npm - sf-data-extractor - Versions diffs - 1.0.3 → 1.0.4 - Mend

sf-data-extractor 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md +3 -0
package/load-plans/load-plan-security.json +212 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -18,6 +18,9 @@
 - ![sf-data-extract](https://raw.githubusercontent.com/mchinnappan100/npmjs-images/main/sf-data-extract/sf-data-export-1.png)
+## Security check load plan
+- [Load Plan Security](https://raw.githubusercontent.com/mchinnappan100/npmjs-images/main/sf-data-extract/load-plan-security.json))
 ## 📋 Prerequisites
 - Node.js >= 14.0.0

package/load-plans/load-plan-security.json ADDED Viewed

@@ -0,0 +1,212 @@
+[
+  {
+    "object": "EntityDefinition",
+    "compositeKeys": ["DurableId"],
+    "description": "Identifies sharing model settings for all customizable objects to detect overly permissive configurations",
+    "query": "SELECT DurableId, QualifiedApiName, InternalSharingModel, ExternalSharingModel FROM EntityDefinition WHERE IsCustomizable = true",
+    "fieldMappings": {
+      "DurableId": "DurableId",
+      "QualifiedApiName": "QualifiedApiName",
+      "InternalSharingModel": "InternalSharingModel",
+      "ExternalSharingModel": "ExternalSharingModel"
+    }
+  },
+  {
+    "object": "Group",
+    "compositeKeys": ["Id"],
+    "description": "Retrieves organization-wide default settings to review baseline sharing rules",
+    "query": "SELECT Id, Name, Type FROM Group WHERE Type = 'Organization' LIMIT 1",
+    "fieldMappings": {
+      "Id": "Id",
+      "Name": "Name",
+      "Type": "Type"
+    }
+  },
+  {
+    "object": "PermissionSet",
+    "compositeKeys": ["Id"],
+    "description": "Lists all custom permission sets including those with elevated system permissions like Modify All Data and View All Data",
+    "query": "SELECT Id, Name, Label, IsOwnedByProfile, PermissionsModifyAllData, PermissionsViewAllData, PermissionsManageUsers FROM PermissionSet WHERE IsOwnedByProfile = false",
+    "fieldMappings": {
+      "Id": "Id",
+      "Name": "Name",
+      "Label": "Label",
+      "IsOwnedByProfile": "IsOwnedByProfile",
+      "PermissionsModifyAllData": "PermissionsModifyAllData",
+      "PermissionsViewAllData": "PermissionsViewAllData",
+      "PermissionsManageUsers": "PermissionsManageUsers"
+    }
+  },
+  {
+    "object": "FieldPermissions",
+    "compositeKeys": ["ParentId", "Field"],
+    "description": "Identifies field-level edit permissions on sensitive security objects (User, Profile, PermissionSet) that could enable privilege escalation",
+    "query": "SELECT ParentId, Field, PermissionsEdit, PermissionsRead, SobjectType FROM FieldPermissions WHERE PermissionsEdit = true AND SobjectType IN ('User','Profile','PermissionSet')",
+    "fieldMappings": {
+      "ParentId": "ParentId",
+      "Field": "Field",
+      "PermissionsEdit": "PermissionsEdit",
+      "PermissionsRead": "PermissionsRead",
+      "SobjectType": "SobjectType"
+    }
+  },
+  {
+    "object": "Profile",
+    "compositeKeys": ["Id"],
+    "description": "Lists all standard user profiles with their system-level permissions to identify overly privileged profiles",
+    "query": "SELECT Id, Name, UserLicense.Name, PermissionsModifyAllData, PermissionsViewAllData, PermissionsManageUsers, PermissionsApiEnabled FROM Profile WHERE UserType = 'Standard'",
+    "fieldMappings": {
+      "Id": "Id",
+      "Name": "Name",
+      "UserLicenseName": "UserLicense.Name",
+      "PermissionsModifyAllData": "PermissionsModifyAllData",
+      "PermissionsViewAllData": "PermissionsViewAllData",
+      "PermissionsManageUsers": "PermissionsManageUsers",
+      "PermissionsApiEnabled": "PermissionsApiEnabled"
+    }
+  },
+  {
+    "object": "User",
+    "compositeKeys": ["Username"],
+    "description": "Identifies active users who haven't logged in for 90+ days, indicating potential stale accounts that should be deactivated",
+    "query": "SELECT Id, Username, Email, ProfileId, IsActive, LastLoginDate, CreatedDate FROM User WHERE IsActive = true AND LastLoginDate < LAST_N_DAYS:90",
+    "fieldMappings": {
+      "Id": "Id",
+      "Username": "Username",
+      "Email": "Email",
+      "ProfileId": "ProfileId",
+      "IsActive": "IsActive",
+      "LastLoginDate": "LastLoginDate",
+      "CreatedDate": "CreatedDate"
+    }
+  },
+  {
+    "object": "PermissionSetAssignment",
+    "compositeKeys": ["Id"],
+    "description": "Tracks users assigned permission sets with Modify All Data or View All Data permissions for privilege monitoring",
+    "query": "SELECT Id, PermissionSetId, AssigneeId, PermissionSet.Name, Assignee.Username FROM PermissionSetAssignment WHERE PermissionSet.PermissionsModifyAllData = true OR PermissionSet.PermissionsViewAllData = true",
+    "fieldMappings": {
+      "Id": "Id",
+      "PermissionSetId": "PermissionSetId",
+      "AssigneeId": "AssigneeId",
+      "PermissionSetName": "PermissionSet.Name",
+      "AssigneeUsername": "Assignee.Username"
+    }
+  },
+  {
+    "object": "LoginHistory",
+    "compositeKeys": ["Id"],
+    "description": "Captures all login attempts from the last 30 days to detect potential brute force attacks or unauthorized access attempts",
+    "query": "SELECT Id, UserId, LoginTime, Status, SourceIp, Application FROM LoginHistory WHERE LoginTime = LAST_N_DAYS:30  ORDER BY LoginTime DESC LIMIT 10000",
+    "fieldMappings": {
+      "Id": "Id",
+      "UserId": "UserId",
+      "LoginTime": "LoginTime",
+      "Status": "Status",
+      "SourceIp": "SourceIp",
+      "Application": "Application"
+    }
+  },
+  {
+    "object": "SetupAuditTrail",
+    "compositeKeys": ["Id"],
+    "description": "Monitors all configuration changes in the last 90 days to track security-related modifications and user management activities",
+    "query": "SELECT Id, Action, Section, CreatedById, CreatedBy.Username, CreatedDate FROM SetupAuditTrail WHERE CreatedDate = LAST_N_DAYS:90 ORDER BY CreatedDate DESC",
+    "fieldMappings": {
+      "Id": "Id",
+      "Action": "Action",
+      "Section": "Section",
+      "CreatedById": "CreatedById",
+      "CreatedByUsername": "CreatedBy.Username",
+      "CreatedDate": "CreatedDate"
+    }
+  },
+  {
+    "object": "ObjectPermissions",
+    "compositeKeys": ["ParentId", "SobjectType"],
+    "description": "Identifies profiles and permission sets with Modify All Records permission which bypasses sharing rules",
+    "query": "SELECT ParentId, SobjectType, PermissionsCreate, PermissionsRead, PermissionsEdit, PermissionsDelete, PermissionsViewAllRecords, PermissionsModifyAllRecords FROM ObjectPermissions WHERE PermissionsModifyAllRecords = true",
+    "fieldMappings": {
+      "ParentId": "ParentId",
+      "SobjectType": "SobjectType",
+      "PermissionsCreate": "PermissionsCreate",
+      "PermissionsRead": "PermissionsRead",
+      "PermissionsEdit": "PermissionsEdit",
+      "PermissionsDelete": "PermissionsDelete",
+      "PermissionsViewAllRecords": "PermissionsViewAllRecords",
+      "PermissionsModifyAllRecords": "PermissionsModifyAllRecords"
+    }
+  },
+  {
+    "object": "UserRole",
+    "compositeKeys": ["Id"],
+    "description": "Maps the role hierarchy to understand data visibility through role-based sharing",
+    "query": "SELECT Id, Name, ParentRoleId FROM UserRole",
+    "fieldMappings": {
+      "Id": "Id",
+      "Name": "Name",
+      "ParentRoleId": "ParentRoleId"
+    }
+  },
+  {
+    "object": "User",
+    "compositeKeys": ["Username"],
+    "description": "Lists all users with elevated system permissions (Modify All Data or View All Data) for privileged access review",
+    "query": "SELECT Id, Username, Email, ProfileId, Profile.Name, UserRoleId, IsActive FROM User WHERE Profile.PermissionsModifyAllData = true OR Profile.PermissionsViewAllData = true",
+    "fieldMappings": {
+      "Id": "Id",
+      "Username": "Username",
+      "Email": "Email",
+      "ProfileId": "ProfileId",
+      "ProfileName": "Profile.Name",
+      "UserRoleId": "UserRoleId",
+      "IsActive": "IsActive"
+    }
+  },
+  {
+    "object": "NetworkMemberGroup",
+    "compositeKeys": ["Id"],
+    "description": "Reviews Experience Cloud community member groups for proper external user access controls",
+    "query": "SELECT Id, NetworkId, ParentId FROM NetworkMemberGroup",
+    "fieldMappings": {
+      "Id": "Id",
+      "NetworkId": "NetworkId",
+      "ParentId": "ParentId"
+    }
+  },
+  {
+    "object": "AuthSession",
+    "compositeKeys": ["Id"],
+    "description": "Monitors active authentication sessions from the last 7 days to detect suspicious login patterns or session anomalies",
+    "query": "SELECT Id, UsersId, LoginType, SourceIp, LastModifiedDate FROM AuthSession WHERE LastModifiedDate = LAST_N_DAYS:7",
+    "fieldMappings": {
+      "Id": "Id",
+      "UsersId": "UsersId",
+      "LoginType": "LoginType",
+      "SourceIp": "SourceIp",
+      "LastModifiedDate": "LastModifiedDate"
+    }
+  },
+  {
+  "object": "User",
+  "compositeKeys": ["Id"],
+  "description": "Lists all active users assigned the System Administrator profile",
+  "query": "SELECT Id, Name, Username, Email, Profile.Name, IsActive FROM User WHERE IsActive = true AND Profile.Name = 'System Administrator'",
+  "fieldMappings": {
+    "Id": "Id",
+    "Name": "Name",
+    "Username": "Username",
+    "Email": "Email",
+    "IsActive": "IsActive",
+    "ProfileId": {
+      "lookup": {
+        "object": "Profile",
+        "key": "Name",
+        "field": "Profile.Name"
+      }
+    }
+  }
+}
+]

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sf-data-extractor",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "Extract Salesforce data based on load plan and generate beautiful HTML reports",
   "main": "index.js",
   "bin": {