACb,eAAe,EAAE,aAAa,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC;YAC3D,eAAe,EAAE,aAAa,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC;SAC5D,CAAC;IACJ,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,4BAA4B,CAAC,MAAyB;IAC7D,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5E,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,iBAAiB,EAAE,WAAW,CAAC,iBAAiB,EAAE,MAAM,IAAI,CAAC;QAC7D,gBAAgB,EAAE,WAAW,CAAC,gBAAgB,EAAE,MAAM,IAAI,CAAC;QAC3D,UAAU,EAAE,WAAW,CAAC,UAAU,CAAC,MAAM;QACzC,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC,MAAM;QACrC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,MAAM;KAClC,CAAC,CAAC,CAAC;AACN,CAAC"}
|
|
@@ -47,8 +47,7 @@ export default class OrgUserPermScan extends SfCommand {
|
|
|
47
47
|
this.spinner.status = counters.join(' | ');
|
|
48
48
|
if (event.status === 'Completed') {
|
|
49
49
|
this.spinner.stop();
|
|
50
|
-
this.logSuccess(messages.getMessage('success.
|
|
51
|
-
this.logSuccess(messages.getMessage('success.permissionsets-count', [event.permissionSets.total]));
|
|
50
|
+
this.logSuccess(messages.getMessage('success.scanned-entities-count', [event.profiles.total, event.permissionSets.total]));
|
|
52
51
|
this.log();
|
|
53
52
|
}
|
|
54
53
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-perms.js","sourceRoot":"","sources":["../../../../src/commands/org/scan/user-perms.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,qBAGN,MAAM,mDAAmD,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,qBAAqB,CAAC,CAAC;AAIpG,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,SAAgC;IACpE,MAAM,CAAU,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IACjE,MAAM,CAAU,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,CAAU,KAAK,GAAG;QAC7B,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAClD,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,wBAAwB,CAAC;YAC1D,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,YAAY,EAAE,KAAK,CAAC,WAAW,CAAC;YAC9B,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE;KACrC,CAAC;IAEK,KAAK,CAAC,GAAG;QACd,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,IAAI,qBAAqB,EAAE,CAAC;QAC5C,OAAO,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC;YACrC,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;YAClE,WAAW,EAAE,KAAK,CAAC,IAAI;SACxB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnB,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,cAAc,GAAG,CAAC,KAAsB,EAAQ,EAAE;QACxD,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,EAAE;YACzD,IAAI,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,QAAS,IAAI,YAAY,CAAC,KAAM,GAAG,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACpB,IAAI,CAAC,UAAU,
|
|
1
|
+
{"version":3,"file":"user-perms.js","sourceRoot":"","sources":["../../../../src/commands/org/scan/user-perms.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,qBAGN,MAAM,mDAAmD,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,qBAAqB,CAAC,CAAC;AAIpG,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,SAAgC;IACpE,MAAM,CAAU,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IACjE,MAAM,CAAU,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,CAAU,KAAK,GAAG;QAC7B,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAClD,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,wBAAwB,CAAC;YAC1D,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,YAAY,EAAE,KAAK,CAAC,WAAW,CAAC;YAC9B,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACxD,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE;KACrC,CAAC;IAEK,KAAK,CAAC,GAAG;QACd,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,IAAI,qBAAqB,EAAE,CAAC;QAC5C,OAAO,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC;YACrC,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;YAClE,WAAW,EAAE,KAAK,CAAC,IAAI;SACxB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnB,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,cAAc,GAAG,CAAC,KAAsB,EAAQ,EAAE;QACxD,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,EAAE;YACzD,IAAI,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,QAAS,IAAI,YAAY,CAAC,KAAM,GAAG,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACpB,IAAI,CAAC,UAAU,CACb,QAAQ,CAAC,UAAU,CAAC,gCAAgC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAC1G,CAAC;YACF,IAAI,CAAC,GAAG,EAAE,CAAC;QACb,CAAC;IACH,CAAC,CAAC;IAEM,KAAK,CAAC,MAAuB;QACnC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC1B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,EAAE;YACpE,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,YAAY,CAAC,MAAuB;QAC1C,MAAM,IAAI,GAAgF,EAAE,CAAC;QAC7F,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,EAAE,UAAU,CAAC,EAAE,EAAE;YAC1E,IAAI,CAAC,IAAI,CAAC;gBACR,cAAc;gBACd,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,MAAM;gBACpC,cAAc,EAAE,UAAU,CAAC,cAAc,CAAC,MAAM;aACjD,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,iBAAiB,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;IAEO,sBAAsB,CAAC,cAAsB,EAAE,MAA4B;QACjF,MAAM,IAAI,GAAgD,EAAE,CAAC;QAC7D,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACrC,IAAI,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;;AAGH,MAAM,UAAU,cAAc,CAAC,GAAY;IACzC,OAAQ,GAAwB,CAAC,KAAK,KAAK,SAAS,IAAK,GAAwB,CAAC,QAAQ,KAAK,SAAS,CAAC;AAC3G,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { DefaultFileManager } from '../core/file-mgmt/auditConfigFileManager.js';
|
|
2
2
|
import { initCustomPermissions, initUserPermissions } from './permissionsClassification.js';
|
|
3
|
-
import { initConnectedApps, initPermissionSets, initProfiles } from './policyConfigs.js';
|
|
3
|
+
import { initConnectedApps, initPermissionSets, initProfiles, initUsers } from './policyConfigs.js';
|
|
4
4
|
/**
|
|
5
5
|
* Exposes key functionality to load an audit config as static methods. This makes
|
|
6
6
|
* it easy to mock the results during tests.
|
|
@@ -19,9 +19,10 @@ export default class AuditConfig {
|
|
|
19
19
|
if (customPerms) {
|
|
20
20
|
conf.classifications.customPermissions = { content: customPerms };
|
|
21
21
|
}
|
|
22
|
-
conf.policies.
|
|
23
|
-
conf.policies.
|
|
24
|
-
conf.policies.
|
|
22
|
+
conf.policies.profiles = { content: await initProfiles(targetCon) };
|
|
23
|
+
conf.policies.permissionSets = { content: await initPermissionSets(targetCon) };
|
|
24
|
+
conf.policies.users = { content: await initUsers(targetCon) };
|
|
25
|
+
conf.policies.connectedApps = { content: initConnectedApps() };
|
|
25
26
|
// eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
|
|
26
27
|
if (opts?.targetDir || opts?.targetDir === '') {
|
|
27
28
|
DefaultFileManager.save(opts.targetDir, conf);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auditConfig.js","sourceRoot":"","sources":["../../../src/libs/conf-init/auditConfig.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"auditConfig.js","sourceRoot":"","sources":["../../../src/libs/conf-init/auditConfig.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAiBpG;;;GAGG;AACH,MAAM,CAAC,OAAO,OAAO,WAAW;IAC9B;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAqB,EAAE,IAAuB;QACrE,MAAM,IAAI,GAAmB,EAAE,eAAe,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QACnE,IAAI,CAAC,eAAe,CAAC,eAAe,GAAG,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;QACvG,MAAM,WAAW,GAAG,MAAM,qBAAqB,CAAC,SAAS,CAAC,CAAC;QAC3D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,eAAe,CAAC,iBAAiB,GAAG,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;QACpE,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,QAAQ,GAAG,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC,SAAS,CAAC,EAAE,CAAC;QACpE,IAAI,CAAC,QAAQ,CAAC,cAAc,GAAG,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;QAChF,IAAI,CAAC,QAAQ,CAAC,KAAK,GAAG,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9D,IAAI,CAAC,QAAQ,CAAC,aAAa,GAAG,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC;QAC/D,wEAAwE;QACxE,IAAI,IAAI,EAAE,SAAS,IAAI,IAAI,EAAE,SAAS,KAAK,EAAE,EAAE,CAAC;YAC9C,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,IAAI,CAAC,SAAiB;QAClC,OAAO,kBAAkB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;CACF"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Connection } from '@salesforce/core';
|
|
2
|
-
import { BasePolicyFileContent, PermSetsPolicyFileContent, ProfilesPolicyFileContent } from '../core/file-mgmt/schema.js';
|
|
2
|
+
import { BasePolicyFileContent, PermSetsPolicyFileContent, ProfilesPolicyFileContent, UsersPolicyFileContent } from '../core/file-mgmt/schema.js';
|
|
3
3
|
/**
|
|
4
4
|
* Initialises a new profiles policy with the local org's
|
|
5
5
|
* profiles and all default rules enabled.
|
|
@@ -23,3 +23,9 @@ export declare function initPermissionSets(targetOrgCon: Connection): Promise<Pe
|
|
|
23
23
|
* @returns
|
|
24
24
|
*/
|
|
25
25
|
export declare function initConnectedApps(): BasePolicyFileContent;
|
|
26
|
+
/**
|
|
27
|
+
* Initialises a users policy with all users flagged as standard user
|
|
28
|
+
*
|
|
29
|
+
* @param targetOrgCon
|
|
30
|
+
*/
|
|
31
|
+
export declare function initUsers(targetOrgCon: Connection): Promise<UsersPolicyFileContent>;
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { PERMISSION_SETS_QUERY, PROFILES_QUERY } from '../core/constants.js';
|
|
1
|
+
import { ACTIVE_USERS_QUERY, PERMISSION_SETS_QUERY, PROFILES_QUERY } from '../core/constants.js';
|
|
2
|
+
import { UsersPolicyConfig, } from '../core/file-mgmt/schema.js';
|
|
2
3
|
import { RuleRegistries } from '../core/registries/types.js';
|
|
3
4
|
import { ProfilesRiskPreset } from '../core/policy-types.js';
|
|
4
5
|
/**
|
|
@@ -11,7 +12,7 @@ import { ProfilesRiskPreset } from '../core/policy-types.js';
|
|
|
11
12
|
*/
|
|
12
13
|
export async function initProfiles(targetOrgCon) {
|
|
13
14
|
const profiles = await targetOrgCon.query(PROFILES_QUERY);
|
|
14
|
-
const content = { enabled: true,
|
|
15
|
+
const content = { enabled: true, rules: {}, profiles: {} };
|
|
15
16
|
profiles.records.forEach((permsetRecord) => {
|
|
16
17
|
content.profiles[permsetRecord.Profile.Name] = { preset: ProfilesRiskPreset.UNKNOWN };
|
|
17
18
|
});
|
|
@@ -33,8 +34,8 @@ export async function initPermissionSets(targetOrgCon) {
|
|
|
33
34
|
const permSets = await targetOrgCon.query(PERMISSION_SETS_QUERY);
|
|
34
35
|
const content = {
|
|
35
36
|
enabled: true,
|
|
36
|
-
permissionSets: {},
|
|
37
37
|
rules: {},
|
|
38
|
+
permissionSets: {},
|
|
38
39
|
};
|
|
39
40
|
permSets.records
|
|
40
41
|
.filter((permsetRecord) => permsetRecord.IsCustom)
|
|
@@ -62,4 +63,29 @@ export function initConnectedApps() {
|
|
|
62
63
|
});
|
|
63
64
|
return content;
|
|
64
65
|
}
|
|
66
|
+
/**
|
|
67
|
+
* Initialises a users policy with all users flagged as standard user
|
|
68
|
+
*
|
|
69
|
+
* @param targetOrgCon
|
|
70
|
+
*/
|
|
71
|
+
export async function initUsers(targetOrgCon) {
|
|
72
|
+
const users = await targetOrgCon.query(ACTIVE_USERS_QUERY);
|
|
73
|
+
const content = {
|
|
74
|
+
enabled: true,
|
|
75
|
+
options: UsersPolicyConfig.parse({}),
|
|
76
|
+
rules: {},
|
|
77
|
+
users: {},
|
|
78
|
+
};
|
|
79
|
+
// dont parse all configs with default of 30 - but initialise a new config likle this
|
|
80
|
+
content.options.analyseLastNDaysOfLoginHistory = 30;
|
|
81
|
+
users.records.forEach((userRecord) => {
|
|
82
|
+
content.users[userRecord.Username] = { role: ProfilesRiskPreset.STANDARD_USER };
|
|
83
|
+
});
|
|
84
|
+
RuleRegistries.Users.registeredRules().forEach((ruleName) => {
|
|
85
|
+
content.rules[ruleName] = {
|
|
86
|
+
enabled: true,
|
|
87
|
+
};
|
|
88
|
+
});
|
|
89
|
+
return content;
|
|
90
|
+
}
|
|
65
91
|
//# sourceMappingURL=policyConfigs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policyConfigs.js","sourceRoot":"","sources":["../../../src/libs/conf-init/policyConfigs.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"policyConfigs.js","sourceRoot":"","sources":["../../../src/libs/conf-init/policyConfigs.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEjG,OAAO,EAIL,iBAAiB,GAElB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAE7D;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,YAAwB;IACzD,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,KAAK,CAAgB,cAAc,CAAC,CAAC;IACzE,MAAM,OAAO,GAA8B,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACtF,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,kBAAkB,CAAC,OAAO,EAAE,CAAC;IACxF,CAAC,CAAC,CAAC;IACH,cAAc,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QAC7D,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG;YACxB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,YAAwB;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,KAAK,CAAgB,qBAAqB,CAAC,CAAC;IAChF,MAAM,OAAO,GAA8B;QACzC,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,EAAE;QACT,cAAc,EAAE,EAAE;KACnB,CAAC;IACF,QAAQ,CAAC,OAAO;SACb,MAAM,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC;SACjD,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACzB,OAAO,CAAC,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,kBAAkB,CAAC,OAAO,EAAE,CAAC;IACtF,CAAC,CAAC,CAAC;IACL,cAAc,CAAC,cAAc,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QACnE,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG;YACxB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,OAAO,GAA0B,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IACpE,cAAc,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QAClE,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG;YACxB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,YAAwB;IACtD,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,KAAK,CAAO,kBAAkB,CAAC,CAAC;IACjE,MAAM,OAAO,GAA2B;QACtC,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;QACpC,KAAK,EAAE,EAAE;QACT,KAAK,EAAE,EAAE;KACV,CAAC;IACF,qFAAqF;IACrF,OAAO,CAAC,OAAO,CAAC,8BAA8B,GAAG,EAAE,CAAC;IACpD,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;QACnC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,CAAC,aAAa,EAAE,CAAC;IAClF,CAAC,CAAC,CAAC;IACH,cAAc,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QAC1D,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG;YACxB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -4,9 +4,13 @@ export default class LoosePreset extends NonePreset {
|
|
|
4
4
|
constructor() {
|
|
5
5
|
super({
|
|
6
6
|
UseAnyApiClient: PermissionRiskLevel.HIGH,
|
|
7
|
+
ExternalClientAppAdmin: PermissionRiskLevel.HIGH,
|
|
8
|
+
ManageSandboxes: PermissionRiskLevel.HIGH,
|
|
9
|
+
ManageDevSandboxes: PermissionRiskLevel.HIGH,
|
|
7
10
|
CustomizeApplication: PermissionRiskLevel.HIGH,
|
|
8
11
|
ModifyMetadata: PermissionRiskLevel.HIGH,
|
|
9
12
|
AuthorApex: PermissionRiskLevel.HIGH,
|
|
13
|
+
DebugApex: PermissionRiskLevel.HIGH,
|
|
10
14
|
ManageAuthProviders: PermissionRiskLevel.HIGH,
|
|
11
15
|
Packaging2: PermissionRiskLevel.HIGH,
|
|
12
16
|
Packaging2Delete: PermissionRiskLevel.HIGH,
|
|
@@ -16,12 +20,24 @@ export default class LoosePreset extends NonePreset {
|
|
|
16
20
|
ManageTwoFactor: PermissionRiskLevel.HIGH,
|
|
17
21
|
ManageRemoteAccess: PermissionRiskLevel.HIGH,
|
|
18
22
|
CanApproveUninstalledApps: PermissionRiskLevel.HIGH,
|
|
23
|
+
AssignPermissionSets: PermissionRiskLevel.HIGH,
|
|
24
|
+
ManageIpAddresses: PermissionRiskLevel.HIGH,
|
|
25
|
+
ManageSharing: PermissionRiskLevel.HIGH,
|
|
26
|
+
ManageInternalUsers: PermissionRiskLevel.HIGH,
|
|
27
|
+
ManagePasswordPolicies: PermissionRiskLevel.HIGH,
|
|
28
|
+
ManageLoginAccessPolicies: PermissionRiskLevel.HIGH,
|
|
29
|
+
ManageCustomPermissions: PermissionRiskLevel.HIGH,
|
|
30
|
+
ManageCertificates: PermissionRiskLevel.HIGH,
|
|
31
|
+
FreezeUsers: PermissionRiskLevel.MEDIUM,
|
|
32
|
+
ManageRoles: PermissionRiskLevel.MEDIUM,
|
|
19
33
|
ViewSetup: PermissionRiskLevel.MEDIUM,
|
|
20
34
|
ViewAllData: PermissionRiskLevel.MEDIUM,
|
|
21
35
|
ModifyAllData: PermissionRiskLevel.MEDIUM,
|
|
22
36
|
ExportReport: PermissionRiskLevel.MEDIUM,
|
|
23
37
|
EmailMass: PermissionRiskLevel.MEDIUM,
|
|
38
|
+
AccessContentBuilder: PermissionRiskLevel.MEDIUM,
|
|
24
39
|
ApiEnabled: PermissionRiskLevel.LOW,
|
|
40
|
+
LightningExperienceUser: PermissionRiskLevel.LOW,
|
|
25
41
|
});
|
|
26
42
|
}
|
|
27
43
|
initDefault(permName) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"loose.js","sourceRoot":"","sources":["../../../../src/libs/conf-init/presets/loose.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,UAAU,MAAM,WAAW,CAAC;AAEnC,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,UAAU;IACjD;QACE,KAAK,CAAC;YACJ,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,oBAAoB,EAAE,mBAAmB,CAAC,IAAI;YAC9C,cAAc,EAAE,mBAAmB,CAAC,IAAI;YACxC,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,mBAAmB,EAAE,mBAAmB,CAAC,IAAI;YAC7C,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,wBAAwB,EAAE,mBAAmB,CAAC,IAAI;YAClD,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,SAAS,EAAE,mBAAmB,CAAC,MAAM;YACrC,WAAW,EAAE,mBAAmB,CAAC,MAAM;YACvC,aAAa,EAAE,mBAAmB,CAAC,MAAM;YACzC,YAAY,EAAE,mBAAmB,CAAC,MAAM;YACxC,SAAS,EAAE,mBAAmB,CAAC,MAAM;YACrC,UAAU,EAAE,mBAAmB,CAAC,GAAG;
|
|
1
|
+
{"version":3,"file":"loose.js","sourceRoot":"","sources":["../../../../src/libs/conf-init/presets/loose.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,UAAU,MAAM,WAAW,CAAC;AAEnC,MAAM,CAAC,OAAO,OAAO,WAAY,SAAQ,UAAU;IACjD;QACE,KAAK,CAAC;YACJ,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,sBAAsB,EAAE,mBAAmB,CAAC,IAAI;YAChD,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,oBAAoB,EAAE,mBAAmB,CAAC,IAAI;YAC9C,cAAc,EAAE,mBAAmB,CAAC,IAAI;YACxC,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,SAAS,EAAE,mBAAmB,CAAC,IAAI;YACnC,mBAAmB,EAAE,mBAAmB,CAAC,IAAI;YAC7C,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,wBAAwB,EAAE,mBAAmB,CAAC,IAAI;YAClD,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,gBAAgB,EAAE,mBAAmB,CAAC,IAAI;YAC1C,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,oBAAoB,EAAE,mBAAmB,CAAC,IAAI;YAC9C,iBAAiB,EAAE,mBAAmB,CAAC,IAAI;YAC3C,aAAa,EAAE,mBAAmB,CAAC,IAAI;YACvC,mBAAmB,EAAE,mBAAmB,CAAC,IAAI;YAC7C,sBAAsB,EAAE,mBAAmB,CAAC,IAAI;YAChD,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,uBAAuB,EAAE,mBAAmB,CAAC,IAAI;YACjD,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,WAAW,EAAE,mBAAmB,CAAC,MAAM;YACvC,WAAW,EAAE,mBAAmB,CAAC,MAAM;YACvC,SAAS,EAAE,mBAAmB,CAAC,MAAM;YACrC,WAAW,EAAE,mBAAmB,CAAC,MAAM;YACvC,aAAa,EAAE,mBAAmB,CAAC,MAAM;YACzC,YAAY,EAAE,mBAAmB,CAAC,MAAM;YACxC,SAAS,EAAE,mBAAmB,CAAC,MAAM;YACrC,oBAAoB,EAAE,mBAAmB,CAAC,MAAM;YAChD,UAAU,EAAE,mBAAmB,CAAC,GAAG;YACnC,uBAAuB,EAAE,mBAAmB,CAAC,GAAG;SACjD,CAAC,CAAC;IACL,CAAC;IAEe,WAAW,CAAC,QAAgB;QAC1C,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,QAAQ,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;YAC5D,QAAQ,CAAC,cAAc,GAAG,mBAAmB,CAAC,GAAG,CAAC;QACpD,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -4,15 +4,21 @@ export default class StrictPreset extends NonePreset {
|
|
|
4
4
|
constructor() {
|
|
5
5
|
super({
|
|
6
6
|
UseAnyApiClient: PermissionRiskLevel.BLOCKED,
|
|
7
|
+
ImportCustomObjects: PermissionRiskLevel.CRITICAL,
|
|
8
|
+
ManageSandboxes: PermissionRiskLevel.CRITICAL,
|
|
9
|
+
ManageDevSandboxes: PermissionRiskLevel.CRITICAL,
|
|
7
10
|
CustomizeApplication: PermissionRiskLevel.CRITICAL,
|
|
8
11
|
ModifyMetadata: PermissionRiskLevel.CRITICAL,
|
|
9
12
|
AuthorApex: PermissionRiskLevel.CRITICAL,
|
|
13
|
+
DebugApex: PermissionRiskLevel.CRITICAL,
|
|
10
14
|
ManageAuthProviders: PermissionRiskLevel.CRITICAL,
|
|
11
15
|
Packaging2: PermissionRiskLevel.CRITICAL,
|
|
12
16
|
Packaging2Delete: PermissionRiskLevel.CRITICAL,
|
|
13
17
|
Packaging2PromoteVersion: PermissionRiskLevel.CRITICAL,
|
|
14
18
|
InstallPackaging: PermissionRiskLevel.CRITICAL,
|
|
15
19
|
ViewClientSecret: PermissionRiskLevel.CRITICAL,
|
|
20
|
+
ExternalClientAppAdmin: PermissionRiskLevel.CRITICAL,
|
|
21
|
+
ManageCertificates: PermissionRiskLevel.HIGH,
|
|
16
22
|
ExportReport: PermissionRiskLevel.HIGH,
|
|
17
23
|
ViewSetup: PermissionRiskLevel.HIGH,
|
|
18
24
|
ApiEnabled: PermissionRiskLevel.HIGH,
|
|
@@ -21,7 +27,18 @@ export default class StrictPreset extends NonePreset {
|
|
|
21
27
|
ManageTwoFactor: PermissionRiskLevel.HIGH,
|
|
22
28
|
ManageRemoteAccess: PermissionRiskLevel.HIGH,
|
|
23
29
|
CanApproveUninstalledApps: PermissionRiskLevel.HIGH,
|
|
30
|
+
AssignPermissionSets: PermissionRiskLevel.HIGH,
|
|
31
|
+
ManageRoles: PermissionRiskLevel.HIGH,
|
|
32
|
+
ManageIpAddresses: PermissionRiskLevel.HIGH,
|
|
33
|
+
ManageSharing: PermissionRiskLevel.HIGH,
|
|
34
|
+
ManageInternalUsers: PermissionRiskLevel.HIGH,
|
|
35
|
+
ManagePasswordPolicies: PermissionRiskLevel.HIGH,
|
|
36
|
+
ManageLoginAccessPolicies: PermissionRiskLevel.HIGH,
|
|
37
|
+
ManageCustomPermissions: PermissionRiskLevel.HIGH,
|
|
38
|
+
FreezeUsers: PermissionRiskLevel.HIGH,
|
|
39
|
+
AccessContentBuilder: PermissionRiskLevel.HIGH,
|
|
24
40
|
EmailMass: PermissionRiskLevel.MEDIUM,
|
|
41
|
+
LightningExperienceUser: PermissionRiskLevel.LOW,
|
|
25
42
|
});
|
|
26
43
|
}
|
|
27
44
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"strict.js","sourceRoot":"","sources":["../../../../src/libs/conf-init/presets/strict.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,UAAU,MAAM,WAAW,CAAC;AAEnC,MAAM,CAAC,OAAO,OAAO,YAAa,SAAQ,UAAU;IAClD;QACE,KAAK,CAAC;YACJ,eAAe,EAAE,mBAAmB,CAAC,OAAO;YAC5C,oBAAoB,EAAE,mBAAmB,CAAC,QAAQ;YAClD,cAAc,EAAE,mBAAmB,CAAC,QAAQ;YAC5C,UAAU,EAAE,mBAAmB,CAAC,QAAQ;YACxC,mBAAmB,EAAE,mBAAmB,CAAC,QAAQ;YACjD,UAAU,EAAE,mBAAmB,CAAC,QAAQ;YACxC,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,wBAAwB,EAAE,mBAAmB,CAAC,QAAQ;YACtD,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,YAAY,EAAE,mBAAmB,CAAC,IAAI;YACtC,SAAS,EAAE,mBAAmB,CAAC,IAAI;YACnC,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,WAAW,EAAE,mBAAmB,CAAC,IAAI;YACrC,aAAa,EAAE,mBAAmB,CAAC,IAAI;YACvC,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,SAAS,EAAE,mBAAmB,CAAC,MAAM;
|
|
1
|
+
{"version":3,"file":"strict.js","sourceRoot":"","sources":["../../../../src/libs/conf-init/presets/strict.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,UAAU,MAAM,WAAW,CAAC;AAEnC,MAAM,CAAC,OAAO,OAAO,YAAa,SAAQ,UAAU;IAClD;QACE,KAAK,CAAC;YACJ,eAAe,EAAE,mBAAmB,CAAC,OAAO;YAC5C,mBAAmB,EAAE,mBAAmB,CAAC,QAAQ;YACjD,eAAe,EAAE,mBAAmB,CAAC,QAAQ;YAC7C,kBAAkB,EAAE,mBAAmB,CAAC,QAAQ;YAChD,oBAAoB,EAAE,mBAAmB,CAAC,QAAQ;YAClD,cAAc,EAAE,mBAAmB,CAAC,QAAQ;YAC5C,UAAU,EAAE,mBAAmB,CAAC,QAAQ;YACxC,SAAS,EAAE,mBAAmB,CAAC,QAAQ;YACvC,mBAAmB,EAAE,mBAAmB,CAAC,QAAQ;YACjD,UAAU,EAAE,mBAAmB,CAAC,QAAQ;YACxC,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,wBAAwB,EAAE,mBAAmB,CAAC,QAAQ;YACtD,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ;YAC9C,sBAAsB,EAAE,mBAAmB,CAAC,QAAQ;YACpD,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,YAAY,EAAE,mBAAmB,CAAC,IAAI;YACtC,SAAS,EAAE,mBAAmB,CAAC,IAAI;YACnC,UAAU,EAAE,mBAAmB,CAAC,IAAI;YACpC,WAAW,EAAE,mBAAmB,CAAC,IAAI;YACrC,aAAa,EAAE,mBAAmB,CAAC,IAAI;YACvC,eAAe,EAAE,mBAAmB,CAAC,IAAI;YACzC,kBAAkB,EAAE,mBAAmB,CAAC,IAAI;YAC5C,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,oBAAoB,EAAE,mBAAmB,CAAC,IAAI;YAC9C,WAAW,EAAE,mBAAmB,CAAC,IAAI;YACrC,iBAAiB,EAAE,mBAAmB,CAAC,IAAI;YAC3C,aAAa,EAAE,mBAAmB,CAAC,IAAI;YACvC,mBAAmB,EAAE,mBAAmB,CAAC,IAAI;YAC7C,sBAAsB,EAAE,mBAAmB,CAAC,IAAI;YAChD,yBAAyB,EAAE,mBAAmB,CAAC,IAAI;YACnD,uBAAuB,EAAE,mBAAmB,CAAC,IAAI;YACjD,WAAW,EAAE,mBAAmB,CAAC,IAAI;YACrC,oBAAoB,EAAE,mBAAmB,CAAC,IAAI;YAC9C,SAAS,EAAE,mBAAmB,CAAC,MAAM;YACrC,uBAAuB,EAAE,mBAAmB,CAAC,GAAG;SACjD,CAAC,CAAC;IACL,CAAC;CACF"}
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import EventEmitter from 'node:events';
|
|
2
2
|
import { Connection } from '@salesforce/core';
|
|
3
|
-
import { AuditResult } from '
|
|
4
|
-
import { AuditRunConfig } from '
|
|
5
|
-
import Policy from './policy.js';
|
|
6
|
-
type PolicyMap = Record<string, Policy
|
|
3
|
+
import { AuditResult } from './result-types.js';
|
|
4
|
+
import { AuditRunConfig } from './file-mgmt/schema.js';
|
|
5
|
+
import Policy from './policies/policy.js';
|
|
6
|
+
type PolicyMap = Record<string, Policy<unknown>>;
|
|
7
7
|
export declare function startAuditRun(directoryPath: string): AuditRun;
|
|
8
8
|
export type EntityResolveEvent = {
|
|
9
9
|
total: number;
|
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
// import fs from 'node:fs';
|
|
2
2
|
import EventEmitter from 'node:events';
|
|
3
|
-
import { loadAuditConfig } from '
|
|
4
|
-
import
|
|
5
|
-
import PermissionSetPolicy from './permissionSetPolicy.js';
|
|
6
|
-
import ConnectedAppPolicy from './connectedAppPolicy.js';
|
|
3
|
+
import { loadAuditConfig } from './file-mgmt/auditConfigFileManager.js';
|
|
4
|
+
import { policyDefs } from './policyRegistry.js';
|
|
7
5
|
export function startAuditRun(directoryPath) {
|
|
8
6
|
const conf = loadAuditConfig(directoryPath);
|
|
9
7
|
return new AuditRun(conf);
|
|
@@ -53,25 +51,21 @@ export default class AuditRun extends EventEmitter {
|
|
|
53
51
|
}
|
|
54
52
|
loadPolicies(config) {
|
|
55
53
|
const pols = {};
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
}
|
|
59
|
-
if (config.policies.PermissionSets) {
|
|
60
|
-
pols.PermissionSets = new PermissionSetPolicy(config.policies.PermissionSets.content, config);
|
|
61
|
-
}
|
|
62
|
-
if (config.policies.ConnectedApps) {
|
|
63
|
-
pols.ConnectedApps = new ConnectedAppPolicy(config.policies.ConnectedApps.content, config);
|
|
64
|
-
}
|
|
65
|
-
Object.entries(pols).forEach(([policyName, policy]) => {
|
|
54
|
+
Object.entries(config.policies).forEach(([policyName, policyConfig]) => {
|
|
55
|
+
const policy = new policyDefs[policyName].handler(policyConfig.content, config);
|
|
66
56
|
policy.addListener('entityresolve', (resolveStats) => {
|
|
67
57
|
this.emit(`entityresolve-${policyName}`, { policyName, ...resolveStats });
|
|
68
58
|
});
|
|
59
|
+
pols[policyName] = policy;
|
|
69
60
|
});
|
|
70
61
|
return pols;
|
|
71
62
|
}
|
|
72
63
|
}
|
|
73
64
|
function isCompliant(results) {
|
|
74
65
|
const list = Object.values(results);
|
|
66
|
+
if (list.length === 0) {
|
|
67
|
+
return true;
|
|
68
|
+
}
|
|
75
69
|
return list.reduce((prevVal, currentVal) => prevVal && currentVal.isCompliant, list[0].isCompliant);
|
|
76
70
|
}
|
|
77
71
|
async function runPolicies(policies, targetOrgConnection) {
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auditRun.js","sourceRoot":"","sources":["../../../src/libs/core/auditRun.ts"],"names":[],"mappings":"AAAA,4BAA4B;AAC5B,OAAO,YAAY,MAAM,aAAa,CAAC;AAIvC,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AACxE,OAAO,EAAE,UAAU,EAAe,MAAM,qBAAqB,CAAC;AAM9D,MAAM,UAAU,aAAa,CAAC,aAAqB;IACjD,MAAM,IAAI,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAC5C,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAQD;;GAEG;AACH,MAAM,CAAC,OAAO,OAAO,QAAS,SAAQ,YAAY;IAGtB;IAFlB,kBAAkB,CAAa;IAEvC,YAA0B,OAAuB;QAC/C,KAAK,EAAE,CAAC;QADgB,YAAO,GAAP,OAAO,CAAgB;IAEjD,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,OAAO,CAAC,mBAA+B;QAClD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,kBAAkB,CAAC;QACjC,CAAC;QACD,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1D,MAAM,qBAAqB,GAAiD,EAAE,CAAC;QAC/E,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YAC5D,qBAAqB,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;QACH,MAAM,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAAC,SAAqB;QACxC,IAAI,CAAC,kBAAkB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACxD,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;QACtE,OAAO;YACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,WAAW,CAAC,OAAO,CAAC;YACjC,QAAQ,EAAE,OAAO;SAClB,CAAC;IACJ,CAAC;IAEO,YAAY,CAAC,MAAsB;QACzC,MAAM,IAAI,GAAc,EAAE,CAAC;QAC3B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE,EAAE;YACrE,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,UAAyB,CAAC,CAAC,OAAO,CAC7D,YAAoC,CAAC,OAAO,EAC7C,MAAM,CACP,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,YAAoD,EAAE,EAAE;gBAC3F,IAAI,CAAC,IAAI,CAAC,iBAAiB,UAAU,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,YAAY,EAAE,CAAC,CAAC;YAC5E,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,SAAS,WAAW,CAAC,OAAmB;IACtC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC,OAAO,IAAI,UAAU,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;AACtG,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAmB,EAAE,mBAA+B;IAC7E,MAAM,YAAY,GAAsC,EAAE,CAAC;IAC3D,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE;QAC3D,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IACH,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,WAAW,CAAC,OAAO,CAAC,CAAC,YAAY,EAAE,EAAE;QACnC,MAAM,SAAS,GAAG,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC;QAClE,OAAO,CAAC,SAAS,CAAC,GAAG,YAAY,CAAC;IACpC,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -3,4 +3,9 @@ export declare const PROFILES_QUERY = "SELECT Profile.Name,Profile.UserType,IsCu
|
|
|
3
3
|
export declare const PERMISSION_SETS_QUERY = "SELECT Name,Label,IsCustom,NamespacePrefix FROM PermissionSet WHERE IsOwnedByProfile = FALSE AND NamespacePrefix = NULL";
|
|
4
4
|
export declare const CONNECTED_APPS_QUERY = "SELECT Name,OptionsAllowAdminApprovedUsersOnly FROM ConnectedApplication";
|
|
5
5
|
export declare const OAUTH_TOKEN_QUERY = "SELECT User.Username,UseCount,AppName FROM OauthToken";
|
|
6
|
+
export declare const ACTIVE_USERS_QUERY = "SELECT Id,Username,UserType FROM User WHERE IsActive = TRUE AND UserType IN ('Standard') LIMIT 2000";
|
|
7
|
+
export declare const ACTIVE_USERS_DETAILS_QUERY = "SELECT Id,Username,Profile.Name,CreatedDate,LastLoginDate FROM User WHERE IsActive = TRUE AND UserType IN ('Standard') LIMIT 2000";
|
|
8
|
+
export declare const USERS_PERMSET_ASSIGNMENTS_QUERY = "SELECT AssigneeId,PermissionSet.Name FROM PermissionSetAssignment WHERE PermissionSet.IsOwnedByProfile = FALSE AND PermissionSet.NamespacePrefix = NULL";
|
|
9
|
+
export declare const buildPermsetAssignmentsQuery: (userIds: string[]) => string;
|
|
10
|
+
export declare const buildLoginHistoryQuery: (daysToAnalayse?: number) => string;
|
|
6
11
|
export declare const RETRIEVE_CACHE: string;
|
|
@@ -5,6 +5,16 @@ export const PROFILES_QUERY = 'SELECT Profile.Name,Profile.UserType,IsCustom FRO
|
|
|
5
5
|
export const PERMISSION_SETS_QUERY = 'SELECT Name,Label,IsCustom,NamespacePrefix FROM PermissionSet WHERE IsOwnedByProfile = FALSE AND NamespacePrefix = NULL';
|
|
6
6
|
export const CONNECTED_APPS_QUERY = 'SELECT Name,OptionsAllowAdminApprovedUsersOnly FROM ConnectedApplication';
|
|
7
7
|
export const OAUTH_TOKEN_QUERY = 'SELECT User.Username,UseCount,AppName FROM OauthToken';
|
|
8
|
+
export const ACTIVE_USERS_QUERY = "SELECT Id,Username,UserType FROM User WHERE IsActive = TRUE AND UserType IN ('Standard') LIMIT 2000";
|
|
9
|
+
export const ACTIVE_USERS_DETAILS_QUERY = "SELECT Id,Username,Profile.Name,CreatedDate,LastLoginDate FROM User WHERE IsActive = TRUE AND UserType IN ('Standard') LIMIT 2000";
|
|
10
|
+
export const USERS_PERMSET_ASSIGNMENTS_QUERY = 'SELECT AssigneeId,PermissionSet.Name FROM PermissionSetAssignment WHERE PermissionSet.IsOwnedByProfile = FALSE AND PermissionSet.NamespacePrefix = NULL';
|
|
11
|
+
// DYNAMIC QUERIES
|
|
12
|
+
export const buildPermsetAssignmentsQuery = (userIds) => `${USERS_PERMSET_ASSIGNMENTS_QUERY} WHERE AssigneeId IN (${userIds.map((userId) => `'${userId}'`).join(',')})`;
|
|
13
|
+
export const buildLoginHistoryQuery = (daysToAnalayse) => daysToAnalayse
|
|
14
|
+
? `${USERS_LOGIN_HISTORY_QUERY} WHERE LoginTime >= LAST_N_DAYS:${daysToAnalayse} GROUP BY LoginType,Application,UserId`
|
|
15
|
+
: `${USERS_LOGIN_HISTORY_QUERY} GROUP BY LoginType,Application,UserId`;
|
|
8
16
|
// PATHS
|
|
9
17
|
export const RETRIEVE_CACHE = path.join('.jsc', 'retrieves');
|
|
18
|
+
// BASE QUERIES
|
|
19
|
+
const USERS_LOGIN_HISTORY_QUERY = 'SELECT LoginType,Application,UserId,COUNT(Id)LoginCount,MAX(LoginTime)LastLogin FROM LoginHistory';
|
|
10
20
|
//# sourceMappingURL=constants.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../src/libs/core/constants.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,UAAU;AACV,MAAM,CAAC,MAAM,kBAAkB,GAAG,2DAA2D,CAAC;AAC9F,MAAM,CAAC,MAAM,cAAc,GACzB,gGAAgG,CAAC;AACnG,MAAM,CAAC,MAAM,qBAAqB,GAChC,yHAAyH,CAAC;AAC5H,MAAM,CAAC,MAAM,oBAAoB,GAAG,0EAA0E,CAAC;AAC/G,MAAM,CAAC,MAAM,iBAAiB,GAAG,uDAAuD,CAAC;
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../src/libs/core/constants.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,UAAU;AACV,MAAM,CAAC,MAAM,kBAAkB,GAAG,2DAA2D,CAAC;AAC9F,MAAM,CAAC,MAAM,cAAc,GACzB,gGAAgG,CAAC;AACnG,MAAM,CAAC,MAAM,qBAAqB,GAChC,yHAAyH,CAAC;AAC5H,MAAM,CAAC,MAAM,oBAAoB,GAAG,0EAA0E,CAAC;AAC/G,MAAM,CAAC,MAAM,iBAAiB,GAAG,uDAAuD,CAAC;AACzF,MAAM,CAAC,MAAM,kBAAkB,GAC7B,qGAAqG,CAAC;AACxG,MAAM,CAAC,MAAM,0BAA0B,GACrC,mIAAmI,CAAC;AACtI,MAAM,CAAC,MAAM,+BAA+B,GAC1C,yJAAyJ,CAAC;AAE5J,kBAAkB;AAClB,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,OAAiB,EAAU,EAAE,CACxE,GAAG,+BAA+B,yBAAyB,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;AAEjH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,cAAuB,EAAU,EAAE,CACxE,cAAc;IACZ,CAAC,CAAC,GAAG,yBAAyB,mCAAmC,cAAc,wCAAwC;IACvH,CAAC,CAAC,GAAG,yBAAyB,wCAAwC,CAAC;AAE3E,QAAQ;AACR,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAE7D,eAAe;AACf,MAAM,yBAAyB,GAC7B,mGAAmG,CAAC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { PathLike } from 'node:fs';
|
|
1
2
|
import { AuditRunConfig } from './schema.js';
|
|
2
3
|
/**
|
|
3
4
|
* Loads an audit run config with the default file manager
|
|
@@ -29,7 +30,7 @@ export default class AuditConfigFileManager {
|
|
|
29
30
|
* @param dirPath
|
|
30
31
|
* @returns
|
|
31
32
|
*/
|
|
32
|
-
parse(dirPath:
|
|
33
|
+
parse(dirPath: PathLike): AuditRunConfig;
|
|
33
34
|
/**
|
|
34
35
|
* Writes a full audit config to disk. If the config was not
|
|
35
36
|
* saved yet, initialises filePath on each element.
|
|
@@ -40,7 +41,8 @@ export default class AuditConfigFileManager {
|
|
|
40
41
|
*/
|
|
41
42
|
save(targetDirPath: string, conf: AuditRunConfig): void;
|
|
42
43
|
private parseSubdir;
|
|
43
|
-
private
|
|
44
|
+
private writeClassifications;
|
|
45
|
+
private writePolicies;
|
|
44
46
|
private validateDependencies;
|
|
45
47
|
}
|
|
46
48
|
export declare const DefaultFileManager: AuditConfigFileManager;
|