Get CRUD perms on objects given a set of profiles. This list of objects here is the set of QualifiedApiNames of all Licensed Custom Objects delivered by Salesforce CPQ and Advanced Approvals packages.
SELECT
SobjectType,
Parent.Profile.Name,
PermissionsCreate,
PermissionsRead,
PermissionsEdit,
PermissionsDelete,
PermissionsViewAllRecords,
PermissionsModifyAllRecords
FROM ObjectPermissions
WHERE SobjectType IN (
'sbaa__Approval__c',
'sbaa__ApprovalCondition__c',
'sbaa__ApprovalRule__c',
'sbaa__ApprovalSnapshot__c',
'SBQQ__ConfigurationRule__c',
'SBQQ__ErrorCondition__c',
'SBQQ__LineColumn__c',
'SBQQ__LookupQuery__c',
'SBQQ__PriceAction__c',
'SBQQ__PriceCondition__c',
'SBQQ__PriceRule__c',
'SBQQ__PricingGuidance__c',
'SBQQ__PricingGuidanceTier__c',
'SBQQ__ProductAction__c',
'SBQQ__ProductRule__c',
'SBQQ__Quote__c',
'SBQQ__QuoteDocument__c',
'SBQQ__QuoteLine__c',
'SBQQ__QuoteLineConsumptionRate__c',
'SBQQ__QuoteLineConsumptionSchedule__c',
'SBQQ__QuoteLineGroup__c',
'SBQQ__QuoteLinePricingGuidance__c',
'SBQQ__QuoteTemplate__c',
'SBQQ__SubscribedAsset__c',
'SBQQ__Subscription__c',
'SBQQ__SubscriptionConsumptionRate__c',
'SBQQ__SubscriptionConsumptionSchedule__c',
'SBQQ__TemplateSection__c'
)
AND
ParentId IN (
SELECT Id
FROM PermissionSet
WHERE PermissionSet.Profile.Name IN (
'Profile Name'
)
)
ORDER BY Parent.Profile.Name, SobjectType
Get read and edit perms for all fields of all objects for a given profile
SELECT
sObjectType,
Field,
PermissionsRead,
PermissionsEdit
FROM FieldPermissions
WHERE
ParentId IN (
SELECT Id
FROM PermissionSet
WHERE PermissionSet.Profile.Name = '<ProfileName>'
)
ORDER BY sObjectType, Field
All on one line:
SELECT sObjectType, Field, PermissionsRead, PermissionsEdit FROM FieldPermissions WHERE ParentId IN ( SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name = 'LD - Finance Backup') ORDER BY sObjectType, Field
Get read and edit perms for a specific field in a specific object for a given profile. Note: Field here is of the form sbojectApiName.fieldApiName.
SELECT sObjectType,
Field,
PermissionsRead,
PermissionsEdit
FROM FieldPermissions
WHERE ParentId IN (
SELECT Id
FROM PermissionSet
WHERE PermissionSet.Profile.Name = '<ProfileName>'
)
AND sObjectType = '<sObject API Name>'
AND Field = 'Field API Name'
ORDER BY sObjectType, Field
All on one line:
SELECT sObjectType, Field, PermissionsRead, PermissionsEdit FROM FieldPermissions WHERE ParentId IN (SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name = '<ProfileName>') AND sObjectType = '<sObject API Name>' AND Field = 'Field API Name' ORDER BY sObjectType, Field
Note: Field here is of the form sbojectApiName.fieldApiName.
SELECT
Parent.Profile.Name,
sObjectType,
Field,
PermissionsRead,
PermissionsEdit
FROM FieldPermissions
WHERE ParentId IN (
SELECT Id
FROM PermissionSet
WHERE PermissionSet.Profile.Name IN (
'LD - Finance User',
'LD - Finance Backup'
)
)
AND sObjectType = 'Opportunity'
AND (
Field = 'Opportunity.Requires_Channel_Approval__c'
OR Field='Opportunity.Wavelink_Quote_Comments__c'
)
ORDER BY Parent.Name, sObjectType, Field
All on one line
"SELECT Parent.Profile.Name, sObjectType, Field, PermissionsRead, PermissionsEdit FROM FieldPermissions WHERE ParentId IN ( SELECT Id FROM PermissionSet WHERE PermissionSet.Profile.Name IN ('LD - Finance User','LD - Finance Backup')) AND sObjectType = 'Opportunity' AND (Field = 'Opportunity.Requires_Channel_Approval__c' OR Field='Opportunity.Wavelink_Quote_Comments__c') ORDER BY Parent.Name, sObjectType, Field
Note: Field here is of the form sbojectApiName.fieldApiName.
SELECT sObjectType,
Field,
PermissionsRead,
PermissionsEdit,
Parent.Profile.Name
FROM FieldPermissions
WHERE sObjectType = '<sobjectApiName>'
AND Field = '<sobjectApiName>.<fieldApiName>'
ORDER BY sObjectType, Parent.Profile.Name, Field
All on one line:
SELECT sObjectType, Field, PermissionsRead, PermissionsEdit, Parent.Profile.NameFROM FieldPermissions WHERE sObjectType = '<sobjectApiName>' AND Field = '<sobjectApiName>.<fieldApiName>' ORDER BY sObjectType, Parent.Profile.Name, Field