Skip to content

Commit

Permalink
Merge pull request #47 from hudec117/dev
Browse files Browse the repository at this point in the history
1.2.4 Fix
  • Loading branch information
hudec117 authored Feb 28, 2024
2 parents 25c276d + c6899aa commit 3708fdb
Show file tree
Hide file tree
Showing 6 changed files with 768 additions and 706 deletions.
22 changes: 9 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# SUPR - Salesforce User Permission Report

![Chrome Web Store](https://img.shields.io/chrome-web-store/v/gkibdicghcpcikhjpgjoijpobdipklnp?style=flat-square)
![Edge Add-ons](https://img.shields.io/badge/edge%20add--ons-v1.2.3-blue?style=flat-square)
![Edge Add-ons](https://img.shields.io/badge/edge%20add--ons-v1.2.4-blue?style=flat-square)

Salesforce User Permission Report allows you to see a report of all the permissions a user has and where they are set.

Expand All @@ -17,18 +17,6 @@ Features
Roadmap
- ✅ Edge support
- ✅ Various QoL & UI improvements
- 🔄 Firefox support (likely next year when Firefox adds manifest v3 support)
- Modifying & saving permissions
- Toggle between labels and full names
- Toggle showing only granted permissions
- Rendering performance improvements
- Dynamic Salesforce API selection

<br />

**See Q&A below for "Not Compatible" error on Chrome Web Store.**

<br />

## Download

Expand Down Expand Up @@ -62,6 +50,14 @@ Navigate to any user detail record in Classic or Lightning and click the "Open P
<img src="branding/screenshots/object-perms.jpg" height="230">
</p>

## Security/Privacy

No data is stored by the extension in the browser (apart from in-memory during use) and no data is transferred to third-party (i.e. non-Salesforce) servers. All communication is secured using HTTPS/TLS, so in theory the unencrypted (plain text) data is only visible in your Salesforce org and in the extension when it is used.

A network request is made to the SOAP API's `getUserInfo` resource which may contain the running user's PII as described here: https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_calls_getuserinfo.htm

The only other piece of PII is the target user's username which is queried and displayed on the refresh button.

## Q&A

**Q**: I can't install the extension because it says "Not Compatible" on Chrome Web Store?
Expand Down
24 changes: 3 additions & 21 deletions src/front-end/services/SalesforcePermissionsService.js
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,8 @@ export default class SalesforcePermissionsService extends SalesforceService {
};
}

async getPermissionSetNames(userId, excludeManaged = true) {
let permissionSetQuery = `SELECT PermissionSet.Name, PermissionSet.Type FROM PermissionSetAssignment WHERE AssigneeId = '${userId}' AND PermissionSet.IsOwnedByProfile = false`;
if (excludeManaged) {
permissionSetQuery += ' AND PermissionSet.NamespacePrefix = \'\'';
}
async getPermissionSetNames(userId) {
let permissionSetQuery = `SELECT PermissionSet.Name, PermissionSet.Type FROM PermissionSetAssignment WHERE AssigneeId = '${userId}' AND PermissionSet.IsOwnedByProfile = false AND PermissionSet.NamespacePrefix = ''`;

const permissionSetQueryResult = await this.query(permissionSetQuery);
if (!permissionSetQueryResult.success) {
Expand All @@ -54,7 +51,7 @@ export default class SalesforcePermissionsService extends SalesforceService {
// If it's a permission set group, we also need to query to see what permission sets are in the group.
const type = permSetAssignmentRecord['PermissionSet']['Type'];
if (type === 'Group') {
const permSetGroupCompQuery = `SELECT PermissionSet.Name FROM PermissionSetGroupComponent WHERE PermissionSetGroup.DeveloperName = '${name}' AND Permissionset.Name != ''`;
const permSetGroupCompQuery = `SELECT PermissionSet.Name FROM PermissionSetGroupComponent WHERE PermissionSetGroup.DeveloperName = '${name}' AND PermissionSet.IsOwnedByProfile = false AND PermissionSet.NamespacePrefix = '' AND Permissionset.Name != ''`;
const permSetGroupCompQueryResult = await this.query(permSetGroupCompQuery);
if (!permSetGroupCompQueryResult.success) {
return permSetGroupCompQueryResult;
Expand Down Expand Up @@ -110,21 +107,6 @@ export default class SalesforcePermissionsService extends SalesforceService {
};
}

// Get profile/permission set label
let metadataLabel = metadataName;
const labelElements = metadata.getElementsByTagName('label');
if (labelElements.length > 0) {
try {
metadataLabel = labelElements[0].textContent;
} catch (error) {
throw {
message: 'Failed to retrieve metadata label',
error,
metadata
};
}
}

const permissionTypeNodes = metadata.childNodes;
for (const permissionTypeNode of permissionTypeNodes) {
const permissionTypeName = permissionTypeNode.tagName;
Expand Down
8 changes: 4 additions & 4 deletions src/front-end/services/SalesforceService.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const METADATA_ENDPOINT = '/services/Soap/m/54.0';
const PARTNER_ENDPOINT = '/services/Soap/u/54.0';
const QUERY_ENDPOINT = '/services/data/v54.0/query';
const TOOLING_QUERY_ENDPOINT = '/services/data/v54.0/tooling/query';
const METADATA_ENDPOINT = '/services/Soap/m/60.0';
const PARTNER_ENDPOINT = '/services/Soap/u/60.0';
const QUERY_ENDPOINT = '/services/data/v60.0/query';
const TOOLING_QUERY_ENDPOINT = '/services/data/v60.0/tooling/query';

export default class SalesforceService {
constructor(serverHost, sessionId) {
Expand Down
2 changes: 1 addition & 1 deletion src/manifest.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "SUPR - Salesforce User Permission Report",
"short_name": "SUPR",
"description": "Salesforce User Permission Report allows you to see a report of all the permissions a user has and where they are set.",
"version": "1.2.3",
"version": "1.2.4",
"author": "Aurel Hudec",
"homepage_url": "https://github.com/hudec117/sf-user-perm-report",
"incognito": "split",
Expand Down
Loading

0 comments on commit 3708fdb

Please sign in to comment.