Fixes #17869: Add validations in place for salesforce connection (#17870

)

ingestion/src/metadata/examples/workflows/salesforce.yaml

@@ -7,6 +7,7 @@ source:
       username: username
       password: password
       securityToken: securityToken
+      organizationId: organizationId
       sobjectName: sobjectName
       # sslConfig:
       #   caCertificate: |

ingestion/src/metadata/ingestion/source/database/salesforce/connection.py

@@ -15,7 +15,6 @@
 from typing import Optional
 
 from simple_salesforce.api import Salesforce
-from sqlalchemy.engine import Engine
 
 from metadata.generated.schema.entity.automations.workflow import (
     Workflow as AutomationWorkflow,
@@ -27,14 +26,17 @@
 from metadata.ingestion.ometa.ometa_api import OpenMetadata
 
 
-def get_connection(connection: SalesforceConnection) -> Engine:
+def get_connection(connection: SalesforceConnection) -> Salesforce:
     """
     Create connection
     """
     return Salesforce(
         username=connection.username,
         password=connection.password.get_secret_value(),
-        security_token=connection.securityToken.get_secret_value(),
+        security_token=connection.securityToken.get_secret_value()
+        if connection.securityToken
+        else "",
+        organizationId=connection.organizationId if connection.organizationId else "",
         domain=connection.salesforceDomain,
         version=connection.salesforceApiVersion,
         **connection.connectionArguments.root if connection.connectionArguments else {},

openmetadata-docs/content/v1.5.x/connectors/database/salesforce/index.md

@@ -49,6 +49,13 @@ These are the permissions you will require to fetch the metadata from Salesforce
 - **Username**: Username to connect to the Salesforce. This user should have the access as defined in requirements.
 - **Password**: Password to connect to Salesforce.
 - **Security Token**: Salesforce Security Token is required to access the metadata through APIs. You can checkout [this doc](https://help.salesforce.com/s/articleView?id=sf.user_security_token.htm&type=5) on how to get the security token.
+- **Organization ID**: Salesforce Organization ID is the unique identifier for your Salesforce identity. You can check out [this doc](https://help.salesforce.com/s/articleView?id=000385215&type=1) on how to get the your Salesforce Organization ID.
+  {% note %}
+  **Note**: You need to provide `15` digit organization id in this section. for e.g. `00DIB000004nDEq`, which you can find by following the steps mentioned in above doc (`Salesforce dashboard->Setup->Company Profile->Company Information->Salesforce.com Organization Id`).
+  {% /note %}
+  {% note %}
+  **Note**: If you want to access salesforce metadata without token(only by using organization id), you will need to setup your ip in trusted ip ranges. You can go (`Salesforce dashboard->Setup->Security->Network Access->Trusted IP Ranges`) to configure this. You can check [here](https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5) to configure your ip in trusted ip ranges.
+  {% /note %}
 - **Salesforce Object Name**: Specify the Salesforce Object Name in case you want to ingest a specific object.  If left blank, we will ingest all the Objects.
 - **Salesforce API Version**: Follow the steps mentioned [here](https://help.salesforce.com/s/articleView?id=000386929&type=1) to get the API version. Enter the numerical value in the field, For example `42.0`.
 - **Salesforce Domain**: When connecting to Salesforce, you can specify the domain to use for accessing the platform. The common domains include `login` and `test`, and you can also utilize Salesforce My Domain.

openmetadata-docs/content/v1.5.x/connectors/database/salesforce/yaml.md

@@ -83,18 +83,30 @@ This is a sample config for Salesforce:
 
 {% codeInfo srNumber=5 %}
 
-**sobjectName**: Specify the Salesforce Object Name in case you want to ingest a specific object.  If left blank, we will ingest all the Objects.
+**Organization ID**: Salesforce Organization ID is the unique identifier for your Salesforce identity. You can check out [this doc](https://help.salesforce.com/s/articleView?id=000385215&type=1) on how to get the your Salesforce Organization ID.
+{% note %}
+**Note**: You need to provide `15` digit organization id in this section. for e.g. `00DIB000004nDEq`, which you can find by following the steps mentioned in above doc (`Salesforce dashboard->Setup->Company Profile->Company Information->Salesforce.com Organization Id`).
+{% /note %}
+{% note %}
+**Note**: If you want to access salesforce metadata without token(only by using organization id), you will need to setup your ip in trusted ip ranges. You can go (`Salesforce dashboard->Setup->Security->Network Access->Trusted IP Ranges`) to configure this. You can check [here](https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5) to configure your ip in trusted ip ranges.
+{% /note %}
 
 {% /codeInfo %}
 
 {% codeInfo srNumber=6 %}
 
-**salesforceApiVersion**: Follow the steps mentioned [here](https://help.salesforce.com/s/articleView?id=000386929&type=1) to get the API version. Enter the numerical value in the field, For example `42.0`.
+**sobjectName**: Specify the Salesforce Object Name in case you want to ingest a specific object.  If left blank, we will ingest all the Objects.
 
 {% /codeInfo %}
 
 {% codeInfo srNumber=7 %}
 
+**salesforceApiVersion**: Follow the steps mentioned [here](https://help.salesforce.com/s/articleView?id=000386929&type=1) to get the API version. Enter the numerical value in the field, For example `42.0`.
+
+{% /codeInfo %}
+
+{% codeInfo srNumber=8 %}
+
 **salesforceDomain**: When connecting to Salesforce, you can specify the domain to use for accessing the platform. The common domains include `login` and `test`, and you can also utilize Salesforce My Domain.
 By default, the domain `login` is used for accessing Salesforce.
 
@@ -108,13 +120,13 @@ By default, the domain `login` is used for accessing Salesforce.
 
 #### Advanced Configuration
 
-{% codeInfo srNumber=8 %}
+{% codeInfo srNumber=9 %}
 
 **Connection Options (Optional)**: Enter the details for any additional connection options that can be sent to database during the connection. These details must be added as Key-Value pairs.
 
 {% /codeInfo %}
 
-{% codeInfo srNumber=9 %}
+{% codeInfo srNumber=10 %}
 
 **Connection Arguments (Optional)**: Enter the details for any additional connection arguments such as security or protocol configs that can be sent to database during the connection. These details must be added as Key-Value pairs.
 
@@ -144,19 +156,22 @@ source:
       securityToken: securityToken
 ```
 ```yaml {% srNumber=5 %}
-      sobjectName: sobjectName
+      organizationId: organizationId
 ```
 ```yaml {% srNumber=6 %}
-      salesforceApiVersion: 42.0
+      sobjectName: sobjectName
 ```
 ```yaml {% srNumber=7 %}
-      salesforceDomain: login
+      salesforceApiVersion: 42.0
 ```
 ```yaml {% srNumber=8 %}
+      salesforceDomain: login
+```
+```yaml {% srNumber=9 %}
       # connectionOptions:
       #   key: value
 ```
-```yaml {% srNumber=9 %}
+```yaml {% srNumber=10 %}
       # connectionArguments:
       #   key: value
 ```

openmetadata-docs/content/v1.5.x/main-concepts/metadata-standard/schemas/entity/services/connections/database/salesforceConnection.md

@@ -13,6 +13,7 @@ slug: /main-concepts/metadata-standard/schemas/entity/services/connections/datab
 - **`username`** *(string)*: Username to connect to the Salesforce. This user should have privileges to read all the metadata in Redshift.
 - **`password`** *(string)*: Password to connect to the Salesforce.
 - **`securityToken`** *(string)*: Salesforce Security Token.
+- **`organizationId`** *(string)*: Salesforce Organization ID.
 - **`sobjectName`** *(string)*: Salesforce Object Name.
 - **`databaseName`** *(string)*: Optional name to give to the database in OpenMetadata. If left blank, we will use default as the database name.
 - **`salesforceApiVersion`** *(string)*: API version of the Salesforce instance. Default: `42.0`.

openmetadata-docs/content/v1.6.x-SNAPSHOT/connectors/database/salesforce/index.md

@@ -49,6 +49,13 @@ These are the permissions you will require to fetch the metadata from Salesforce
 - **Username**: Username to connect to the Salesforce. This user should have the access as defined in requirements.
 - **Password**: Password to connect to Salesforce.
 - **Security Token**: Salesforce Security Token is required to access the metadata through APIs. You can checkout [this doc](https://help.salesforce.com/s/articleView?id=sf.user_security_token.htm&type=5) on how to get the security token.
+- **Organization ID**: Salesforce Organization ID is the unique identifier for your Salesforce identity. You can check out [this doc](https://help.salesforce.com/s/articleView?id=000385215&type=1) on how to get the your Salesforce Organization ID.
+  {% note %}
+  **Note**: You need to provide `15` digit organization id in this section. for e.g. `00DIB000004nDEq`, which you can find by following the steps mentioned in above doc (`Salesforce dashboard->Setup->Company Profile->Company Information->Salesforce.com Organization Id`).
+  {% /note %}
+  {% note %}
+  **Note**: If you want to access salesforce metadata without token(only by using organization id), you will need to setup your ip in trusted ip ranges. You can go (`Salesforce dashboard->Setup->Security->Network Access->Trusted IP Ranges`) to configure this. You can check [here](https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5) to configure your ip in trusted ip ranges.
+  {% /note %}
 - **Salesforce Object Name**: Specify the Salesforce Object Name in case you want to ingest a specific object.  If left blank, we will ingest all the Objects.
 - **Salesforce API Version**: Follow the steps mentioned [here](https://help.salesforce.com/s/articleView?id=000386929&type=1) to get the API version. Enter the numerical value in the field, For example `42.0`.
 - **Salesforce Domain**: When connecting to Salesforce, you can specify the domain to use for accessing the platform. The common domains include `login` and `test`, and you can also utilize Salesforce My Domain.

openmetadata-docs/content/v1.6.x-SNAPSHOT/connectors/database/salesforce/yaml.md

@@ -83,17 +83,28 @@ This is a sample config for Salesforce:
 
 {% codeInfo srNumber=5 %}
 
+**Organization ID**: Salesforce Organization ID is the unique identifier for your Salesforce identity. You can check out [this doc](https://help.salesforce.com/s/articleView?id=000385215&type=1) on how to get the your Salesforce Organization ID.
+{% note %}
+**Note**: You need to provide `15` digit organization id in this section. for e.g. `00DIB000004nDEq`, which you can find by following the steps mentioned in above doc (`Salesforce dashboard->Setup->Company Profile->Company Information->Salesforce.com Organization Id`).
+{% /note %}
+{% note %}
+**Note**: If you want to access salesforce metadata without token(only by using organization id), you will need to setup your ip in trusted ip ranges. You can go (`Salesforce dashboard->Setup->Security->Network Access->Trusted IP Ranges`) to configure this. You can check [here](https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5) to configure your ip in trusted ip ranges.
+{% /note %}
+{% /codeInfo %}
+
+{% codeInfo srNumber=6 %}
+
 **sobjectName**: Specify the Salesforce Object Name in case you want to ingest a specific object.  If left blank, we will ingest all the Objects.
 
 {% /codeInfo %}
 
-{% codeInfo srNumber=6 %}
+{% codeInfo srNumber=7 %}
 
 **salesforceApiVersion**: Follow the steps mentioned [here](https://help.salesforce.com/s/articleView?id=000386929&type=1) to get the API version. Enter the numerical value in the field, For example `42.0`.
 
 {% /codeInfo %}
 
-{% codeInfo srNumber=7 %}
+{% codeInfo srNumber=8 %}
 
 **salesforceDomain**: When connecting to Salesforce, you can specify the domain to use for accessing the platform. The common domains include `login` and `test`, and you can also utilize Salesforce My Domain.
 By default, the domain `login` is used for accessing Salesforce.
@@ -108,13 +119,13 @@ By default, the domain `login` is used for accessing Salesforce.
 
 #### Advanced Configuration
 
-{% codeInfo srNumber=8 %}
+{% codeInfo srNumber=9 %}
 
 **Connection Options (Optional)**: Enter the details for any additional connection options that can be sent to database during the connection. These details must be added as Key-Value pairs.
 
 {% /codeInfo %}
 
-{% codeInfo srNumber=9 %}
+{% codeInfo srNumber=10 %}
 
 **Connection Arguments (Optional)**: Enter the details for any additional connection arguments such as security or protocol configs that can be sent to database during the connection. These details must be added as Key-Value pairs.
 
@@ -144,19 +155,22 @@ source:
       securityToken: securityToken
 ```
 ```yaml {% srNumber=5 %}
-      sobjectName: sobjectName
+      organizationId: organizationId
 ```
 ```yaml {% srNumber=6 %}
-      salesforceApiVersion: 42.0
+      sobjectName: sobjectName
 ```
 ```yaml {% srNumber=7 %}
-      salesforceDomain: login
+      salesforceApiVersion: 42.0
 ```
 ```yaml {% srNumber=8 %}
+      salesforceDomain: login
+```
+```yaml {% srNumber=9 %}
       # connectionOptions:
       #   key: value
 ```
-```yaml {% srNumber=9 %}
+```yaml {% srNumber=10 %}
       # connectionArguments:
       #   key: value
 ```

openmetadata-docs/content/v1.6.x-SNAPSHOT/main-concepts/metadata-standard/schemas/entity/services/connections/database/salesforceConnection.md

@@ -13,6 +13,7 @@ slug: /main-concepts/metadata-standard/schemas/entity/services/connections/datab
 - **`username`** *(string)*: Username to connect to the Salesforce. This user should have privileges to read all the metadata in Redshift.
 - **`password`** *(string)*: Password to connect to the Salesforce.
 - **`securityToken`** *(string)*: Salesforce Security Token.
+- **`organizationId`** *(string)*: Salesforce Organization ID.
 - **`sobjectName`** *(string)*: Salesforce Object Name.
 - **`databaseName`** *(string)*: Optional name to give to the database in OpenMetadata. If left blank, we will use default as the database name.
 - **`salesforceApiVersion`** *(string)*: API version of the Salesforce instance. Default: `42.0`.

openmetadata-spec/src/main/resources/json/schema/entity/services/connections/database/salesforceConnection.json

@@ -37,6 +37,11 @@
       "type": "string",
       "format": "password"
     },
+    "organizationId": {
+      "title": "Salesforce Organization ID",
+      "description": "Salesforce Organization ID is the unique identifier for your Salesforce identity",
+      "type": "string"
+    },
     "sobjectName": {
       "title": "Object Name",
       "description": "Salesforce Object Name.",

openmetadata-ui/src/main/resources/ui/public/locales/en-US/Database/Salesforce.md

@@ -32,6 +32,16 @@ $$section
 Salesforce Security Token is required to access the metadata through APIs. You can check out [this doc](https://help.salesforce.com/s/articleView?id=sf.user_security_token.htm&type=5) on how to get the security token.
 $$
 
+$$section
+### Organization ID $(id="organizationId")
+
+Salesforce Organization ID is the unique identifier for your Salesforce identity. You can check out [this doc](https://help.salesforce.com/s/articleView?id=000385215&type=1) on how to get the your Salesforce Organization ID.
+
+**Note**: You need to provide `15` digit organization id in this section. for e.g. `00DIB000004nDEq`, which you can find by following the steps mentioned in above doc (`Salesforce dashboard->Setup->Company Profile->Company Information->Salesforce.com Organization Id`).
+
+**Note**: If you want to access salesforce metadata without token(only by using organization id), you will need to setup your ip in trusted ip ranges. You can go (`Salesforce dashboard->Setup->Security->Network Access->Trusted IP Ranges`) to configure this. You can check [here](https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5) to configure your ip in trusted ip ranges.
+$$
+
 $$section
 ### Object Name $(id="sobjectName")