First commit.

.eslintignore

@@ -0,0 +1,15 @@
+**/lwc/**/*.css
+**/lwc/**/*.html
+**/lwc/**/*.json
+**/lwc/**/*.svg
+**/lwc/**/*.xml
+**/aura/**/*.auradoc
+**/aura/**/*.cmp
+**/aura/**/*.css
+**/aura/**/*.design
+**/aura/**/*.evt
+**/aura/**/*.json
+**/aura/**/*.svg
+**/aura/**/*.tokens
+**/aura/**/*.xml
+.sfdx

.forceignore

@@ -0,0 +1,12 @@
+# List files or directories below to ignore them when running force:source:push, force:source:pull, and force:source:status
+# More information: https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_exclude_source.htm
+#
+
+package.xml
+
+# LWC configuration files
+**/jsconfig.json
+**/.eslintrc.json
+
+# LWC Jest
+**/__tests__/**

.gitignore

@@ -0,0 +1,37 @@
+# This file is used for Git repositories to specify intentionally untracked files that Git should ignore.
+# If you are not using git, you can delete this file. For more information see: https://git-scm.com/docs/gitignore
+# For useful gitignore templates see: https://github.com/github/gitignore
+
+# Salesforce cache
+.sfdx/
+.localdevserver/
+
+# LWC VSCode autocomplete
+**/lwc/jsconfig.json
+
+# LWC Jest coverage reports
+coverage/
+
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Dependency directories
+node_modules/
+
+# Eslint cache
+.eslintcache
+
+# MacOS system files
+.DS_Store
+
+# Windows system files
+Thumbs.db
+ehthumbs.db
+[Dd]esktop.ini
+$RECYCLE.BIN/
+
+.vscode/

.prettierignore

@@ -0,0 +1,10 @@
+# List files or directories below to ignore them when running prettier
+# More information: https://prettier.io/docs/en/ignore.html
+#
+
+**/staticresources/**
+.localdevserver
+.sfdx
+.vscode
+
+coverage/

.prettierrc

@@ -0,0 +1,13 @@
+{
+  "trailingComma": "none",
+  "overrides": [
+    {
+      "files": "**/lwc/**/*.html",
+      "options": { "parser": "lwc" }
+    },
+    {
+      "files": "*.{cmp,page,component}",
+      "options": { "parser": "html" }
+    }
+  ]
+}

LICENSE

@@ -0,0 +1,9 @@
+ The MIT License (MIT)
+
+Copyright © 2020 Renato Oliveira
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,27 @@
+# Record Access Display
+
+The RAD Lightning Web Component displays which users have access to the current entity. It might be useful for admins to check out which users and groups have access to the record being currently displayed.
+
+When a record is accessed:
+
+![](screenshots/admin.png)
+
+When the (admin) user searches for another user's access to the current record:
+
+![](screenshots/search.png)
+
+In this example, the "integration user" was searched (as its username is something like `[email protected]`, and its name is "Integration User").
+
+## Usage
+
+Drag the Record Access Display component to the Lightning Page of an object you want.
+
+**It is recommended that ou set it to display only for administrators.**
+
+## Why?
+
+Because I've become tired of questions like "but does this user have access?" in a production environment where other people have played with permissions and profiles. Hopefully with this component this type of question can easily be answered without opening the console or typing a query.
+
+## How?
+
+This component calls an Apex class that queries the UserRecordAccess internal object for the access to the current record.

config/project-scratch-def.json

@@ -0,0 +1,18 @@
+{
+  "orgName": "renatosilva company",
+  "edition": "Developer",
+  "features": [],
+  "settings": {
+    "lightningExperienceSettings": {
+      "enableS1DesktopEnabled": true
+    },
+    "securitySettings": {
+      "passwordPolicies": {
+        "enableSetPasswordInApi": true
+      }
+    },
+    "mobileSettings": {
+      "enableS1EncryptedStoragePref2": false
+    }
+  }
+}

force-app/main/default/classes/RecordAccessDisplayController.cls

@@ -0,0 +1,40 @@
+@SuppressWarnings('PMD.ApexCRUDViolation')
+public without sharing class RecordAccessDisplayController {
+
+    @AuraEnabled
+    public static List<User> searchUsers(String searchTerm) {
+        if (searchTerm == null || searchTerm.length() < 3) {
+            return new List<User>();
+        }
+        searchTerm = '%' + searchTerm + '%';
+        return [
+            SELECT Id, Name
+            FROM User
+            WHERE Email LIKE :searchTerm
+            OR UserName LIKE :searchTerm
+            OR Name LIKE :searchTerm
+        ];
+    }
+
+    @AuraEnabled
+    public static List<UserRecordAccess> getCurrentUserRecordAccess(Id recordId) {
+        return getUserMaxAccessLevelForRecord(recordId, UserInfo.getUserId());
+    }
+
+    @AuraEnabled
+    public static List<UserRecordAccess> getUserMaxAccessLevelForRecord(Id recordId, Id userId) {
+        if (recordId == null || userId == null) {
+            throw new RecordAccessDisplayException('Invalid record ID or user ID.');
+        }
+        return [
+            SELECT
+            RecordId,
+            MaxAccessLevel
+            FROM UserRecordAccess
+            WHERE RecordId = :recordId
+            AND UserId = :userId
+        ];
+    }
+
+    public class RecordAccessDisplayException extends Exception {}
+}

force-app/main/default/classes/RecordAccessDisplayController.cls-meta.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
+    <apiVersion>49.0</apiVersion>
+    <status>Active</status>
+</ApexClass>

force-app/main/default/classes/RecordAccessDisplayControllerTest.cls

@@ -0,0 +1,46 @@
+@IsTest
+private class RecordAccessDisplayControllerTest {
+
+    @IsTest
+    static void testQueryUser() {
+        Test.startTest();
+        List<User> results = RecordAccessDisplayController.searchUsers(UserInfo.getUserEmail());
+        Test.stopTest();
+
+        System.assertNotEquals(0, results.size(), 'Should have got at least one result (the current user).');
+    }
+
+    @IsTest
+    static void testQueryEmptyTerm() {
+        Test.startTest();
+        List<User> results = RecordAccessDisplayController.searchUsers('');
+        Test.stopTest();
+
+        System.assertEquals(0, Limits.getQueries(), 'Should not have run any query.');
+        System.assertEquals(0, results.size(), 'Should have got at least one result (the current user).');
+    }
+
+    @IsTest
+    static void testGetCurrentUserRecordAccess() {
+        Test.startTest();
+        List<UserRecordAccess> result = RecordAccessDisplayController.getCurrentUserRecordAccess(UserInfo.getUserId());
+        Test.stopTest();
+
+        System.assertNotEquals(0, result.size(), 'Should have returned at least the record access for the user record.');
+    }
+
+    @IsTest
+    static void testGetUserMaxAccessLevelForRecord() {
+        Test.startTest();
+        try {
+            List<UserRecordAccess> result = RecordAccessDisplayController.getUserMaxAccessLevelForRecord(null, null);
+            System.assert(false, '');
+        } catch (RecordAccessDisplayController.RecordAccessDisplayException e) {
+            System.assert(true, '');
+        }
+        List<UserRecordAccess> result = RecordAccessDisplayController.getUserMaxAccessLevelForRecord(UserInfo.getUserId(), UserInfo.getUserId());
+        Test.stopTest();
+
+        System.assertNotEquals(0, result.size(), 'Should have returned at least the record access for the user record.');
+    }
+}

force-app/main/default/classes/RecordAccessDisplayControllerTest.cls-meta.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
+    <apiVersion>49.0</apiVersion>
+    <status>Active</status>
+</ApexClass>

force-app/main/default/lwc/.eslintrc.json

@@ -0,0 +1,11 @@
+{
+  "extends": ["@salesforce/eslint-config-lwc/recommended", "prettier"],
+  "overrides": [
+    {
+      "files": ["*.test.js"],
+      "rules": {
+        "@lwc/lwc/no-unexpected-wire-adapter-usages": "off"
+      }
+    }
+  ]
+}

force-app/main/default/lwc/recordAccessDisplay/recordAccessDisplay.html

@@ -0,0 +1,27 @@
+<template>
+    <lightning-card title="Record-level access information" icon-name="custom:custom34">
+        <div class="slds-var-m-around_medium">
+            <lightning-layout>
+                <lightning-layout-item>
+                    <lightning-input
+                        type="text"
+                        label="Search user"
+                        placeholder="use the username, email or name"
+                        onchange={handleSearchTermChange}
+                    ></lightning-input>
+                </lightning-layout-item>
+            </lightning-layout>
+            <lightning-layout>
+                <lightning-layout-item>
+                    <template if:true={userAccessInformation}>
+                        <lightning-input
+                            label="Access level"
+                            value={userAccessInformation.MaxAccessLevel}
+                            read-only>
+                        </lightning-input>
+                    </template>
+                </lightning-layout-item>
+            </lightning-layout>
+        </div>
+    </lightning-card>
+</template>

force-app/main/default/lwc/recordAccessDisplay/recordAccessDisplay.js

@@ -0,0 +1,41 @@
+import { api, LightningElement } from 'lwc';
+import getCurrentUserRecordAccess from "@salesforce/apex/RecordAccessDisplayController.getCurrentUserRecordAccess";
+import searchUsers from "@salesforce/apex/RecordAccessDisplayController.searchUsers";
+import getUserMaxAccessLevelForRecord from "@salesforce/apex/RecordAccessDisplayController.getUserMaxAccessLevelForRecord";
+
+export default class RecordAccessDisplay extends LightningElement {
+    @api recordId
+    @api objectApiName
+
+    userAccessInformation
+    selectedUser
+
+    handleSearchTermChange(event) {
+        if (event && event.target && event.target.value) {
+            searchUsers({ searchTerm: event.target.value }).then(res => {
+                if (Array.isArray(res) && res.length > 0) {
+                    this.selectedUser = res[0]
+                }
+            }).finally(() => {
+                if (this.selectedUser) {
+                    getUserMaxAccessLevelForRecord({
+                        recordId: this.recordId,
+                        userId: this.selectedUser.Id
+                    }).then(res => {
+                        if (Array.isArray(res) && res.length > 0) {
+                            this.userAccessInformation = res[0]
+                        }
+                    })
+                }
+            })
+        }
+    }
+
+    connectedCallback() {
+        getCurrentUserRecordAccess({ recordId: this.recordId }).then(res => {
+            if (Array.isArray(res) && res.length > 0) {
+                this.userAccessInformation = res[0]
+            }
+        })
+    }
+}

force-app/main/default/lwc/recordAccessDisplay/recordAccessDisplay.js-meta.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<LightningComponentBundle xmlns="http://soap.sforce.com/2006/04/metadata">
+    <apiVersion>49.0</apiVersion>
+    <isExposed>true</isExposed>
+    <description>The Record Access Display component shows who has access to the current record.</description>
+    <masterLabel>Record Access Display</masterLabel>
+    <targets>
+        <target>lightning__RecordPage</target>
+    </targets>
+</LightningComponentBundle>

package.json

@@ -0,0 +1,43 @@
+{
+  "name": "salesforce-app",
+  "private": true,
+  "version": "1.0.0",
+  "description": "Salesforce App",
+  "scripts": {
+    "lint": "npm run lint:lwc && npm run lint:aura",
+    "lint:aura": "eslint **/aura/**",
+    "lint:lwc": "eslint **/lwc/**",
+    "test": "npm run test:unit",
+    "test:unit": "sfdx-lwc-jest",
+    "test:unit:watch": "sfdx-lwc-jest --watch",
+    "test:unit:debug": "sfdx-lwc-jest --debug",
+    "test:unit:coverage": "sfdx-lwc-jest --coverage",
+    "prettier": "prettier --write \"**/*.{cls,cmp,component,css,html,js,json,md,page,trigger,xml,yaml,yml}\"",
+    "prettier:verify": "prettier --list-different \"**/*.{cls,cmp,component,css,html,js,json,md,page,trigger,xml,yaml,yml}\""
+  },
+  "devDependencies": {
+    "@prettier/plugin-xml": "^0.10.0",
+    "@salesforce/eslint-config-lwc": "^0.7.0",
+    "@salesforce/eslint-plugin-aura": "^1.4.0",
+    "@salesforce/sfdx-lwc-jest": "^0.9.2",
+    "eslint": "^7.6.0",
+    "eslint-config-prettier": "^6.11.0",
+    "husky": "^4.2.1",
+    "lint-staged": "^10.0.7",
+    "prettier": "^2.0.5",
+    "prettier-plugin-apex": "^1.6.0"
+  },
+  "husky": {
+    "hooks": {
+      "pre-commit": "lint-staged"
+    }
+  },
+  "lint-staged": {
+    "**/*.{cls,cmp,component,css,html,js,json,md,page,trigger,xml,yaml,yml}": [
+      "prettier --write"
+    ],
+    "**/{aura|lwc}/**": [
+      "eslint"
+    ]
+  }
+}