I am deploying with sfdx GitHub updated custom profile(originally cloned from System Admin profiles) and edited permissions(CRUD access) on ONE objects and field level. I retrieved metadata, but it does not show in metadata object permissions?, then I deployed whole custom profile metadata to my own branch, then PR and merged into higher environment. It deploys successful, but When deployed to higher environment it overwrites ALL object permissions, not just one I edited and set all CRUD to true on ALL standard an custom objects. What could be the reason for overwriting and setting all check boxes for CRUD perm to true and how could I resolve it.
1
- 3Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer.Community– Community Bot2023-12-14 04:50:54 +00:00Commented Dec 14, 2023 at 4:50
Add a comment |
1 Answer
I think understand your issue with deploying profiles using SFDX and how it's overwriting all object permissions instead of just the ones you edited. The good news is that with SFDX, you don't have to deploy the entire profile. You can choose to deploy only the parts that you changed.
For example, let's say you have a profile like this before any changes:
<!-- Original Profile --> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <Profile xmlns="http://soap.sforce.com/2006/04/metadata"> <objectPermissions> <allowCreate>true</allowCreate> <allowDelete>true</allowDelete> <allowEdit>true</allowEdit> <allowRead>true</allowRead> <modifyAllRecords>true</modifyAllRecords> <object>Account</object> <viewAllRecords>true</viewAllRecords> </objectPermissions> <objectPermissions> <allowCreate>true</allowCreate> <allowDelete>false</allowDelete> <allowEdit>false</allowEdit> <allowRead>true</allowRead> <modifyAllRecords>true</modifyAllRecords> <object>Contact</object> <viewAllRecords>true</viewAllRecords> </objectPermissions> <version>59.0</version> </Profile> and we just want to allow edit for the Contact object, we can just deploy:
<!-- Updated Profile --> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <Profile xmlns="http://soap.sforce.com/2006/04/metadata"> <objectPermissions> <allowCreate>true</allowCreate> <allowDelete>false</allowDelete> <allowEdit>true</allowEdit> <allowRead>true</allowRead> <modifyAllRecords>true</modifyAllRecords> <object>Contact</object> <viewAllRecords>true</viewAllRecords> </objectPermissions> <version>59.0</version> </Profile> By doing this, you ensure that you're not overwriting the existing settings in the target Org.
Additionally, there are tools that can help you with partial deployments by identifying your changes and creating a "delta" of these changes. One such tool is sfdx-git-delta, this tool will help you generate the exact changes you made since a reference commit, making it easier to deploy only what's necessary.
I hope this helps resolve your problem!
