@mindconnect/mindconnect-nodejs
Version:
NodeJS Library for MindSphere Connectivity - TypeScript SDK for MindSphere - MindSphere Command Line Interface - MindSphere Development Proxy
290 lines • 16.6 kB
JavaScript
;
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __asyncValues = (this && this.__asyncValues) || function (o) {
if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
var m = o[Symbol.asyncIterator], i;
return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
};
Object.defineProperty(exports, "__esModule", { value: true });
const console_1 = require("console");
const sdk_1 = require("../../api/sdk");
const utils_1 = require("../../api/utils");
const command_utils_1 = require("./command-utils");
let color = (0, command_utils_1.getColor)("magenta");
exports.default = (program) => {
program
.command("identity-management")
.alias("iam")
.option("-m, --mode [list|create|assign|remove|delete]", "Mode can be list | create | assign | remove | delete", "list")
.option("-u, --user [user]", "user name")
.option("-g, --group [group]", "user group")
.option("-m, --membergroup [membergroup]", "member group")
.option("-r, --raw", "don't automatically preceed group names with mdsp_usergroup")
.option("-k, --passkey <passkey>", "passkey")
.option("-v, --verbose", "verbose output")
.description(color("manage mindsphere users and groups *"))
.action((options) => {
(() => __awaiter(void 0, void 0, void 0, function* () {
try {
checkRequiredParameters(options);
const sdk = (0, command_utils_1.getSdk)(options);
color = (0, command_utils_1.adjustColor)(color, options);
(0, command_utils_1.homeDirLog)(options.verbose, color);
(0, command_utils_1.proxyLog)(options.verbose, color);
const iam = sdk.GetIdentityManagementClient();
options.mode === "list" && options.user && (yield listUsers(iam, options));
options.mode === "list" && options.group && (yield listGroups(iam, options));
options.mode === "create" && options.user && (yield createUser(iam, options));
options.mode === "create" && options.group && (yield createGroup(iam, options));
options.mode === "delete" && options.user && (yield deleteUser(iam, options));
options.mode === "delete" && options.group && (yield deleteGroup(iam, options));
options.mode === "assign" && (yield assign(iam, options));
options.mode === "remove" && (yield remove(iam, options));
}
catch (err) {
(0, command_utils_1.errorLog)(err, options.verbose);
}
}))();
})
.on("--help", () => {
(0, console_1.log)(`\n Example:\n`);
(0, console_1.log)(` mc iam --mode list --user \t\t list all users`);
(0, console_1.log)(` mc iam --mode list --user prefix \t list all users which start with "prefix"`);
(0, console_1.log)(` mc iam --mode list --group \t\t list all groups`);
(0, console_1.log)(` mc iam --mode list --group prefix \t list all groups which start with "prefix"`);
(0, console_1.log)(`\n mc iam --mode create|delete --group groupName \t create or delete group`);
(0, console_1.log)(` mc iam --mode create|delete --user userName \t create or delete user`);
(0, console_1.log)(`\n mc iam --mode assign --group groupName --user userName \t\t Assign userName to groupName`);
(0, console_1.log)(` mc iam --mode assign --group groupName --membergroup memberGroupName \t Assign memberGroupName to groupName`);
(0, console_1.log)(` mc iam --mode remove --group groupName --user userName \t\t Delete userName from groupName`);
(0, console_1.log)(` mc iam --mode remove --group groupName --membergroup memberGroupName \t Delete memberGroupName from groupName`);
(0, command_utils_1.serviceCredentialLog)();
});
};
function listUsers(iam, options) {
var _a;
return __awaiter(this, void 0, void 0, function* () {
const filter = { attributes: "userName,groups,name" };
if (options.user !== true) {
filter.filter = `userName sw "${options.user}"`;
}
const users = yield iam.GetUsers(filter);
(_a = users.resources) === null || _a === void 0 ? void 0 : _a.forEach((user) => {
var _a, _b, _c;
const groups = (_a = user.groups) === null || _a === void 0 ? void 0 : _a.filter((x) => x.display === "mdsp:core:TenantAdmin");
const userColor = groups && groups.length ? color : (x) => x;
const admin = groups && groups.length > 0 ? color("*") : "-";
console.log(`${admin} ${userColor(user.userName)} [${(_b = user.groups) === null || _b === void 0 ? void 0 : _b.length} groups]`);
options.verbose &&
((_c = user.groups) === null || _c === void 0 ? void 0 : _c.forEach((grp) => {
console.log(`\t - ${grp.display}`);
}));
});
console.log(`Found: ${color(users.totalResults)} users`);
});
}
function listGroups(iam, options) {
var e_1, _a, e_2, _b;
var _c;
return __awaiter(this, void 0, void 0, function* () {
const filter = {};
if (options.group !== true) {
filter.filter = `displayName sw "${normalizeGroupName(options.group, options)}"`;
}
const groups = yield iam.GetGroups(filter);
try {
for (var _d = __asyncValues(groups.resources || []), _e; _e = yield _d.next(), !_e.done;) {
const group = _e.value;
const userCount = options.verbose ? `[${(_c = group.members) === null || _c === void 0 ? void 0 : _c.length} users]` : "";
console.log(`${color(group.displayName)} ${userCount}`);
if (options.verbose) {
try {
for (var _f = (e_2 = void 0, __asyncValues(group.members)), _g; _g = yield _f.next(), !_g.done;) {
const member = _g.value;
if (member.type === sdk_1.IdentityManagementModels.ScimGroupMember.TypeEnum.USER) {
const user = yield iam.GetUser(member.value);
console.log(`\t ${user.userName}`);
}
else {
const group = yield iam.GetGroup(member.value);
console.log(`\t ${group.displayName}`);
}
}
}
catch (e_2_1) { e_2 = { error: e_2_1 }; }
finally {
try {
if (_g && !_g.done && (_b = _f.return)) yield _b.call(_f);
}
finally { if (e_2) throw e_2.error; }
}
}
}
}
catch (e_1_1) { e_1 = { error: e_1_1 }; }
finally {
try {
if (_e && !_e.done && (_a = _d.return)) yield _a.call(_d);
}
finally { if (e_1) throw e_1.error; }
}
console.log(`Found: ${color(groups.totalResults)} groups`);
});
}
function createUser(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const user = yield iam.PostUser({ userName: options.user });
console.log(`user with username ${color(user.userName)} created`);
(0, command_utils_1.verboseLog)(JSON.stringify(user, null, 2), options.verbose);
});
}
function createGroup(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const name = normalizeGroupName(options.group, options);
const group = yield iam.PostGroup({ displayName: name, description: `created using CLI` });
console.log(`group with displayName ${color(group.displayName)} created`);
(0, command_utils_1.verboseLog)(JSON.stringify(group, null, 2), options.verbose);
});
}
function normalizeGroupName(name, options) {
if (name === undefined) {
return name;
}
if (!options.raw && !name.startsWith("mdsp_usergroup:")) {
name = `mdsp_usergroup:${name}`;
}
return name;
}
function deleteUser(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const users = yield iam.GetUsers({ filter: `userName eq "${options.user}"` });
if (users.totalResults === 1) {
const deletedUser = yield iam.DeleteUser(users.resources[0].id);
console.log(`user with username ${color(users.resources[0].userName)} deleted`);
(0, command_utils_1.verboseLog)(JSON.stringify(deletedUser, null, 2), options.verbose);
}
else {
(0, utils_1.throwError)(`found ${color(users.totalResults)} users users but expected 1 `);
}
});
}
function deleteGroup(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const groups = yield iam.GetGroups({ filter: `displayName eq "${normalizeGroupName(options.group, options)}"` });
if (groups.totalResults === 1) {
const deletedGroup = yield iam.DeleteGroup(groups.resources[0].id);
console.log(`group ${color(groups.resources[0].displayName)} deleted`);
(0, command_utils_1.verboseLog)(JSON.stringify(deletedGroup, null, 2), options.verbose);
}
else {
(0, utils_1.throwError)(`found ${color(groups.totalResults)} groups but expected 1 `);
}
});
}
function assign(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const users = yield iam.GetUsers({ filter: `userName eq "${options.user}"` });
const groups = yield iam.GetGroups({ filter: `displayName eq "${normalizeGroupName(options.group, options)}"` });
const membergroups = yield iam.GetGroups({
filter: `displayName eq "${normalizeGroupName(options.membergroup, options)}"`,
});
if (options.user && users.totalResults === 1 && groups.totalResults === 1) {
const assigned = yield iam.PostGroupMember(groups.resources[0].id, {
type: sdk_1.IdentityManagementModels.ScimGroupMember.TypeEnum.USER,
value: users.resources[0].id,
});
console.log(`assigned user ${color(options.user)} to ${color(normalizeGroupName(options.group, options))}`);
(0, command_utils_1.verboseLog)(JSON.stringify(assigned, null, 2), options.verbose);
}
else if (options.user) {
(0, utils_1.throwError)(`found ${color(users.totalResults)} users and ${color(groups.totalResults)} groups but expected 1 of each`);
}
else if (options.membergroup && membergroups.totalResults === 1 && groups.totalResults === 1) {
const assigned = yield iam.PostGroupMember(groups.resources[0].id, {
type: sdk_1.IdentityManagementModels.ScimGroupMember.TypeEnum.GROUP,
value: membergroups.resources[0].id,
});
console.log(`assigned member ${color(options.membergroup)} to ${color(normalizeGroupName(options.group, options))}`);
(0, command_utils_1.verboseLog)(JSON.stringify(assigned, null, 2), options.verbose);
}
else if (options.membergroup) {
(0, utils_1.throwError)(`found ${color(membergroups.totalResults)} membergroups && ${color(groups.totalResults)} groups but expected 1 of each`);
}
});
}
function remove(iam, options) {
return __awaiter(this, void 0, void 0, function* () {
const users = yield iam.GetUsers({ filter: `userName eq "${options.user}"` });
const groups = yield iam.GetGroups({ filter: `displayName eq "${normalizeGroupName(options.group, options)}"` });
const membergroups = yield iam.GetGroups({
filter: `displayName eq "${normalizeGroupName(options.membergroup, options)}"`,
});
if (options.user && users.totalResults === 1 && groups.totalResults === 1) {
const assigned = yield iam.DeleteGroupMember(groups.resources[0].id, users.resources[0].id);
console.log(`deleted user ${color(options.user)} from ${color(normalizeGroupName(options.group, options))}`);
(0, command_utils_1.verboseLog)(JSON.stringify(assigned, null, 2), options.verbose);
}
else if (options.user) {
(0, utils_1.throwError)(`found ${color(users.totalResults)} users and ${color(groups.totalResults)} groups but expected 1 of each`);
}
else if (options.membergroup && membergroups.totalResults === 1 && groups.totalResults === 1) {
const assigned = yield iam.DeleteGroupMember(groups.resources[0].id, membergroups.resources[0].id);
console.log(`deleted member ${color(options.membergroup)} from ${color(normalizeGroupName(options.group, options))}`);
(0, command_utils_1.verboseLog)(JSON.stringify(assigned, null, 2), options.verbose);
}
else if (options.membergroup) {
(0, utils_1.throwError)(`found ${color(membergroups.totalResults)} membergroups && ${color(groups.totalResults)} groups but expected 1 of each`);
}
});
}
function checkRequiredParameters(options) {
!(["list", "create", "assign", "remove", "delete"].indexOf(options.mode) >= 0) &&
(0, utils_1.throwError)(`invalid mode ${options.mode} (must be config, list, select or add)`);
["list", "create", "delete"].forEach((x) => {
options.mode === x &&
!options.user &&
!options.group &&
(0, utils_1.throwError)(`you have to specify either --user [user] or --group [group] for mc iam --mode ${x} command`);
options.mode === x &&
options.user &&
options.group &&
(0, utils_1.throwError)(`you have to specify either --user [user] or --group [group] for mc iam --mode ${x} command but not both`);
});
["create", "delete", "assign", "remove"].forEach((x) => {
options.mode === x &&
options.user &&
options.user === true &&
(0, utils_1.throwError)(`you have to specify full user name for iam --mode ${x} command`);
options.mode === x &&
options.group &&
options.group === true &&
(0, utils_1.throwError)(`you have to specify full user name for iam --mode ${x} command`);
});
["assign", "remove"].forEach((x) => {
options.mode === x &&
(options.group === true || !options.group) &&
(0, utils_1.throwError)(`you have to specify --group [group] iam --mode ${x} command`);
options.mode === x &&
options.user &&
options.membergroup &&
(0, utils_1.throwError)(`you have to specify --user [user] or --membergroup [membergroup] iam --mode ${x} command but not both`);
options.mode === x &&
!options.user &&
!options.membergroup &&
(0, utils_1.throwError)(`you have to specify either --user [user] or --membergroup [membergroup] iam --mode ${x} command `);
options.mode === x &&
(options.user === true || options.membergroup === true) &&
(0, utils_1.throwError)(`you have to specify either --user [user] or --membergroup [membergroup] iam --mode ${x} command (no empty parameters)`);
});
}
//# sourceMappingURL=identity.js.map