Create a Permission Set and Add It to Your Package
In this step, you create an unlocked package and put the new permission set in the package.
- To create a new unlocked package named salesApps, run this command:
sfdx force:package:create --name salesApps --description "My Package" --packagetype Unlocked --path force-app --nonamespace --targetdevhubusername DevHub
The terminal window returns “Successfully created a package” followed by the Package Id.
You created a package that contains the metadata in your project’s force-app directory.
- In VS Code, expand the PermSetUnlockedPackage folder, and then open the sfdx-project.json file. The JSON file opens in the editor window.
Take note of the package name and Id under packageAliases. You use them later in this project.
Scratch orgs are defined by the project-scratch-def.json file, which resides in a project’s config
directory. Because we’re working with a new Salesforce DX project (the PermSetUnlockedPackage
directory), our project-scratch-def.json file will be pretty basic.
- To create a scratch org, run this command, which typically takes less than a minute:
sfdx force:org:create -f config/project-scratch-def.json -s
The terminal displays “Successfully created scratch org” followed by the org ID and username. Notice that no password is provided for the username for the new org. You don’t need a password because Salesforce DX stores a cached authentication token on your machine for the new scratch org.
Now that you’ve created your scratch org, you’re ready to push metadata into the scratch org.
- Push the metadata in the project you installed into your scratch org.
sfdx force:source:push
The terminal displays a list of the metadata components you pushed with each item’s full name, type, and project path. You should seeServices__c
,Services__c.All
,SKU__c
, andServices__c
listed.
Next, you create the Sales Manager permission set in the scratch org.
- Open your scratch org.
sfdx force:org:open
- While in Setup, in the Quick Find box, enter
Permission Sets
and then select Permission Sets. - Click New and define the permission set.
- Label:
Sales Manager
- API Name:
Sales_Manager
- Label:
- Click Save.
Now that you have a new permission set, you need to modify the object permissions you want to associate with this permission set.
First, you add permissions for sales managers to access the Services custom object.
- Click Object Settings.
- Click Services.
- Click Edit.
- For object permissions, select Read and View All.
- For tab permissions, select Available and Visible.
- Click Save.
Sales managers need to view all SKU records too, so you’ll give them access to the SKU custom object.
- Click Object Settings.
- Click SKUs.
- Click Edit.
- For object permissions, select Read and View All.
- Click Save.
And with that, our Sales Manager permission set is complete. Now, with this permission set assigned, sales managers can read and view all SKU and Services records.
Time to pull changes from the scratch org into the project.
- Pull the changes from your scratch org into your unlocked package.
sfdx force:source:pull
The terminal window lists the assets that were successfully pulled, displaying each asset’s state, full name, type, and project path. You should see theSales_Manager
permission set.
You’ve created a custom permission set in a scratch org, and pulled it into the project. Next, you create a new version of your package and then promote the new version to released status. Your development team will use the release version of the package to build other salesApps components.