UNPKG

@kwiz/common

Version:

KWIZ common utilities and helpers for M365 platform

github.com/KWizCom/common

480 lines • 23.1 kB

JavaScript

import { filterEmptyEntries, firstOrNull, lastOrNull, normalizeGuid } from "../../exports-index"; import { jsonStringify } from "../../helpers/json"; import { IsSPPeoplePickerControlFormEntity, getPrincipalTypeFromPickerEntity, isExternalUser } from "../../helpers/sharepoint"; import { isNotEmptyArray, isNotEmptyString, isNullOrEmptyArray, isNullOrEmptyString, isNullOrNaN, isNullOrUndefined, isNumber } from "../../helpers/typecheckers"; import { encodeURIComponentEX } from "../../helpers/url"; import { contentTypes, jsonTypes } from "../../types/rest.types"; import { PrincipalType } from "../../types/sharepoint.types"; import { ConsoleLogger } from "../consolelogger"; import { GetJson, GetJsonSync, longLocalCache, shortLocalCache } from "../rest"; import { GetRestBaseUrl, GetSiteUrl } from "./common"; import { GetSiteId } from "./web"; const logger = ConsoleLogger.get("utils/sharepoint/user"); var __currentUserId = null; const groupSelect = "Id,Title,Description,CanCurrentUserViewMembership,OnlyAllowMembersViewMembership,IsHiddenInUI,OwnerTitle"; const userSelect = "PrincipalType,Id,LoginName,UserPrincipalName,Title,IsSiteAdmin,Email"; /** Get user login name */ export function GetUserLoginName(siteUrl) { siteUrl = GetSiteUrl(siteUrl); if (typeof (_spPageContextInfo) !== "undefined" && typeof (_spPageContextInfo.userPrincipalName) !== "undefined") //issue 6309 _spPageContextInfo.userLoginName is wrong for external users return Promise.resolve(_spPageContextInfo.userPrincipalName); return GetJson(GetRestBaseUrl(siteUrl) + "/web/currentUser/loginName", null, { ...longLocalCache }) .then(r => r.d.LoginName) .catch(() => null); } /** Get user login name syncronously */ export function GetUserLoginNameSync(siteUrl) { siteUrl = GetSiteUrl(siteUrl); if (typeof (_spPageContextInfo) !== "undefined" && typeof (_spPageContextInfo.userPrincipalName) !== "undefined") //issue 6309 _spPageContextInfo.userLoginName is wrong for external users return _spPageContextInfo.userPrincipalName; let res = GetJsonSync(GetRestBaseUrl(siteUrl) + "/web/currentUser/loginName", null, { ...longLocalCache }); if (res.success) return res.result.d.LoginName; else return null; } function _getCurrentUserRequestUrl(siteUrl, expandGroups) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/currentUser${expandGroups ? '?$expand=Groups' : ''}`; return url; } export async function GetCurrentUser(siteUrl, options) { siteUrl = GetSiteUrl(siteUrl); return GetJson(_getCurrentUserRequestUrl(siteUrl, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata, allowCache: !options || options.refreshCache !== true }) .then(user => { if (user) __currentUserId = user.Id; return user; }) .catch(() => null); } export function GetCurrentUserSync(siteUrl, options) { siteUrl = GetSiteUrl(siteUrl); let res = GetJsonSync(_getCurrentUserRequestUrl(siteUrl, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); if (res.success) { let user = res.result; if (user) __currentUserId = user.Id; return user; } else return null; } function _getUserRequestUrl(siteUrl, userId, expandGroups) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/GetUserById(${userId})${expandGroups ? '?expand=Groups' : ''}`; return url; } export async function GetUser(siteUrl, userId, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrNaN(userId) || __currentUserId === userId) return GetCurrentUser(siteUrl, options); return GetJson(_getUserRequestUrl(siteUrl, userId, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }).then(user => { return user; }).catch(() => null); } export function GetUserSync(siteUrl, userId, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrNaN(userId) || __currentUserId === userId) return GetCurrentUserSync(siteUrl, options); let res = GetJsonSync(_getUserRequestUrl(siteUrl, userId, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); if (res.success) { let user = res.result; return user; } else return null; } function _getUserByLoginNameRequestUrl(siteUrl, loginName, expandGroups) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/siteUsers/getByLoginName(@u)?@u='${encodeURIComponentEX(loginName, { singleQuoteMultiplier: 2 })}'${expandGroups ? '&expand=Groups' : ''}`; return url; } export async function GetUserByLogin(siteUrl, loginName, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrEmptyString(loginName)) { return GetCurrentUser(siteUrl, options); } return GetJson(_getUserByLoginNameRequestUrl(siteUrl, loginName, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }) .then(user => user) .catch(() => null); } export function GetUserByLoginSync(siteUrl, loginName, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrEmptyString(loginName)) { return GetCurrentUserSync(siteUrl, options); } let res = GetJsonSync(_getUserByLoginNameRequestUrl(siteUrl, loginName, options && options.expandGroups), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); if (res.success) { let user = res.result; return user; } return null; } function _getEnsureUserRequestUrl(siteUrl, loginName, expandGroups) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/ensureUser(@u)?@u='${encodeURIComponentEX(loginName, { singleQuoteMultiplier: 2 })}'${expandGroups ? '&expand=Groups' : ''}`; return url; } export async function EnsureUser(siteUrl, userLogin, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrEmptyString(userLogin)) return null; return GetJson(_getEnsureUserRequestUrl(siteUrl, userLogin, options && options.expandGroups), null, { method: "POST", spWebUrl: siteUrl, jsonMetadata: jsonTypes.nometadata, ...shortLocalCache }) .then(user => { return user; }) .catch(() => null); } export function EnsureUserSync(siteUrl, userLogin, options) { siteUrl = GetSiteUrl(siteUrl); if (isNullOrEmptyString(userLogin)) return null; let res = GetJsonSync(_getEnsureUserRequestUrl(siteUrl, userLogin, options && options.expandGroups), null, { method: "POST", spWebUrl: siteUrl, jsonMetadata: jsonTypes.nometadata, ...shortLocalCache }); if (res.success) { let user = res.result; return user; } return null; } export function GetOrEnsureUserByLoginSync(siteUrl, key, options) { let userValue = GetUserByLoginSync(siteUrl, key, options); if (!userValue) { userValue = EnsureUserSync(siteUrl, key, options); } return userValue; } export async function GetSecurityGroupByTitle(siteUrl, title) { siteUrl = GetSiteUrl(siteUrl); //on premise the title/name of security group could be as domain login //for example, 'KWIZCOM\ad_qa_group' //split[0] = will contain the domain name (KWIZCOM) //split[1] = will contain the title (ad_qa_group) //if split[1] is null, then we didn't get a domain login and the split[0] will just contain the title/name (ad_qa_group) of the group var split = title.split("\\"); var groupTitle = (split[1] || split[0]).toLowerCase(); var url = `${GetRestBaseUrl(siteUrl)}/web/siteusers?$filter=PrincipalType eq ${PrincipalType.SecurityGroup}`; return GetJson(url, null, { method: "GET", jsonMetadata: jsonTypes.nometadata, ...shortLocalCache }) .then(securityGroupsResult => { var securityGroup = null; if (securityGroupsResult && securityGroupsResult.value && securityGroupsResult.value.length) { //first match the full title and fall back to the split title/name securityGroup = securityGroupsResult.value.filter((secGroup) => { //this will find security groups on premise where the title/name are saved as 'KWIZCOM\ad_qa_group' //but will not match when exporting from on premise to online return secGroup.Title.toLowerCase() === title.toLowerCase(); })[0] || securityGroupsResult.value.filter((secGroup) => { //this will match settings exported from on premise to online where the title/name of the group changes from 'KWIZCOM\ad_qa_group' to 'AD_QA_GROUP' return secGroup.Title.toLowerCase() === groupTitle; })[0]; } return securityGroup; }) .catch(() => null); } export function GetSecurityGroupByTitleSync(siteUrl, title) { siteUrl = GetSiteUrl(siteUrl); //on premise the title/name of security group could be as domain login //for example, 'KWIZCOM\ad_qa_group' //split[0] = will contain the domain name (KWIZCOM) //split[1] = will contain the title (ad_qa_group) //if split[1] is null, then we didn't get a domain login and the split[0] will just contain the title/name (ad_qa_group) of the group var split = title.split("\\"); var groupTitle = (split[1] || split[0]).toLowerCase(); var url = `${GetRestBaseUrl(siteUrl)}/web/siteusers?$filter=PrincipalType eq ${PrincipalType.SecurityGroup}`; let securityGroupsResult = GetJsonSync(url, null, { method: "GET", jsonMetadata: jsonTypes.nometadata, ...shortLocalCache }); if (securityGroupsResult && securityGroupsResult.success) { var securityGroup = null; if (securityGroupsResult && securityGroupsResult.result && securityGroupsResult.result.value && securityGroupsResult.result.value.length) { //first match the full title and fall back to the split title/name securityGroup = securityGroupsResult.result.value.filter((secGroup) => { //this will find security groups on premise where the title/name are saved as 'KWIZCOM\ad_qa_group' //but will not match when exporting from on premise to online return secGroup.Title.toLowerCase() === title.toLowerCase(); })[0] || securityGroupsResult.result.value.filter((secGroup) => { //this will match settings exported from on premise to online where the title/name of the group changes from 'KWIZCOM\ad_qa_group' to 'AD_QA_GROUP' return secGroup.Title.toLowerCase() === groupTitle; })[0]; } return securityGroup; } return null; } function _getGroupRequestUrl(siteUrl, groupId) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups/getById(${groupId})?$select=${groupSelect}`; return url; } function _getGroupUsersRequestUrl(siteUrl, groupId) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups/getById(${groupId})/Users?$select=${userSelect}`; return url; } export async function GetGroup(siteUrl, groupId, options) { siteUrl = GetSiteUrl(siteUrl); return GetJson(_getGroupRequestUrl(siteUrl, groupId), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata, allowCache: !options || options.refreshCache !== true }) .then(async (group) => { if (group) { group.PrincipalType = PrincipalType.SharePointGroup; group.LoginName = group.Title; if (options && options.expandUsers && group.CanCurrentUserViewMembership) { let users = await GetJson(_getGroupUsersRequestUrl(siteUrl, groupId), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata, allowCache: !options || options.refreshCache !== true }); group.Users = users && users.value; } } return group; }) .catch(() => null); } export function GetGroupSync(siteUrl, groupId, options) { siteUrl = GetSiteUrl(siteUrl); let res = GetJsonSync(_getGroupRequestUrl(siteUrl, groupId), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); if (res.success) { let group = res.result; if (group) { group.PrincipalType = PrincipalType.SharePointGroup; group.LoginName = group.Title; if (options && options.expandUsers && group.CanCurrentUserViewMembership) { let users = GetJsonSync(_getGroupUsersRequestUrl(siteUrl, groupId), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); group.Users = users.success && users.result && users.result.value; } } return group; } else return null; } function _getGroupsRequestUrl(siteUrl) { siteUrl = GetSiteUrl(siteUrl); var url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups?$select=${groupSelect}`; return url; } function _getGroupByNameRequestUrl(siteUrl, groupName) { var url = `${_getGroupsRequestUrl(siteUrl)}&$filter=LoginName eq '${encodeURIComponentEX(groupName, { singleQuoteMultiplier: 2 })}'`; return url; } export async function GetGroupByName(siteUrl, groupName, options) { siteUrl = GetSiteUrl(siteUrl); let res = await GetJson(_getGroupByNameRequestUrl(siteUrl, groupName), null, { ...shortLocalCache, allowCache: !options || options.refreshCache !== true }); if (res) { let group = res && res.d && res.d.results && res.d.results[0]; if (group) { group.PrincipalType = PrincipalType.SharePointGroup; group.LoginName = group.Title; if (options && options.expandUsers && group.CanCurrentUserViewMembership) { let users = GetJsonSync(_getGroupUsersRequestUrl(siteUrl, group.Id), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata, allowCache: !options || options.refreshCache !== true }); group.Users = users.success && users.result && users.result.value; } } return group; } else return null; } export function GetGroupByNameSync(siteUrl, groupName, options) { siteUrl = GetSiteUrl(siteUrl); let res = GetJsonSync(_getGroupByNameRequestUrl(siteUrl, groupName), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); if (res.success) { let group = res.result && res.result.value && res.result.value[0]; if (group) { group.PrincipalType = PrincipalType.SharePointGroup; group.LoginName = group.Title; if (options && options.expandUsers && group.CanCurrentUserViewMembership) { let users = GetJsonSync(_getGroupUsersRequestUrl(siteUrl, group.Id), null, { ...shortLocalCache, jsonMetadata: jsonTypes.nometadata }); group.Users = users.success && users.result && users.result.value; } } return group; } else return null; } export async function GetSiteGroups(siteUrl, refreshCache) { siteUrl = GetSiteUrl(siteUrl); let res = await GetJson(_getGroupsRequestUrl(siteUrl), null, { ...shortLocalCache, allowCache: refreshCache !== true }); if (res) { let groups = res && res.d && res.d.results || []; groups.forEach(g => { g.PrincipalType = PrincipalType.SharePointGroup; g.LoginName = g.Title; }); return groups; } else return []; } export function GetInfoFromSPPeoplePickerControlFormEntity(entity) { if (IsSPPeoplePickerControlFormEntity(entity)) { var principalType = getPrincipalTypeFromPickerEntity(entity); if (isNullOrUndefined(principalType)) { let userValue = GetOrEnsureUserByLoginSync(null, entity.Key); if (userValue) { return userValue; } let groupValue = GetGroupByNameSync(null, entity.Key); if (groupValue) { return groupValue; } } else if (principalType === PrincipalType.SharePointGroup) { return GetGroupByNameSync(null, entity.Key); } else { return GetOrEnsureUserByLoginSync(null, entity.Key); } } return null; } export async function CreateSiteGroup(siteUrl, info) { let url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups`; let createGroup = await GetJson(url, jsonStringify({ __metadata: { type: "SP.Group" }, Title: info.name, Description: info.description }), { allowCache: false }); return createGroup.d; } export async function AddUserToGroup(siteUrl, groupId, userIdOrLogin) { let url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups(${groupId})/users`; if (isNumber(userIdOrLogin)) { let ensured = await GetUser(siteUrl, userIdOrLogin); userIdOrLogin = ensured.LoginName; } await GetJson(url, jsonStringify({ LoginName: userIdOrLogin }), { allowCache: false, jsonMetadata: jsonTypes.nometadata }); } export async function RemoveUserFromGroup(siteUrl, groupId, userId) { let url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups(${groupId})/users/removeById(${userId})`; await GetJson(url, null, { method: "POST", allowCache: false, jsonMetadata: jsonTypes.nometadata }); } export async function SetGroupOwner(siteUrl, groupId, ownerId, ownerIsAGroup) { //https://github.com/SharePoint/sp-dev-docs/issues/5031#issuecomment-594710013 //if owner is a group - rest API doens't work. if (ownerIsAGroup !== true) { let url = `${GetRestBaseUrl(siteUrl)}/web/siteGroups/getById('${groupId}')/SetUserAsOwner(${ownerId})`; try { await GetJson(url, null, { jsonMetadata: jsonTypes.nometadata, method: "POST" }); return true; } catch (e) { logger.error(`SetGroupOwner ${groupId} ${ownerId} error:`); logger.error(e); return false; } } else { try { let soapUrl = `${GetSiteUrl(siteUrl)}_vti_bin/client.svc/ProcessQuery`; let siteId = await GetSiteId(siteUrl); let serviceJSONResponse = await GetJson(soapUrl, `<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="15.0.0.0" ApplicationName=".NET Library" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009"> <Actions> <SetProperty Id="1" ObjectPathId="2" Name="Owner"> <Parameter ObjectPathId="3" /> </SetProperty> <Method Name="Update" Id="4" ObjectPathId="2" /> </Actions> <ObjectPaths> <Identity Id="2" Name="740c6a0b-85e2-48a0-a494-e0f1759d4aa7:site:${siteId}:g:${groupId}" /> <Identity Id="3" Name="740c6a0b-85e2-48a0-a494-e0f1759d4aa7:site:${siteId}:g:${ownerId}" /> </ObjectPaths> </Request>`, { headers: { Accept: jsonTypes.standard, "content-type": contentTypes.xml } }); //logger.json(serviceJSONResponse, "soap result"); return isNullOrEmptyArray(serviceJSONResponse) || isNullOrEmptyString(serviceJSONResponse[0].ErrorInfo); } catch (e) { logger.error(`SetGroupOwner via SOAP ${ownerId} ${ownerId} error:`); logger.error(e); return false; } } } export async function GroupIncludesAllUsers(siteUrl, groupId) { try { if (isNullOrNaN(groupId)) return false; const groupInfo = await GetGroup(siteUrl, groupId, { expandUsers: true }); if (isNullOrUndefined(groupInfo)) return false; //special memebr called spo-grid-all-users/{tenant-id} will be added, its not in the AAD or anywhere else. const includesAllUsers = !isNullOrUndefined(firstOrNull(groupInfo.Users, u => (u.LoginName || "").indexOf("|spo-grid-all-users/") >= 0)); return includesAllUsers; } catch (e) { logger.error(e); return false; } } /** return array of AAD group IDs, guid, normalized */ export async function GetCurrentUserADGroupMemberships(siteUrl) { let url = `${GetRestBaseUrl(siteUrl)}/SP.Publishing.SitePageService.GetCurrentUserMemberships`; try { let result = await GetJson(url, null, { jsonMetadata: jsonTypes.nometadata }); return isNotEmptyArray(result.value) ? result.value.map(id => normalizeGuid(id)) : []; } catch (e) { logger.error(e); return []; } } /** checks users groups, then checks for groups that contains all users and that the user is not an external one */ export async function IsUserMemberOfGroup(siteUrl, user, group) { if (isNotEmptyArray(user.Groups)) { //search user groups for the group by title or id const found = firstOrNull(user.Groups, userGroup => (isNotEmptyString(group.LoginName) && userGroup.Title === group.LoginName) || (isNumber(group.Id) && userGroup.Id === group.Id)); if (found) return true; } const groupInfo = await GetGroup(siteUrl, group.Id, { expandUsers: true }); if (!isNullOrUndefined(groupInfo)) { if (isNotEmptyArray(groupInfo.Users)) { //search group users memberships directly const found = firstOrNull(groupInfo.Users, groupUser => (isNotEmptyString(user.LoginName) && groupUser.LoginName === user.LoginName) || (isNumber(user.Id) && groupUser.Id === user.Id)); if (found) return true; //if we looking for current user - we can check GetCurrentUserADGroupMemberships let currentUser = await GetCurrentUser(siteUrl); if (currentUser.LoginName === user.LoginName) { //get user's aad groups const UserAADGroups = await GetCurrentUserADGroupMemberships(siteUrl); if (isNotEmptyArray(UserAADGroups)) { //convert group's users to guids const groupUserLoginsSplit = filterEmptyEntries(groupInfo.Users.map(u => lastOrNull(u.LoginName.split('|')))); //see if any of the group members is a guid that is in the user's aad groups const found = firstOrNull(groupUserLoginsSplit, u => UserAADGroups.includes(normalizeGuid(u))); if (found) return true; } } } //groups that contain all-users special permission will not show up in the user's groups or anywhere else - so test manually. const includesAllUsers = await GroupIncludesAllUsers(siteUrl, group.Id); const isCurrentUserExternal = isExternalUser(user.LoginName); return includesAllUsers && !isCurrentUserExternal; } return false; } //# sourceMappingURL=user.js.map