1. Scott Wells Avatar Scott Wells
  2. Illuminated Cloud
  3. IlluminatedCloud
  4. Issues

Profile Updates made when connecting to an org

Issue #1871 resolved
Christopher Tufts created an issue

I have a dev on my team who is new to WS/IC and she recently connected to our prod instance to track some debug logs.

  1. She created a new project using the older connection method (non-sfdx).
  2. Selected the metadata to retrieve

  3. began reviewing debug logs

    1. she said that she never saved anything or performed any updates

  4. several object FLS were set to R/O for the Sys Admin user (her user’s profile) at the same time as her initial connections

We tracked all of this down using the audit log and login history.

A login occurred from her IP then all these FLS changes occurred. see attachment for an example of what changed, it seems rather randomly selected as well.

Any thoughts?

I figured creating a new org connection should be a safe operation as nothing should be writing back to that org during this process…

Comments (4)

  3. Christopher Tufts reporter

    Thanks Scott, I am sure thats what happened.

    Is there a default option for that anywhere so that we can avoid this in the futur. Is this only for manually connected orgs? or do we need to worry about this occurring for orgs that we use sfdx to connect to?

    Honestly this is something that I have never run into, but I always connect with sfdx

    thanks

  4. Scott Wells repo owner

    That option is automatically enabled when you create a connection to something that's assumed to be "owned" by the developer, e.g., a Developer Edition org or a scratch org. For orgs that are generally shared, e.g., sandboxes and production orgs, that option is disabled by default.

    There's not currently any way to disable it globally.

  5. Log in to comment
Assignee
Type
bug
Priority
critical
Status
resolved
Component
Project Configuration
Version
2.1.6.8
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!