UNPKG

azdev-automation

Version:

Azure DevOps automation framework enables access control automation of projects, pipelines and repositories configuration in Azure DevOps Services

github.com/dmitryserbin/azdev-automation

dmitryserbin/azdev-automation

32 lines (31 loc) 1.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.WorkUpdater = void 0; class WorkUpdater { constructor(workHelper, securityHelper, commonHelper, logger) { this.logger = logger; this.debugLogger = logger.extend(this.constructor.name); this.workHelper = workHelper; this.securityHelper = securityHelper; this.commonHelper = commonHelper; } async updatePermissions(project, policy) { const debug = this.debugLogger.extend(this.updatePermissions.name); this.logger.log(`Applying <${policy.name}> work items permissions policy`); const namespace = await this.securityHelper.getNamespace("CSS"); const nodeIdentifier = await this.workHelper.getNodeIdentifier(project.id, "area"); const permissionSetId = namespace.namespaceId; const permissionSetToken = `vstfs:///Classification/Node/${nodeIdentifier}`; const existingIdentities = await this.securityHelper.getExplicitIdentities(project.id, permissionSetId, permissionSetToken); await Promise.all(policy.definition.map(async (group) => { const groupName = `[${project.name}]\\${group.name}`; this.logger.log(`Assigninig <${groupName}> group permissions`); // Slow down parallel calls to address // Intermittent API connectivity issues await this.commonHelper.wait(500, 3000); const targetIdentity = await this.securityHelper.getExistingIdentity(groupName, project.id, existingIdentities); await this.securityHelper.updateIdentityPermissions(project.id, targetIdentity, group.permissions, permissionSetId, permissionSetToken); })); } } exports.WorkUpdater = WorkUpdater;