@pnp/cli-microsoft365
Version:
Manage Microsoft 365 and SharePoint Framework projects on any platform
101 lines • 5.02 kB
JavaScript
import config from '../../../../config.js';
import request from '../../../../request.js';
import { spo } from '../../../../utils/spo.js';
import SpoCommand from '../../../base/SpoCommand.js';
import commands from '../../commands.js';
class SpoServicePrincipalPermissionRequestListCommand extends SpoCommand {
get name() {
return commands.SERVICEPRINCIPAL_PERMISSIONREQUEST_LIST;
}
get description() {
return 'Lists pending permission requests';
}
alias() {
return [commands.SP_PERMISSIONREQUEST_LIST];
}
async commandAction(logger) {
try {
const spoAdminUrl = await spo.getSpoAdminUrl(logger, this.debug);
if (this.verbose) {
await logger.logToStderr(`Retrieving request digest...`);
}
const reqDigest = await spo.getRequestDigest(spoAdminUrl);
const requestOptions = {
url: `${spoAdminUrl}/_vti_bin/client.svc/ProcessQuery`,
headers: {
'X-RequestDigest': reqDigest.FormDigestValue
},
data: `<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="${config.applicationName}" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009"><Actions><ObjectPath Id="10" ObjectPathId="9" /><ObjectPath Id="12" ObjectPathId="11" /><Query Id="13" ObjectPathId="11"><Query SelectAllProperties="true"><Properties /></Query><ChildItemQuery SelectAllProperties="true"><Properties /></ChildItemQuery></Query></Actions><ObjectPaths><Constructor Id="9" TypeId="{104e8f06-1e00-4675-99c6-1b9b504ed8d8}" /><Property Id="11" ParentId="9" Name="PermissionRequests" /></ObjectPaths></Request>`
};
const res = await request.post(requestOptions);
const json = JSON.parse(res);
const response = json[0];
if (response.ErrorInfo) {
throw response.ErrorInfo.ErrorMessage;
}
else {
let spoWebAppServicePrincipalPermissionRequestResult = [];
const result = json[json.length - 1]._Child_Items_;
if (result.length > 0) {
const spoClientExtensibilityWebApplicationPrincipalId = await this.getSPOClientExtensibilityWebApplicationPrincipalId();
if (spoClientExtensibilityWebApplicationPrincipalId !== null) {
const oAuth2PermissionGrants = await this.getOAuth2PermissionGrants(spoClientExtensibilityWebApplicationPrincipalId);
if (oAuth2PermissionGrants) {
spoWebAppServicePrincipalPermissionRequestResult = result.filter(x => oAuth2PermissionGrants.indexOf(x.Scope) === -1);
}
}
}
await logger.log(spoWebAppServicePrincipalPermissionRequestResult.map(r => {
return {
Id: r.Id.replace('/Guid(', '').replace(')/', ''),
Resource: r.Resource,
ResourceId: r.ResourceId,
Scope: r.Scope
};
}));
}
}
catch (err) {
this.handleRejectedPromise(err);
}
}
async getOAuth2PermissionGrants(spoClientExtensibilityWebApplicationPrincipalId) {
const requestOptions = {
url: `https://graph.microsoft.com/v1.0/oAuth2Permissiongrants/?$filter=clientId eq '${spoClientExtensibilityWebApplicationPrincipalId}' and consentType eq 'AllPrincipals'`,
headers: {
accept: 'application/json;odata.metadata=none'
},
responseType: 'json'
};
const response = await request.get(requestOptions);
if (!response.value || response.value.length === 0) {
return null;
}
const scopes = [];
response.value.forEach(grant => {
if (grant.scope) {
grant.scope.split(' ')
.map(permission => permission.trim())
.filter(Boolean)
.forEach(permission => scopes.push(permission));
}
});
return scopes;
}
async getSPOClientExtensibilityWebApplicationPrincipalId() {
const requestOptions = {
url: `https://graph.microsoft.com/v1.0/servicePrincipals/?$filter=displayName eq 'SharePoint Online Web Client Extensibility'`,
headers: {
accept: 'application/json;odata.metadata=none'
},
responseType: 'json'
};
const response = await request.get(requestOptions);
if (response.value && response.value.length > 0) {
return response.value[0].id;
}
return null;
}
}
export default new SpoServicePrincipalPermissionRequestListCommand();
//# sourceMappingURL=serviceprincipal-permissionrequest-list.js.map