azure-devops-ui/Utilities/PersonaHelper.js

React components for building web UI in Azure DevOps

import * as Utils_String from '../Core/Util/String';
export var SubjectType;
(function (SubjectType) {
    SubjectType.EntraIDUser = "aad";
    SubjectType.EntraIDGroup = "aadgp";
    SubjectType.EntraIDServicePrincipal = "aadsp";
})(SubjectType || (SubjectType = {}));
export var IdentitySeparators;
(function (IdentitySeparators) {
    IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START = "<";
    IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END = ">";
    IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START = "<<";
    IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END = ">>";
    IdentitySeparators.TFS_GROUP_PREFIX = "id:";
    IdentitySeparators.AAD_IDENTITY_USER_PREFIX = "user:";
    IdentitySeparators.AAD_IDENTITY_GROUP_PREFIX = "group:";
    IdentitySeparators.IDENTITY_UNIQUENAME_SEPARATOR = "\\";
    IdentitySeparators.DESCRIPTOR_PREFIX = "desc:";
})(IdentitySeparators || (IdentitySeparators = {}));
/**
 * Returns a distinct display name string representation for an identity reference object recognizable by WIT
 * The AAD identity string representation we use for the control is -  name <<objectId\email>>
 *
 * @param identity An identity
 */
export function getUniquefiedIdentityName(identity) {
    if (!identity) {
        return "";
    }
    /**
     * It is preferable to calculate uniquename based on if it's hosted which is more reliable and
     * for hosted we should not really use samAccoutName(but also it's expected to be null).
     * There's a IIdentity.isHosted but we cannot guarantee it always present or we'll have to pass-in a parameter for isHosted
     * also causing a large downstream change.
     * So after all the consideration we decided to rely on these 3 parameters.
     * IMPORTANT! The order of parameters matters at least for onprem - we should rely on samAccountName more than on identity.mail
     */
    const uniqueName = identity.signInAddress || identity.samAccountName || identity.mail || identity.originId;
    if (isEntraIDIdentity(identity)) {
        const isAadGroup = Utils_String.equals(identity.entityType, "Group", true);
        const prefix = isAadGroup ? IdentitySeparators.AAD_IDENTITY_GROUP_PREFIX : IdentitySeparators.AAD_IDENTITY_USER_PREFIX;
        if ((identity.signInAddress || identity.mail) && !isAadGroup) {
            return Utils_String.format("{0} {1}{2}{3}\\{4}{5}", identity.displayName, IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, prefix, identity.originId, identity.signInAddress || identity.mail, IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
        }
        else {
            return Utils_String.format("{0} {1}{2}{3}{4}", identity.displayName, IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, prefix, identity.originId, IdentitySeparators.AAD_IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
        }
    }
    else if (isTfsGroup(identity)) {
        if (identity.localId) {
            return Utils_String.format("{0} {1}{2}{3}{4}", identity.displayName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, IdentitySeparators.TFS_GROUP_PREFIX, identity.localId.toUpperCase(), IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
        }
        else {
            return identity.displayName ? identity.displayName : "";
        }
    }
    else if (uniqueName) {
        if (uniqueName.indexOf("@") === -1 && identity.scopeName && !isServicePrincipal(identity)) {
            // if uniqueName is not an email and identity is not a service principal, use both domain and alias
            return Utils_String.format("{0} {1}{2}\\{3}{4}", identity.displayName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, identity.scopeName, uniqueName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
        }
        else {
            // if uniqueName is an email or identity is a service principal, use email/guid for service principals
            return Utils_String.format("{0} {1}{2}{3}", identity.displayName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, uniqueName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
        }
    }
    else if (identity.subjectDescriptor) {
        return Utils_String.format("{0} {1}{2}{3}{4}", identity.displayName, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_START, IdentitySeparators.DESCRIPTOR_PREFIX, identity.subjectDescriptor, IdentitySeparators.IDENTITY_UNIQUEFIEDNAME_SEPERATOR_END);
    }
    else {
        return identity.displayName || "";
    }
}
export function isEntraIDIdentity(entity) {
    return Utils_String.equals(entity.originDirectory, "aad", true) && !!entity.originId && !entity.localId;
}
function isServicePrincipal(entity) {
    return entity.subjectDescriptor ? entity.subjectDescriptor.startsWith(SubjectType.EntraIDServicePrincipal) : false;
}
function isTfsGroup(entity) {
    if (!entity.displayName) {
        return false;
    }
    const indexOfGroupSeperator = entity.displayName.indexOf("\\");
    return (Utils_String.equals(entity.entityType, "Group", true) &&
        Utils_String.startsWith(entity.displayName, "[") &&
        indexOfGroupSeperator !== -1 &&
        Utils_String.endsWith(entity.displayName.substring(0, indexOfGroupSeperator), "]"));
}