An example for using Platform Encryption in a DE scratch org with Salesforce DX

Перейти к файлу

Wade Wegner 029e131399 Update README.md		2017-07-06 07:18:29 -05:00
config	Working sample	2017-07-06 06:55:14 -05:00
force-app/main/default	Working sample	2017-07-06 06:55:14 -05:00
.gitignore	Working sample	2017-07-06 06:55:14 -05:00
LICENSE	Initial commit	2017-07-06 06:53:32 -05:00
README.md	Update README.md	2017-07-06 07:18:29 -05:00
sfdx-project.json	Working sample	2017-07-06 06:55:14 -05:00

README.md

sfdx-platformencryption

This is a simple example of using encrypted fields in a DE scratch org.

Steps to try:

Create a new scratch org: sfdx force:org:create -s -f config/project-scratch-def.json
Push all the source into the scratch org: sfdx force:source:push
Assign the permission set granting you ManageEncryptionKeys: sfdx force:user:permset:assign -n Encryption
Create a tenant secret: sfdx force:data:record:create -s TenantSecret -v "Description=test". Details on tenant secrets can be found here.
Open the file force-app/main/default/objects/Account/fields/EncryptedText__c.field-meta.xml and add a carriage return to mark the metadata as "dirty".
Push the updated EncryptedText__c custom field: sfdx force:source:push
Open the fields & relationships setup page for Account: sfdx force:org:open -p one/one.app#/setup/object/Account/all/FieldsAndRelationships
Confirm that the EncryptedText field has the encrypted field set.

That's it!

Note: the need to make a change to the EncryptedText__c.field-meta.xml file is not ideal. However, there is currently a "chicken & egg" problem. If you push all the source into the scratch org first, assign the permission set, then generate the tenant secret, your custom field will not have the encrypted attribute set. However, if you try to generate the tenant secret before you've pushed source (and assigned the permission set), you don't have access and it will fail. This is something we'll look into resolving.