@j-schreiber/sf-cli-security-audit 0.9.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -6
- package/lib/commands/org/audit/init.js +7 -6
- package/lib/commands/org/audit/init.js.map +1 -1
- package/lib/commands/org/audit/run.js +1 -1
- package/lib/commands/org/audit/run.js.map +1 -1
- package/lib/libs/conf-init/auditConfig.js +9 -6
- package/lib/libs/conf-init/auditConfig.js.map +1 -1
- package/lib/libs/conf-init/permissionsClassification.d.ts +23 -3
- package/lib/libs/conf-init/permissionsClassification.js +48 -2
- package/lib/libs/conf-init/permissionsClassification.js.map +1 -1
- package/lib/libs/conf-init/policyConfigs.d.ts +9 -25
- package/lib/libs/conf-init/policyConfigs.js +16 -74
- package/lib/libs/conf-init/policyConfigs.js.map +1 -1
- package/lib/libs/conf-init/presets/loose.d.ts +2 -2
- package/lib/libs/conf-init/presets/loose.js +2 -0
- package/lib/libs/conf-init/presets/loose.js.map +1 -1
- package/lib/libs/conf-init/presets/none.d.ts +6 -6
- package/lib/libs/conf-init/presets/none.js.map +1 -1
- package/lib/libs/conf-init/presets/strict.js +2 -0
- package/lib/libs/conf-init/presets/strict.js.map +1 -1
- package/lib/libs/core/auditRun.d.ts +2 -0
- package/lib/libs/core/auditRun.js +6 -1
- package/lib/libs/core/auditRun.js.map +1 -1
- package/lib/libs/core/classification-types.d.ts +2 -2
- package/lib/libs/core/classification-types.js.map +1 -1
- package/lib/libs/core/file-mgmt/schema.d.ts +51 -19
- package/lib/libs/core/file-mgmt/schema.js +16 -4
- package/lib/libs/core/file-mgmt/schema.js.map +1 -1
- package/lib/libs/core/mdapi/anySettingsMetadata.js +3 -0
- package/lib/libs/core/mdapi/anySettingsMetadata.js.map +1 -1
- package/lib/libs/core/policies/permissionSetPolicy.d.ts +5 -4
- package/lib/libs/core/policies/permissionSetPolicy.js +7 -5
- package/lib/libs/core/policies/permissionSetPolicy.js.map +1 -1
- package/lib/libs/core/policies/policy.d.ts +2 -1
- package/lib/libs/core/policies/policy.js +4 -3
- package/lib/libs/core/policies/policy.js.map +1 -1
- package/lib/libs/core/policies/profilePolicy.d.ts +5 -4
- package/lib/libs/core/policies/profilePolicy.js +10 -9
- package/lib/libs/core/policies/profilePolicy.js.map +1 -1
- package/lib/libs/core/policies/settingsPolicy.d.ts +1 -0
- package/lib/libs/core/policies/settingsPolicy.js +18 -3
- package/lib/libs/core/policies/settingsPolicy.js.map +1 -1
- package/lib/libs/core/policies/userPolicy.d.ts +1 -0
- package/lib/libs/core/policies/userPolicy.js +5 -3
- package/lib/libs/core/policies/userPolicy.js.map +1 -1
- package/lib/libs/core/policyRegistry.js +14 -5
- package/lib/libs/core/policyRegistry.js.map +1 -1
- package/lib/libs/core/registries/helpers/permissionsScanning.d.ts +1 -3
- package/lib/libs/core/registries/helpers/permissionsScanning.js +1 -1
- package/lib/libs/core/registries/helpers/permissionsScanning.js.map +1 -1
- package/lib/libs/core/registries/ruleRegistry.js +1 -1
- package/lib/libs/core/registries/ruleRegistry.js.map +1 -1
- package/lib/libs/core/registries/rules/enforcePermissionPresets.js +2 -2
- package/lib/libs/core/registries/rules/enforcePermissionPresets.js.map +1 -1
- package/lib/libs/core/registries/rules/enforceSettings.d.ts +2 -1
- package/lib/libs/core/registries/rules/enforceSettings.js +2 -0
- package/lib/libs/core/registries/rules/enforceSettings.js.map +1 -1
- package/lib/libs/core/registries/types.d.ts +5 -5
- package/lib/libs/core/registries/types.js +5 -5
- package/lib/ux/auditRunMultiStage.d.ts +1 -1
- package/lib/ux/auditRunMultiStage.js +12 -9
- package/lib/ux/auditRunMultiStage.js.map +1 -1
- package/messages/org.audit.init.md +2 -2
- package/messages/org.audit.run.md +4 -0
- package/messages/policies.general.md +4 -0
- package/oclif.lock +1407 -1802
- package/oclif.manifest.json +1 -1
- package/package.json +22 -20
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { PermissionsClassificationFileSchema, PermissionSetsClassificationContentSchema, PolicyFileSchema, ProfilesClassificationContentSchema, UsersClassificationContentSchema, UsersPolicyFileSchema, } from './file-mgmt/schema.js';
|
|
2
2
|
import ConnectedAppPolicy from './policies/connectedAppPolicy.js';
|
|
3
3
|
import PermissionSetPolicy from './policies/permissionSetPolicy.js';
|
|
4
4
|
import ProfilePolicy from './policies/profilePolicy.js';
|
|
@@ -6,23 +6,32 @@ import UserPolicy from './policies/userPolicy.js';
|
|
|
6
6
|
import SettingsPolicy from './policies/settingsPolicy.js';
|
|
7
7
|
export const classificationDefs = {
|
|
8
8
|
userPermissions: {
|
|
9
|
-
schema:
|
|
9
|
+
schema: PermissionsClassificationFileSchema,
|
|
10
10
|
},
|
|
11
11
|
customPermissions: {
|
|
12
|
-
schema:
|
|
12
|
+
schema: PermissionsClassificationFileSchema,
|
|
13
|
+
},
|
|
14
|
+
profiles: {
|
|
15
|
+
schema: ProfilesClassificationContentSchema,
|
|
16
|
+
},
|
|
17
|
+
permissionSets: {
|
|
18
|
+
schema: PermissionSetsClassificationContentSchema,
|
|
19
|
+
},
|
|
20
|
+
users: {
|
|
21
|
+
schema: UsersClassificationContentSchema,
|
|
13
22
|
},
|
|
14
23
|
};
|
|
15
24
|
export const policyDefs = {
|
|
16
25
|
profiles: {
|
|
17
26
|
handler: ProfilePolicy,
|
|
18
|
-
schema:
|
|
27
|
+
schema: PolicyFileSchema,
|
|
19
28
|
dependencies: [
|
|
20
29
|
{ path: ['classifications', 'userPermissions'], errorName: 'UserPermClassificationRequiredForProfiles' },
|
|
21
30
|
],
|
|
22
31
|
},
|
|
23
32
|
permissionSets: {
|
|
24
33
|
handler: PermissionSetPolicy,
|
|
25
|
-
schema:
|
|
34
|
+
schema: PolicyFileSchema,
|
|
26
35
|
dependencies: [
|
|
27
36
|
{ path: ['classifications', 'userPermissions'], errorName: 'UserPermClassificationRequiredForPermSets' },
|
|
28
37
|
],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policyRegistry.js","sourceRoot":"","sources":["../../../src/libs/core/policyRegistry.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,
|
|
1
|
+
{"version":3,"file":"policyRegistry.js","sourceRoot":"","sources":["../../../src/libs/core/policyRegistry.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,mCAAmC,EACnC,yCAAyC,EACzC,gBAAgB,EAChB,mCAAmC,EACnC,gCAAgC,EAChC,qBAAqB,GACtB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,kBAAkB,MAAM,kCAAkC,CAAC;AAClE,OAAO,mBAAmB,MAAM,mCAAmC,CAAC;AAEpE,OAAO,aAAa,MAAM,6BAA6B,CAAC;AACxD,OAAO,UAAU,MAAM,0BAA0B,CAAC;AAClD,OAAO,cAAc,MAAM,8BAA8B,CAAC;AAE1D,MAAM,CAAC,MAAM,kBAAkB,GAA2B;IACxD,eAAe,EAAE;QACf,MAAM,EAAE,mCAAmC;KAC5C;IACD,iBAAiB,EAAE;QACjB,MAAM,EAAE,mCAAmC;KAC5C;IACD,QAAQ,EAAE;QACR,MAAM,EAAE,mCAAmC;KAC5C;IACD,cAAc,EAAE;QACd,MAAM,EAAE,yCAAyC;KAClD;IACD,KAAK,EAAE;QACL,MAAM,EAAE,gCAAgC;KACzC;CACF,CAAC;AAOF,MAAM,CAAC,MAAM,UAAU,GAAmB;IACxC,QAAQ,EAAE;QACR,OAAO,EAAE,aAAa;QACtB,MAAM,EAAE,gBAAgB;QACxB,YAAY,EAAE;YACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;SACzG;KACF;IACD,cAAc,EAAE;QACd,OAAO,EAAE,mBAAmB;QAC5B,MAAM,EAAE,gBAAgB;QACxB,YAAY,EAAE;YACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;SACzG;KACF;IACD,aAAa,EAAE;QACb,OAAO,EAAE,kBAAkB;QAC3B,MAAM,EAAE,gBAAgB;KACzB;IACD,KAAK,EAAE;QACL,OAAO,EAAE,UAAU;QACnB,MAAM,EAAE,qBAAqB;KAC9B;IACD,QAAQ,EAAE;QACR,OAAO,EAAE,cAAc;QACvB,MAAM,EAAE,gBAAgB;KACzB;CACF,CAAC"}
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
import { Profile } from '@jsforce/jsforce-node/lib/api/metadata.js';
|
|
2
|
-
import { AuditRunConfig
|
|
3
|
-
import { ClassificationNames } from '../../policyRegistry.js';
|
|
2
|
+
import { AuditRunConfig } from '../../file-mgmt/schema.js';
|
|
4
3
|
import { PolicyRuleViolation, RuleComponentMessage } from '../../result-types.js';
|
|
5
4
|
export type ResolvedProfileLike = {
|
|
6
5
|
name: string;
|
|
@@ -25,5 +24,4 @@ type PermissionsListKey = keyof PartialProfileLike;
|
|
|
25
24
|
*/
|
|
26
25
|
export declare function scanProfileLike(profileLike: ResolvedProfileLike, auditRun: AuditRunConfig, rootIdentifier?: string[]): ScanResult;
|
|
27
26
|
export declare function scanPermissions(profile: ResolvedProfileLike, permissionListName: PermissionsListKey, auditRun: AuditRunConfig, rootIdentifier?: string[]): ScanResult;
|
|
28
|
-
export declare function resolvePerm(permName: string, auditRun: AuditRunConfig, type: ClassificationNames): NamedPermissionsClassification | undefined;
|
|
29
27
|
export {};
|
|
@@ -60,7 +60,7 @@ export function scanPermissions(profile, permissionListName, auditRun, rootIdent
|
|
|
60
60
|
}
|
|
61
61
|
return result;
|
|
62
62
|
}
|
|
63
|
-
|
|
63
|
+
function resolvePerm(permName, auditRun, type) {
|
|
64
64
|
return nameClassification(permName, auditRun.classifications[type]?.content.permissions[permName]);
|
|
65
65
|
}
|
|
66
66
|
function nameClassification(permName, perm) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissionsScanning.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/helpers/permissionsScanning.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"permissionsScanning.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/helpers/permissionsScanning.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAI5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AACpE,OAAO,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AAElE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,oCAAoC,CAAC,CAAC;AAiBnH;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAC7B,WAAgC,EAChC,QAAwB,EACxB,cAAyB;IAEzB,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC1B,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC1C,CAAC;IACD,MAAM,eAAe,GAAG,eAAe,CAAC,WAAW,EAAE,iBAAiB,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IAClG,MAAM,iBAAiB,GAAG,eAAe,CAAC,WAAW,EAAE,mBAAmB,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IACtG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IACjE,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC7D,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,eAAe,CAC7B,OAA4B,EAC5B,kBAAsC,EACtC,QAAwB,EACxB,cAAyB;IAEzB,MAAM,MAAM,GAAe,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC5D,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACxD,MAAM,UAAU,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,cAAc,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7G,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,kBAAkB,CAAC,CAAC;QAChF,IAAI,kBAAkB,EAAE,CAAC;YACvB,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;gBACtE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;oBACrB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kCAAkC,CAAC;iBACjE,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,CAAC,yBAAyB,CAAC,kBAAkB,CAAC,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzF,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;oBACrB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,2CAA2C,EAAE;wBACxE,kBAAkB,CAAC,cAAc;wBACjC,OAAO,CAAC,MAAM;qBACf,CAAC;iBACH,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,kBAAkB,CAAC,cAAc,KAAK,mBAAmB,CAAC,OAAO,EAAE,CAAC;gBAC7E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBACnB,UAAU;oBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,6BAA6B,CAAC;iBAC5D,CAAC,CAAC;YACL,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACnB,UAAU;gBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oCAAoC,CAAC;aACnE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAClB,QAAgB,EAChB,QAAwB,EACxB,IAAwB;IAExB,OAAO,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AACrG,CAAC;AAED,SAAS,kBAAkB,CACzB,QAAgB,EAChB,IAA+B;IAE/B,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC"}
|
|
@@ -35,7 +35,7 @@ export default class RuleRegistry {
|
|
|
35
35
|
if (this.rules[ruleName] && ruleConfig.enabled) {
|
|
36
36
|
enabledRules.push(new this.rules[ruleName]({ auditContext, ruleDisplayName: ruleName, ruleConfig: ruleConfig.options }));
|
|
37
37
|
}
|
|
38
|
-
else if (
|
|
38
|
+
else if (ruleConfig.enabled === false) {
|
|
39
39
|
skippedRules.push({ name: ruleName, skipReason: messages.getMessage('skip-reason.rule-not-enabled') });
|
|
40
40
|
}
|
|
41
41
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ruleRegistry.js","sourceRoot":"","sources":["../../../../src/libs/core/registries/ruleRegistry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAK5C,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AAajG;;;;GAIG;AACH,MAAM,CAAC,OAAO,OAAO,YAAY;IACL;IAA1B,YAA0B,KAA+D;QAA/D,UAAK,GAAL,KAAK,CAA0D;IAAG,CAAC;IAE7F;;;;OAIG;IACI,eAAe;QACpB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;;OAOG;IACI,YAAY,CAAC,QAAiB,EAAE,YAA4B;QACjE,MAAM,YAAY,GAAG,IAAI,KAAK,EAA+B,CAAC;QAC9D,MAAM,YAAY,GAAG,IAAI,KAAK,EAAwB,CAAC;QACvD,MAAM,aAAa,GAAG,IAAI,KAAK,EAAsB,CAAC;QACtD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,EAAE;YAC1D,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;gBAC/C,YAAY,CAAC,IAAI,CACf,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,YAAY,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,CAAC,OAAO,EAAE,CAAC,CACtG,CAAC;YACJ,CAAC;iBAAM,IAAI,
|
|
1
|
+
{"version":3,"file":"ruleRegistry.js","sourceRoot":"","sources":["../../../../src/libs/core/registries/ruleRegistry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAK5C,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AAajG;;;;GAIG;AACH,MAAM,CAAC,OAAO,OAAO,YAAY;IACL;IAA1B,YAA0B,KAA+D;QAA/D,UAAK,GAAL,KAAK,CAA0D;IAAG,CAAC;IAE7F;;;;OAIG;IACI,eAAe;QACpB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;;OAOG;IACI,YAAY,CAAC,QAAiB,EAAE,YAA4B;QACjE,MAAM,YAAY,GAAG,IAAI,KAAK,EAA+B,CAAC;QAC9D,MAAM,YAAY,GAAG,IAAI,KAAK,EAAwB,CAAC;QACvD,MAAM,aAAa,GAAG,IAAI,KAAK,EAAsB,CAAC;QACtD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,EAAE;YAC1D,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;gBAC/C,YAAY,CAAC,IAAI,CACf,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,YAAY,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,CAAC,OAAO,EAAE,CAAC,CACtG,CAAC;YACJ,CAAC;iBAAM,IAAI,UAAU,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBACxC,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,CAAC,UAAU,CAAC,8BAA8B,CAAC,EAAE,CAAC,CAAC;YACzG,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;YAC5G,CAAC;QACH,CAAC,CAAC,CAAC;QACH,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;IACvD,CAAC;CACF"}
|
|
@@ -16,12 +16,12 @@ export default class EnforcePermissionPresets extends PolicyRule {
|
|
|
16
16
|
// options "with/without metadata - only identifiers"
|
|
17
17
|
const userPerms = await userRepo.resolveUserPermissions(Object.values(users), { withMetadata: false });
|
|
18
18
|
for (const user of Object.values(users)) {
|
|
19
|
-
const profilePreset = this.auditContext.
|
|
19
|
+
const profilePreset = this.auditContext.classifications.profiles?.content.profiles[user.profileName];
|
|
20
20
|
auditPermissionsEntity(result, user, 'profile', user.profileName, profilePreset?.preset);
|
|
21
21
|
const permsets = userPerms.get(user.userId);
|
|
22
22
|
if (permsets) {
|
|
23
23
|
for (const assignment of permsets.assignedPermissionsets) {
|
|
24
|
-
const permsetPreset = this.auditContext.
|
|
24
|
+
const permsetPreset = this.auditContext.classifications.permissionSets?.content.permissionSets[assignment.permissionSetIdentifier];
|
|
25
25
|
auditPermissionsEntity(result, user, 'permission set', assignment.permissionSetIdentifier, permsetPreset?.preset);
|
|
26
26
|
}
|
|
27
27
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"enforcePermissionPresets.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/rules/enforcePermissionPresets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,eAAe,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AAEtF,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,UAA2B,MAAM,iBAAiB,CAAC;AAE1D,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,aAAa,CAAC,CAAC;AAE5F,MAAM,CAAC,OAAO,OAAO,wBAAyB,SAAQ,UAAwB;IAC5E,YAAmB,IAAiB;QAClC,KAAK,CAAC,IAAI,CAAC,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,GAAG,CAAC,OAAuC;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,OAAO,CAAC,gBAAgB,CAAC;QACvC,MAAM,QAAQ,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAClE,qDAAqD;QACrD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,sBAAsB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;QACvG,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,
|
|
1
|
+
{"version":3,"file":"enforcePermissionPresets.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/rules/enforcePermissionPresets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,eAAe,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AAEtF,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,UAA2B,MAAM,iBAAiB,CAAC;AAE1D,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,aAAa,CAAC,CAAC;AAE5F,MAAM,CAAC,OAAO,OAAO,wBAAyB,SAAQ,UAAwB;IAC5E,YAAmB,IAAiB;QAClC,KAAK,CAAC,IAAI,CAAC,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,GAAG,CAAC,OAAuC;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,OAAO,CAAC,gBAAgB,CAAC;QACvC,MAAM,QAAQ,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAClE,qDAAqD;QACrD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,sBAAsB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;QACvG,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACrG,sBAAsB,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,WAAW,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;YACzF,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5C,IAAI,QAAQ,EAAE,CAAC;gBACb,KAAK,MAAM,UAAU,IAAI,QAAQ,CAAC,sBAAsB,EAAE,CAAC;oBACzD,MAAM,aAAa,GACjB,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,cAAc,EAAE,OAAO,CAAC,cAAc,CACtE,UAAU,CAAC,uBAAuB,CACnC,CAAC;oBACJ,sBAAsB,CACpB,MAAM,EACN,IAAI,EACJ,gBAAgB,EAChB,UAAU,CAAC,uBAAuB,EAClC,aAAa,EAAE,MAAM,CACtB,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAED,SAAS,sBAAsB,CAC7B,MAA+B,EAC/B,IAAkB,EAClB,UAAkB,EAClB,gBAAwB,EACxB,YAAiC;IAEjC,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,YAAY,KAAK,kBAAkB,CAAC,OAAO,EAAE,CAAC;YAChD,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;gBACrB,UAAU,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC;gBAC7C,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oCAAoC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;aAC7F,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,yBAAyB,CAAC,YAAY,CAAC,GAAG,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1F,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;gBACrB,UAAU,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC;gBAC7C,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,6CAA6C,EAAE;oBAC1E,IAAI,CAAC,IAAI;oBACT,UAAU;oBACV,YAAY;iBACb,CAAC;aACH,CAAC,CAAC;QACL,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;YACrB,UAAU,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC;YAC7C,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,2CAA2C,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC,CAAC;SAChH,CAAC,CAAC;IACL,CAAC;AACH,CAAC"}
|
|
@@ -5,7 +5,8 @@ type EnforceSettingsOpts = ConfigurableRuleOptions<Record<string, unknown>> & {
|
|
|
5
5
|
settingName: string;
|
|
6
6
|
};
|
|
7
7
|
export default class EnforceSettings extends PolicyRule<unknown> {
|
|
8
|
-
private ruleOptions;
|
|
8
|
+
private readonly ruleOptions;
|
|
9
|
+
settingName: string;
|
|
9
10
|
constructor(ruleOptions: EnforceSettingsOpts);
|
|
10
11
|
run(context: RuleAuditContext<SalesforceSetting>): Promise<PartialPolicyRuleResult>;
|
|
11
12
|
}
|
|
@@ -4,9 +4,11 @@ Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
|
|
|
4
4
|
const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'rules.settings');
|
|
5
5
|
export default class EnforceSettings extends PolicyRule {
|
|
6
6
|
ruleOptions;
|
|
7
|
+
settingName;
|
|
7
8
|
constructor(ruleOptions) {
|
|
8
9
|
super(ruleOptions);
|
|
9
10
|
this.ruleOptions = ruleOptions;
|
|
11
|
+
this.settingName = this.ruleOptions.settingName;
|
|
10
12
|
}
|
|
11
13
|
run(context) {
|
|
12
14
|
const result = this.initResult();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"enforceSettings.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/rules/enforceSettings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAG5C,OAAO,UAAuC,MAAM,iBAAiB,CAAC;AAEtE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,gBAAgB,CAAC,CAAC;AAM/F,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,UAAmB;
|
|
1
|
+
{"version":3,"file":"enforceSettings.js","sourceRoot":"","sources":["../../../../../src/libs/core/registries/rules/enforceSettings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAG5C,OAAO,UAAuC,MAAM,iBAAiB,CAAC;AAEtE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,gBAAgB,CAAC,CAAC;AAM/F,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,UAAmB;IAG1B;IAF7B,WAAW,CAAC;IAEnB,YAAoC,WAAgC;QAClE,KAAK,CAAC,WAAW,CAAC,CAAC;QADe,gBAAW,GAAX,WAAW,CAAqB;QAElE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC;IAClD,CAAC;IAEM,GAAG,CAAC,OAA4C;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC9E,MAAM,cAAc,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,UAAU,CAAC;QACjE,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC,cAAc,CAAC,EAAE,cAAc,CAAC,CAAC;QACrF,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnC,MAAM,CAAC,iBAAiB,GAAG,CAAC,cAAc,CAAC,CAAC;YAC5C,MAAM,CAAC,gBAAgB,GAAG,EAAE,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,iBAAiB,GAAG,EAAE,CAAC;YAC9B,MAAM,CAAC,gBAAgB,GAAG,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,UAAU,CAAC,CAAC;QACxE,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC;CACF;AAED,SAAS,aAAa,CACpB,cAAiC,EACjC,WAAoC,EACpC,SAAmB,EACnB,YAAgC;IAEhC,KAAK,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QAC1E,MAAM,YAAY,GAAG,CAAC,GAAG,SAAS,EAAE,WAAW,CAAC,CAAC;QACjD,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,WAAW,CAAC,KAAK,SAAS,EAAE,CAAC;YAC7D,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACxB,UAAU,EAAE,YAAY;gBACxB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kCAAkC,CAAC;aACjE,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,IAAI,OAAO,aAAa,KAAK,QAAQ,IAAI,YAAY,EAAE,CAAC;YACtD,aAAa,CACX,aAAkC,EAClC,WAAW,EACX,YAAY,EACZ,YAAY,CAAC,WAAW,CAAsB,CAC/C,CAAC;QACJ,CAAC;aAAM,IACL,OAAO,aAAa,KAAK,QAAQ;YACjC,OAAO,aAAa,KAAK,SAAS;YAClC,OAAO,aAAa,KAAK,QAAQ,EACjC,CAAC;YACD,IAAI,aAAa,KAAK,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC;gBAChD,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC;oBAC1B,UAAU,EAAE,YAAY;oBACxB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,0CAA0C,EAAE;wBACvE,aAAa;wBACb,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;qBAClC,CAAC;iBACH,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -2,11 +2,11 @@ import { Connection } from '@salesforce/core';
|
|
|
2
2
|
import { AuditPolicyResult, PolicyRuleExecutionResult } from '../result-types.js';
|
|
3
3
|
import { Optional } from '../utils.js';
|
|
4
4
|
export declare const RuleRegistries: {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
5
|
+
connectedApps: import("./connectedApps.js").default;
|
|
6
|
+
profiles: import("./profiles.js").default;
|
|
7
|
+
permissionSets: import("./permissionSets.js").default;
|
|
8
|
+
users: import("./users.js").default;
|
|
9
|
+
settings: import("./settings.js").default;
|
|
10
10
|
};
|
|
11
11
|
export type Constructor<T, Args extends any[] = any[]> = new (...args: Args) => T;
|
|
12
12
|
/**
|
|
@@ -4,10 +4,10 @@ import { ProfilesRegistry } from './profiles.js';
|
|
|
4
4
|
import { UsersRegistry } from './users.js';
|
|
5
5
|
import { SettingsRegistry } from './settings.js';
|
|
6
6
|
export const RuleRegistries = {
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
7
|
+
connectedApps: ConnectedAppsRegistry,
|
|
8
|
+
profiles: ProfilesRegistry,
|
|
9
|
+
permissionSets: PermissionSetsRegistry,
|
|
10
|
+
users: UsersRegistry,
|
|
11
|
+
settings: SettingsRegistry,
|
|
12
12
|
};
|
|
13
13
|
//# sourceMappingURL=types.js.map
|
|
@@ -47,7 +47,7 @@ export default class AuditRunMultiStageOutput {
|
|
|
47
47
|
static create(opts: AuditRunStageOptions): AuditRunMultiStageOutput;
|
|
48
48
|
start(): void;
|
|
49
49
|
startPolicyResolve(runInstance: AuditRun): void;
|
|
50
|
-
startRuleExecution(): void;
|
|
50
|
+
startRuleExecution(runInstance: AuditRun): void;
|
|
51
51
|
finish(): void;
|
|
52
52
|
private addPolicyStatsListener;
|
|
53
53
|
}
|
|
@@ -77,20 +77,23 @@ export default class AuditRunMultiStageOutput {
|
|
|
77
77
|
}
|
|
78
78
|
},
|
|
79
79
|
});
|
|
80
|
-
if (policy.content.rules && Object.keys(policy.content.rules).length > 0) {
|
|
81
|
-
const enabledRules = Object.values(policy.content.rules).filter((ruleConfig) => ruleConfig.enabled).length;
|
|
82
|
-
this.stageSpecificBlocks.push({
|
|
83
|
-
stage: EXECUTE_RULES,
|
|
84
|
-
type: 'message',
|
|
85
|
-
get: () => `Execute ${enabledRules} rule(s) for ${policyName}`,
|
|
86
|
-
});
|
|
87
|
-
}
|
|
88
80
|
}
|
|
89
81
|
});
|
|
90
82
|
this.mso.updateData({});
|
|
91
83
|
}
|
|
92
|
-
startRuleExecution() {
|
|
84
|
+
startRuleExecution(runInstance) {
|
|
93
85
|
this.mso.goto(EXECUTE_RULES, { currentStatus: 'Executing' });
|
|
86
|
+
Object.entries(runInstance.configs.policies).forEach(([policyName, policy]) => {
|
|
87
|
+
if (policy.content.enabled) {
|
|
88
|
+
const enabledRules = runInstance.getExecutableRulesCount(policyName);
|
|
89
|
+
this.stageSpecificBlocks.push({
|
|
90
|
+
stage: EXECUTE_RULES,
|
|
91
|
+
type: 'message',
|
|
92
|
+
get: () => `${enabledRules} rule(s) for ${capitalize(policyName)}`,
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
});
|
|
96
|
+
this.mso.updateData({});
|
|
94
97
|
}
|
|
95
98
|
finish() {
|
|
96
99
|
this.mso.goto(FINALISE, { currentStatus: 'Completed' });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auditRunMultiStage.js","sourceRoot":"","sources":["../../src/ux/auditRunMultiStage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,2BAA2B,CAAC;AAEtF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"auditRunMultiStage.js","sourceRoot":"","sources":["../../src/ux/auditRunMultiStage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,2BAA2B,CAAC;AAEtF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGnD,MAAM,CAAC,MAAM,iBAAiB,GAAG,sBAAsB,CAAC;AACxD,MAAM,CAAC,MAAM,gBAAgB,GAAG,oBAAoB,CAAC;AACrD,MAAM,CAAC,MAAM,aAAa,GAAG,iBAAiB,CAAC;AAC/C,MAAM,CAAC,MAAM,QAAQ,GAAG,oBAAoB,CAAC;AAmB7C,MAAM,CAAC,OAAO,OAAO,wBAAwB;IACpC,GAAG,CAAiC;IACpC,mBAAmB,CAAsC;IACxD,QAAQ,CAAmB;IAEnC,YAAmB,IAA2C;QAC5D,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,kBAAyD,CAAC;QAC1F,IAAI,CAAC,GAAG,GAAG,wBAAwB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;IACrB,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,IAA2C;QAC9D,OAAO,IAAI,gBAAgB,CAAe,IAAI,CAAC,CAAC;IAClD,CAAC;IAED;;;;;;;;;;;;OAYG;IACI,MAAM,CAAC,MAAM,CAAC,IAA0B;QAC7C,OAAO,IAAI,wBAAwB,CAAC;YAClC,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,KAAK;YACtC,MAAM,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,QAAQ,CAAC;YACtE,KAAK,EAAE,cAAc;YACrB,cAAc,EAAE;gBACd;oBACE,IAAI,EAAE,SAAS;oBACf,GAAG,EAAE,GAAG,EAAE,CAAC,YAAY,IAAI,CAAC,SAAS,qBAAqB,IAAI,CAAC,iBAAiB,EAAE;iBACnF;aACF;YACD,eAAe,EAAE;gBACf;oBACE,IAAI,EAAE,kBAAkB;oBACxB,KAAK,EAAE,QAAQ;oBACf,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,aAAa;iBACnC;aACF;YACD,kBAAkB,EAAE,EAAE;SACvB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK;QACV,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,aAAa,EAAE,cAAc,EAAE,CAAC,CAAC;IACtE,CAAC;IAEM,kBAAkB,CAAC,WAAqB;QAC7C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,CAAC;QAChE,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE;YAC5E,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC3B,IAAI,CAAC,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;gBACrD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;oBAC5B,KAAK,EAAE,gBAAgB;oBACvB,IAAI,EAAE,mBAAmB;oBACzB,KAAK,EAAE,UAAU,CAAC,UAAU,CAAC;oBAC7B,GAAG,EAAE,CAAC,IAAkB,EAAU,EAAE;wBAClC,IAAI,IAAI,EAAE,QAAQ,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;4BACjC,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,QAAQ,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;wBAC9F,CAAC;6BAAM,CAAC;4BACN,OAAO,EAAE,CAAC;wBACZ,CAAC;oBACH,CAAC;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEM,kBAAkB,CAAC,WAAqB;QAC7C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,CAAC;QAC7D,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE;YAC5E,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC3B,MAAM,YAAY,GAAG,WAAW,CAAC,uBAAuB,CAAC,UAAyB,CAAC,CAAC;gBACpF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;oBAC5B,KAAK,EAAE,aAAa;oBACpB,IAAI,EAAE,SAAS;oBACf,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,YAAY,gBAAgB,UAAU,CAAC,UAAU,CAAC,EAAE;iBACnE,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEM,MAAM;QACX,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;IAEO,sBAAsB,GAAG,CAAC,UAAkB,EAAE,WAAqB,EAAQ,EAAE;QACnF,2EAA2E;QAC3E,oEAAoE;QACpE,qFAAqF;QACrF,4DAA4D;QAC5D,WAAW,CAAC,WAAW,CAAC,iBAAiB,UAAU,EAAE,EAAE,CAAC,IAAwB,EAAE,EAAE;YAClF,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBAClB,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;gBACrD,CAAC;gBACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBACf,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBAC/C,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;YACvF,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;CACH"}
|
|
@@ -32,9 +32,9 @@ The selected preset is applied before any other default mechanisms (such as temp
|
|
|
32
32
|
|
|
33
33
|
<%= config.bin %> <%= command.id %> -o MyTargetOrg -d my_dir -p loose
|
|
34
34
|
|
|
35
|
-
# success.
|
|
35
|
+
# success.classification-summary
|
|
36
36
|
|
|
37
|
-
Initialised %s
|
|
37
|
+
Initialised %s %s at %s.
|
|
38
38
|
|
|
39
39
|
# success.policy-summary
|
|
40
40
|
|
|
@@ -48,6 +48,10 @@ The "Profiles" policy requires at least userPermissions to be initialised, but n
|
|
|
48
48
|
|
|
49
49
|
The "Permission Sets" policy requires at least userPermissions to be initialised, but none were found at the target directory.
|
|
50
50
|
|
|
51
|
+
# ProfileClassificationRequiredForProfiles
|
|
52
|
+
|
|
53
|
+
The "Profiles" policy requires a corresponding classification to be initialised.
|
|
54
|
+
|
|
51
55
|
# error.InvalidConfigFileSchema
|
|
52
56
|
|
|
53
57
|
Failed to parse %s: %s.
|
|
@@ -18,6 +18,10 @@ Users with role UNKNOWN are ignored. To apply the default role, remove them from
|
|
|
18
18
|
|
|
19
19
|
Rule was disabled in policy config.
|
|
20
20
|
|
|
21
|
+
# skip-reason.failed-to-resolve-setting
|
|
22
|
+
|
|
23
|
+
Rule name resolved to setting "%s" which is not a valid setting on the target org.
|
|
24
|
+
|
|
21
25
|
# resolve-error.rule-not-registered
|
|
22
26
|
|
|
23
27
|
Rule was not available in registry.
|