This framework allow users to configure some data masking operations on Sandbox environments.
Mask SObject Framework is not an official Salesforce product, it has not been officially tested or documented by Salesforce.
The configuration is based on two objects:
- MaskSObject__c : object to mask with options such as the order sequence and the where clause
- MaskSObjectField___c : field to mask and the option of masking (erase, randomize ...)
To assign required pset run following command:
sfdx force:apex:execute -f scripts/assignPset.apexIf you want to insert demo data, please run following command:
sfdx force:apex:execute -f scripts/importDemo.apexThe maskfield actions will be executed only if the Mode__c is set to 'One_shot' or 'Both' values.
- With execute anonymous and the following code
- To run the masking on all objects
MaskSObjectUtils.executeBatch('%');- To run on a particular SObject
MaskSObjectUtils.executeBatch('Contact');You can schedule MaskSObjectBatchSchedulable class to execute periodically. Since this usage is quite different from the one-shot anonymization and address project run business needs, the maskfield actions will be executed only if the Mode__c is set to 'Scheduled' or 'Both'
Using Launch Batch LWC
-
Randomize:
- Generate a X char String based on
Crypto.generateAesKey(128);method where X is the number of characters of the input to anonymize.'SALESFORCE.COM FRANCE' => 'iih5e2UT0qGZ8fJaNCbTT'
- Generate a X char String based on
-
Random Luhn number
- Generate a number considered as valid by Luhn algorithm Luhn algorithm, the number of characters to generate is calculated from the original input field value.
-
Obfuscate:
- Replace and lowercase following chars (customizable in settings)
{'a', 'e', 'i', 'o', '1', '2', '5', '6'};by'x''SALESFORCE.COM FRANCE' => 'sxlxsfxrcx.cxm frxncx'
- Replace and lowercase following chars (customizable in settings)
-
Erase:
-
'SALESFORCE.COM FRANCE' => ''
-
-
Replace:
- Actions Types:
- Hardcoded: You must insert an hardcoded value in Value__c field to replace the current field value with hardcoded one.
- Dictionary:
- You can choose different dictionary fields to replace the current value Firstname, Lastname, Fullname, Email, Company Name, Street.
- A random line from MaskSObjectDictionary.json file will be selected to fill the field.
Dictionary Firstname : 'Thomas' => 'Corie', Dictionary Fullname : 'John Doe' => 'Corie Joberne' ...
- Actions Types:
The data dictionary is stored in MaskSObjectDictionary.json StaticResource. You can edit this file and replace the current values with yours if you need more common names for a particular country for example.
Website used to generate the data https://www.mockaroo.com/
- Standard Email
- We mask only the part before the domain name
- We mask only the part before the domain name
- Standard Phone
- We mask only the part after the two first char
'0612345678' => '0600340078'
- We mask only the part after the two first char
You can customize some options by editing MaskSObjectSettings__mdt Default Custom Metadata
- Allow execution on prod : enable this option to be able to run the batch on PROD (otherwise soql query returns no rows)
- Configure the number of digits to preserve in standard Phone fields.
Mask SObject Framework may throw some errors during the run, due to validation rules or implementation specificity in your org. To be able to track and manage those errors, we implemented the MaskSObjectError__c object.
If you want to, you can disable the error's record creation in the custom metadata settings.
You can manage logs purge with the framework SObject Purge Framework
Checkout the repo and deploy it with sfdx:
sfdx force:source:deploy -p force-appUse GitHub Salesforce Deploy Tool:
