Create a Permission Set and Add It to Your Package

Create the Sales Unlocked Package

In this step, you create an unlocked package and put the new permission set in the package.

  1. To create a new unlocked package named salesApps, run this command:
    sfdx force:package:create --name salesApps --description "My Package" --packagetype Unlocked --path force-app --nonamespace --targetdevhubusername DevHub

    The terminal window returns “Successfully created a package” followed by the Package Id.
    Terminal window displaying success message after a package is created.

    You created a package that contains the metadata in your project’s force-app directory.

  2. In VS Code, expand the PermSetUnlockedPackage folder, and then open the sfdx-project.json file. The JSON file opens in the editor window.
    The JSON file lists salesApps, with its package name and Id under packageAliases.
    Take note of the package name and Id under packageAliases. You use them later in this project.

Create a Scratch Org

Scratch orgs are defined by the project-scratch-def.json file, which resides in a project’s config directory. Because we’re working with a new Salesforce DX project (the PermSetUnlockedPackage directory), our project-scratch-def.json file will be pretty basic. 

  1. To create a scratch org, run this command, which typically takes less than a minute:
    sfdx force:org:create -f config/project-scratch-def.json -s

    The terminal displays “Successfully created scratch org” followed by the org ID and username.

The terminal displays “Successfully created scratch org” followed by the org ID and username. Notice that no password is provided for the username for the new org. You don’t need a password because Salesforce DX stores a cached authentication token on your machine for the new scratch org. 

Push Metadata Into the Scratch Org

Now that you’ve created your scratch org, you’re ready to push metadata into the scratch org. 

  1. Push the metadata in the project you installed into your scratch org.  
    sfdx force:source:push

    The terminal displays a list of the metadata components you pushed with each item’s full name, type, and project path. You should see Services__c, Services__c.All, SKU__c, and Services__c listed.

    The terminal window header showing successfully pushed metadata components.

Create the Sales Manager Permission Set 

Next, you create the Sales Manager permission set in the scratch org.

  1. Open your scratch org.
    sfdx force:org:open
  2. While in Setup, in the Quick Find box, enter Permission Sets and then select Permission Sets.
  3. Click New and define the permission set.
    • Label:  Sales Manager
    • API Name: Sales_Manager
  4. Click Save.

Now that you have a new permission set, you need to modify the object permissions you want to associate with this permission set. 

First, you add permissions for sales managers to access the Services custom object. 

  1. Click Object Settings.
  2. Click Services.
  3. Click Edit.
  4. For object permissions, select Read and View All.
  5. For tab permissions, select Available and Visible.
  6. Click Save.

Sales managers need to view all SKU records too, so you’ll give them access to the SKU custom object. 

  1. Click Object Settings.
  2. Click SKUs.
  3. Click Edit.
  4. For object permissions, select Read and View All.
  5. Click Save.

And with that, our Sales Manager permission set is complete. Now, with this permission set assigned, sales managers can read and view all SKU and Services records.

Add the Permission Set to the Project

Time to pull changes from the scratch org into the project.

  1. Pull the changes from your scratch org into your unlocked package.
    sfdx force:source:pull

    The terminal window lists the assets that were successfully pulled, displaying each asset’s state, full name, type, and project path. You should see the Sales_Manager permission set.
    The terminal lists the Sales_Manager permission set added to force-app/main/default/permissionsets.

You’ve created a custom permission set in a scratch org, and pulled it into the project. Next, you create a new version of your package and then promote the new version to released status. Your development team will use the release version of the package to build other salesApps components.


Keep learning for
Sign up for an account to continue.
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities