Permission Checker

The CopyStorm/Medic Permission Checker will find Salesforce tables and fields that are visible using the Salesforce metadata API but are not visible for backup using the current Salesforce credentials.

It is a common misconception that a member of the Salesforce Administrator group can see all table and fields in a Salesforce instance. In practice, there are even many standard Salesforce fields that a Salesforce Administrator cannot view by default. The Permission Checker helps you find these tables and fields.

Running the Permission Checker in a GUI

Running the Permission Checker involves clicking on a single button – Start Scanning Metadata.

  • The Salesforce user credentials provided to the Permissions Checker must have access to read the Salesforce metadata definitions for each object.
  • Use of the metadata API requires the system permission “Modify Metadata Through Metadata API Functions.”

Do not be alarmed when you find a lot of fields that are not visible to a Salesforce Administrator. Most likely you are not using them in your instance.

Running Permission Checker as a Batch Job

The Permission Checker tool can be run as a batch job using the following syntax:

  • Windows
    • CopyStormMedic.bat -tool findPermissionErrors -run configFile.copyStormMedic
  • Linux
    • sh CopyStormMedic.sh -tool findPermissionErrors -run configFile.copyStormMedic