@pnp/cli-microsoft365 5.0.0-beta.60ed6bc → 5.0.0-beta.6d4dbfb
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.devcontainer/devcontainer.json +9 -1
- package/.eslintrc.js +2 -0
- package/README.md +1 -1
- package/dist/Utils.js +7 -0
- package/dist/appInsights.js +5 -2
- package/dist/cli/Cli.js +24 -4
- package/dist/m365/aad/commands/app/app-add.js +58 -5
- package/dist/m365/aad/commands/app/app-get.js +97 -0
- package/dist/m365/aad/commands/group/group-list.js +41 -0
- package/dist/m365/aad/commands/o365group/{GroupUser.js → GroupExtended.js} +1 -1
- package/dist/m365/aad/commands/o365group/o365group-add.js +56 -50
- package/dist/m365/aad/commands/o365group/o365group-user-set.js +3 -3
- package/dist/m365/aad/commands/oauth2grant/oauth2grant-list.js +4 -4
- package/dist/m365/aad/commands/oauth2grant/oauth2grant-remove.js +36 -12
- package/dist/m365/aad/commands/user/user-get.js +33 -6
- package/dist/m365/aad/commands/user/user-hibp.js +67 -0
- package/dist/m365/aad/commands/user/user-list.js +7 -4
- package/dist/m365/aad/commands/user/user-password-validate.js +42 -0
- package/dist/m365/aad/commands.js +4 -0
- package/dist/m365/app/commands/permission/permission-list.js +266 -0
- package/dist/m365/app/commands.js +7 -0
- package/dist/m365/base/AppCommand.js +76 -0
- package/dist/m365/{aad/commands/o365group/Group.js → base/M365RcJson.js} +1 -1
- package/dist/m365/cli/commands/cli-doctor.js +2 -0
- package/dist/m365/cli/commands/config/config-set.js +4 -1
- package/dist/m365/file/commands/file-list.js +181 -0
- package/dist/m365/file/commands.js +2 -1
- package/dist/m365/flow/commands/flow-get.js +2 -2
- package/dist/m365/pa/cds-project-mutator.js +1 -1
- package/dist/m365/pa/commands/app/app-list.js +28 -1
- package/dist/m365/planner/AppliedCategories.js +3 -0
- package/dist/m365/planner/commands/task/task-add.js +288 -0
- package/dist/m365/planner/commands/task/task-details-get.js +39 -0
- package/dist/m365/planner/commands/task/task-get.js +37 -0
- package/dist/m365/planner/commands/task/task-set.js +357 -0
- package/dist/m365/planner/commands.js +5 -1
- package/dist/m365/search/commands/externalconnection/externalconnection-add.js +99 -0
- package/dist/m365/search/commands.js +7 -0
- package/dist/m365/spfx/commands/project/project-upgrade/rules/FN006005_CFG_PS_metadata.js +63 -0
- package/dist/m365/spfx/commands/project/project-upgrade/rules/FN006006_CFG_PS_features.js +60 -0
- package/dist/m365/spfx/commands/project/project-upgrade/rules/FN014008_CODE_launch_hostedWorkbench_type.js +62 -0
- package/dist/m365/spfx/commands/project/project-upgrade/upgrade-1.13.1.js +53 -0
- package/dist/m365/spfx/commands/project/project-upgrade/upgrade-1.14.0-beta.5.js +59 -0
- package/dist/m365/spfx/commands/project/project-upgrade.js +17 -13
- package/dist/m365/spfx/commands/spfx-doctor.js +176 -62
- package/dist/m365/spo/commands/contenttype/contenttype-list.js +52 -0
- package/dist/m365/spo/commands/group/group-user-add.js +64 -13
- package/dist/m365/spo/commands/group/group-user-remove.js +100 -0
- package/dist/m365/spo/commands/list/list-get.js +6 -2
- package/dist/m365/spo/commands/page/Page.js +3 -1
- package/dist/m365/spo/commands/page/page-add.js +7 -10
- package/dist/m365/spo/commands/page/page-set.js +7 -10
- package/dist/m365/spo/commands/site/site-ensure.js +1 -1
- package/dist/m365/spo/commands/site/site-recyclebinitem-list.js +76 -0
- package/dist/m365/spo/commands/site/site-remove.js +98 -30
- package/dist/m365/spo/commands/web/web-installedlanguage-list.js +48 -0
- package/dist/m365/spo/commands.js +5 -1
- package/dist/m365/teams/commands/app/app-list.js +9 -6
- package/dist/m365/teams/commands/chat/chat-list.js +43 -0
- package/dist/m365/teams/commands/chat/chat-member-list.js +42 -0
- package/dist/m365/teams/commands/chat/chat-message-list.js +60 -0
- package/dist/m365/teams/commands/message/message-get.js +1 -1
- package/dist/m365/teams/commands/report/report-directroutingcalls.js +1 -1
- package/dist/m365/teams/commands/tab/tab-get.js +9 -6
- package/dist/m365/teams/commands.js +3 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-health-get.js +57 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-health-list.js +56 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-healthissue-get.js +39 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-healthissue-list.js +38 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-message-get.js +51 -0
- package/dist/m365/tenant/commands/serviceannouncement/serviceannouncement-message-list.js +38 -0
- package/dist/m365/tenant/commands.js +6 -0
- package/dist/request.js +9 -4
- package/dist/settingsNames.js +6 -1
- package/docs/docs/cmd/_global.md +2 -2
- package/docs/docs/cmd/aad/app/app-add.md +11 -0
- package/docs/docs/cmd/aad/app/app-get.md +48 -0
- package/docs/docs/cmd/aad/group/group-list.md +21 -0
- package/docs/docs/cmd/aad/o365group/o365group-add.md +1 -0
- package/docs/docs/cmd/aad/oauth2grant/oauth2grant-list.md +2 -2
- package/docs/docs/cmd/aad/oauth2grant/oauth2grant-remove.md +9 -0
- package/docs/docs/cmd/aad/user/user-get.md +13 -4
- package/docs/docs/cmd/aad/user/user-hibp.md +46 -0
- package/docs/docs/cmd/aad/user/user-list.md +9 -0
- package/docs/docs/cmd/aad/user/user-password-validate.md +29 -0
- package/docs/docs/cmd/app/permission/permission-list.md +36 -0
- package/docs/docs/cmd/file/file-list.md +46 -0
- package/docs/docs/cmd/pa/app/app-list.md +17 -1
- package/docs/docs/cmd/planner/task/task-add.md +78 -0
- package/docs/docs/cmd/planner/task/task-details-get.md +24 -0
- package/docs/docs/cmd/planner/task/task-get.md +24 -0
- package/docs/docs/cmd/planner/task/task-set.md +99 -0
- package/docs/docs/cmd/search/externalconnection/externalconnection-add.md +43 -0
- package/docs/docs/cmd/spfx/project/project-externalize.md +1 -1
- package/docs/docs/cmd/spfx/project/project-rename.md +1 -1
- package/docs/docs/cmd/spfx/project/project-upgrade.md +1 -1
- package/docs/docs/cmd/spfx/spfx-doctor.md +1 -1
- package/docs/docs/cmd/spo/contenttype/contenttype-list.md +33 -0
- package/docs/docs/cmd/spo/group/group-user-add.md +24 -6
- package/docs/docs/cmd/spo/group/group-user-remove.md +39 -0
- package/docs/docs/cmd/spo/list/list-get.md +9 -0
- package/docs/docs/cmd/spo/page/page-add.md +2 -2
- package/docs/docs/cmd/spo/page/page-set.md +3 -3
- package/docs/docs/cmd/spo/site/site-recyclebinitem-list.md +40 -0
- package/docs/docs/cmd/spo/site/site-remove.md +3 -1
- package/docs/docs/cmd/spo/web/web-installedlanguage-list.md +24 -0
- package/docs/docs/cmd/teams/channel/channel-get.md +1 -1
- package/docs/docs/cmd/teams/chat/chat-list.md +30 -0
- package/docs/docs/cmd/teams/chat/chat-member-list.md +24 -0
- package/docs/docs/cmd/teams/chat/chat-message-list.md +24 -0
- package/docs/docs/cmd/teams/message/message-get.md +0 -3
- package/docs/docs/cmd/teams/report/report-directroutingcalls.md +0 -3
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-health-get.md +33 -0
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-health-list.md +30 -0
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-healthissue-get.md +24 -0
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-healthissue-list.md +34 -0
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-message-get.md +28 -0
- package/docs/docs/cmd/tenant/serviceannouncement/serviceannouncement-message-list.md +34 -0
- package/npm-shrinkwrap.json +1308 -1478
- package/package.json +34 -27
- package/dist/m365/base/AadCommand.js +0 -10
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const cli_1 = require("../../../../cli");
|
|
3
4
|
const request_1 = require("../../../../request");
|
|
4
5
|
const GraphCommand_1 = require("../../../base/GraphCommand");
|
|
5
6
|
const commands_1 = require("../../commands");
|
|
@@ -11,24 +12,47 @@ class AadOAuth2GrantRemoveCommand extends GraphCommand_1.default {
|
|
|
11
12
|
return 'Remove specified service principal OAuth2 permissions';
|
|
12
13
|
}
|
|
13
14
|
commandAction(logger, args, cb) {
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
15
|
+
const removeOauth2Grant = () => {
|
|
16
|
+
if (this.verbose) {
|
|
17
|
+
logger.logToStderr(`Removing OAuth2 permissions...`);
|
|
18
|
+
}
|
|
19
|
+
const requestOptions = {
|
|
20
|
+
url: `${this.resource}/v1.0/oauth2PermissionGrants/${encodeURIComponent(args.options.grantId)}`,
|
|
21
|
+
headers: {
|
|
22
|
+
'accept': 'application/json;odata.metadata=none'
|
|
23
|
+
},
|
|
24
|
+
responseType: 'json'
|
|
25
|
+
};
|
|
26
|
+
request_1.default
|
|
27
|
+
.delete(requestOptions)
|
|
28
|
+
.then(_ => cb(), (rawRes) => this.handleRejectedODataJsonPromise(rawRes, logger, cb));
|
|
23
29
|
};
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
30
|
+
if (args.options.confirm) {
|
|
31
|
+
removeOauth2Grant();
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
cli_1.Cli.prompt({
|
|
35
|
+
type: 'confirm',
|
|
36
|
+
name: 'continue',
|
|
37
|
+
default: false,
|
|
38
|
+
message: `Are you sure you want to remove the OAuth2 permissions for ${args.options.grantId}?`
|
|
39
|
+
}, (result) => {
|
|
40
|
+
if (!result.continue) {
|
|
41
|
+
cb();
|
|
42
|
+
}
|
|
43
|
+
else {
|
|
44
|
+
removeOauth2Grant();
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
}
|
|
27
48
|
}
|
|
28
49
|
options() {
|
|
29
50
|
const options = [
|
|
30
51
|
{
|
|
31
52
|
option: '-i, --grantId <grantId>'
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
option: '--confirm'
|
|
32
56
|
}
|
|
33
57
|
];
|
|
34
58
|
const parentOptions = super.options();
|
|
@@ -20,10 +20,20 @@ class AadUserGetCommand extends GraphCommand_1.default {
|
|
|
20
20
|
}
|
|
21
21
|
commandAction(logger, args, cb) {
|
|
22
22
|
const properties = args.options.properties ?
|
|
23
|
-
|
|
23
|
+
`&$select=${args.options.properties.split(',').map(p => encodeURIComponent(p.trim())).join(',')}` :
|
|
24
24
|
'';
|
|
25
|
+
let requestUrl = `${this.resource}/v1.0/users`;
|
|
26
|
+
if (args.options.id) {
|
|
27
|
+
requestUrl += `?$filter=id eq '${encodeURIComponent(args.options.id)}'${properties}`;
|
|
28
|
+
}
|
|
29
|
+
else if (args.options.userName) {
|
|
30
|
+
requestUrl += `?$filter=userPrincipalName eq '${encodeURIComponent(args.options.userName)}'${properties}`;
|
|
31
|
+
}
|
|
32
|
+
else if (args.options.email) {
|
|
33
|
+
requestUrl += `?$filter=mail eq '${encodeURIComponent(args.options.email)}'${properties}`;
|
|
34
|
+
}
|
|
25
35
|
const requestOptions = {
|
|
26
|
-
url:
|
|
36
|
+
url: requestUrl,
|
|
27
37
|
headers: {
|
|
28
38
|
accept: 'application/json;odata.metadata=none'
|
|
29
39
|
},
|
|
@@ -31,6 +41,18 @@ class AadUserGetCommand extends GraphCommand_1.default {
|
|
|
31
41
|
};
|
|
32
42
|
request_1.default
|
|
33
43
|
.get(requestOptions)
|
|
44
|
+
.then((res) => {
|
|
45
|
+
if (res.value.length === 1) {
|
|
46
|
+
return Promise.resolve(res.value[0]);
|
|
47
|
+
}
|
|
48
|
+
const identifier = args.options.id ? `id ${args.options.id}`
|
|
49
|
+
: args.options.userName ? `user name ${args.options.userName}`
|
|
50
|
+
: `email ${args.options.email}`;
|
|
51
|
+
if (res.value.length === 0) {
|
|
52
|
+
return Promise.reject(`The specified user with ${identifier} does not exist`);
|
|
53
|
+
}
|
|
54
|
+
return Promise.reject(`Multiple users with ${identifier} found. Please disambiguate (user names): ${res.value.map(a => a.userPrincipalName).join(', ')} or (ids): ${res.value.map(a => a.id).join(', ')}`);
|
|
55
|
+
})
|
|
34
56
|
.then((res) => {
|
|
35
57
|
logger.log(res);
|
|
36
58
|
cb();
|
|
@@ -44,6 +66,9 @@ class AadUserGetCommand extends GraphCommand_1.default {
|
|
|
44
66
|
{
|
|
45
67
|
option: '-n, --userName [userName]'
|
|
46
68
|
},
|
|
69
|
+
{
|
|
70
|
+
option: '--email [email]'
|
|
71
|
+
},
|
|
47
72
|
{
|
|
48
73
|
option: '-p, --properties [properties]'
|
|
49
74
|
}
|
|
@@ -52,11 +77,13 @@ class AadUserGetCommand extends GraphCommand_1.default {
|
|
|
52
77
|
return options.concat(parentOptions);
|
|
53
78
|
}
|
|
54
79
|
validate(args) {
|
|
55
|
-
if (!args.options.id && !args.options.userName) {
|
|
56
|
-
return 'Specify
|
|
80
|
+
if (!args.options.id && !args.options.userName && !args.options.email) {
|
|
81
|
+
return 'Specify id, userName or email, one is required';
|
|
57
82
|
}
|
|
58
|
-
if (args.options.id && args.options.
|
|
59
|
-
|
|
83
|
+
if ((args.options.id && args.options.email) ||
|
|
84
|
+
(args.options.id && args.options.userName) ||
|
|
85
|
+
(args.options.userName && args.options.email)) {
|
|
86
|
+
return 'Use either id, userName or email, but not all';
|
|
60
87
|
}
|
|
61
88
|
if (args.options.id &&
|
|
62
89
|
!Utils_1.default.isValidGuid(args.options.id)) {
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const request_1 = require("../../../../request");
|
|
4
|
+
const Utils_1 = require("../../../../Utils");
|
|
5
|
+
const AnonymousCommand_1 = require("../../../base/AnonymousCommand");
|
|
6
|
+
const commands_1 = require("../../commands");
|
|
7
|
+
class AadUserHibpCommand extends AnonymousCommand_1.default {
|
|
8
|
+
get name() {
|
|
9
|
+
return commands_1.default.USER_HIBP;
|
|
10
|
+
}
|
|
11
|
+
get description() {
|
|
12
|
+
return 'Allows you to retrieve all accounts that have been pwned with the specified username';
|
|
13
|
+
}
|
|
14
|
+
getTelemetryProperties(args) {
|
|
15
|
+
const telemetryProps = super.getTelemetryProperties(args);
|
|
16
|
+
telemetryProps.domain = args.options.domain;
|
|
17
|
+
return telemetryProps;
|
|
18
|
+
}
|
|
19
|
+
commandAction(logger, args, cb) {
|
|
20
|
+
const requestOptions = {
|
|
21
|
+
url: `https://haveibeenpwned.com/api/v3/breachedaccount/${encodeURIComponent(args.options.userName)}${(args.options.domain ? `?domain=${encodeURIComponent(args.options.domain)}` : '')}`,
|
|
22
|
+
headers: {
|
|
23
|
+
'accept': 'application/json',
|
|
24
|
+
'hibp-api-key': args.options.apiKey,
|
|
25
|
+
'x-anonymous': true
|
|
26
|
+
},
|
|
27
|
+
responseType: 'json'
|
|
28
|
+
};
|
|
29
|
+
request_1.default
|
|
30
|
+
.get(requestOptions)
|
|
31
|
+
.then((res) => {
|
|
32
|
+
logger.log(res);
|
|
33
|
+
cb();
|
|
34
|
+
})
|
|
35
|
+
.catch((err) => {
|
|
36
|
+
if ((err && err.response !== undefined && err.response.status === 404) && (this.debug || this.verbose)) {
|
|
37
|
+
logger.log('No pwnage found');
|
|
38
|
+
cb();
|
|
39
|
+
return;
|
|
40
|
+
}
|
|
41
|
+
return this.handleRejectedODataJsonPromise(err, logger, cb);
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
options() {
|
|
45
|
+
const options = [
|
|
46
|
+
{
|
|
47
|
+
option: '-n, --userName <userName>'
|
|
48
|
+
},
|
|
49
|
+
{
|
|
50
|
+
option: '--apiKey, <apiKey>'
|
|
51
|
+
},
|
|
52
|
+
{
|
|
53
|
+
option: '--domain, [domain]'
|
|
54
|
+
}
|
|
55
|
+
];
|
|
56
|
+
const parentOptions = super.options();
|
|
57
|
+
return options.concat(parentOptions);
|
|
58
|
+
}
|
|
59
|
+
validate(args) {
|
|
60
|
+
if (!Utils_1.default.isValidUserPrincipalName(args.options.userName)) {
|
|
61
|
+
return 'Specify valid userName';
|
|
62
|
+
}
|
|
63
|
+
return true;
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
module.exports = new AadUserHibpCommand();
|
|
67
|
+
//# sourceMappingURL=user-hibp.js.map
|
|
@@ -15,6 +15,7 @@ class AadUserListCommand extends GraphItemsListCommand_1.GraphItemsListCommand {
|
|
|
15
15
|
getTelemetryProperties(args) {
|
|
16
16
|
const telemetryProps = super.getTelemetryProperties(args);
|
|
17
17
|
telemetryProps.properties = args.options.properties;
|
|
18
|
+
telemetryProps.deleted = typeof args.options.deleted !== 'undefined';
|
|
18
19
|
return telemetryProps;
|
|
19
20
|
}
|
|
20
21
|
commandAction(logger, args, cb) {
|
|
@@ -22,7 +23,8 @@ class AadUserListCommand extends GraphItemsListCommand_1.GraphItemsListCommand {
|
|
|
22
23
|
args.options.properties.split(',').map(p => p.trim()) :
|
|
23
24
|
['userPrincipalName', 'displayName'];
|
|
24
25
|
const filter = this.getFilter(args.options);
|
|
25
|
-
const
|
|
26
|
+
const endpoint = args.options.deleted ? 'directory/deletedItems/microsoft.graph.user' : 'users';
|
|
27
|
+
const url = `${this.resource}/v1.0/${endpoint}?$select=${properties.join(',')}${(filter.length > 0 ? '&' + filter : '')}&$top=100`;
|
|
26
28
|
this
|
|
27
29
|
.getAllItems(url, logger, true)
|
|
28
30
|
.then(() => {
|
|
@@ -35,6 +37,8 @@ class AadUserListCommand extends GraphItemsListCommand_1.GraphItemsListCommand {
|
|
|
35
37
|
const excludeOptions = [
|
|
36
38
|
'properties',
|
|
37
39
|
'p',
|
|
40
|
+
'deleted',
|
|
41
|
+
'd',
|
|
38
42
|
'debug',
|
|
39
43
|
'verbose',
|
|
40
44
|
'output',
|
|
@@ -55,9 +59,8 @@ class AadUserListCommand extends GraphItemsListCommand_1.GraphItemsListCommand {
|
|
|
55
59
|
}
|
|
56
60
|
options() {
|
|
57
61
|
const options = [
|
|
58
|
-
{
|
|
59
|
-
|
|
60
|
-
}
|
|
62
|
+
{ option: '-p, --properties [properties]' },
|
|
63
|
+
{ option: '-d, --deleted' }
|
|
61
64
|
];
|
|
62
65
|
const parentOptions = super.options();
|
|
63
66
|
return options.concat(parentOptions);
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const request_1 = require("../../../../request");
|
|
4
|
+
const GraphCommand_1 = require("../../../base/GraphCommand");
|
|
5
|
+
const commands_1 = require("../../commands");
|
|
6
|
+
class AadUserPasswordValidateCommand extends GraphCommand_1.default {
|
|
7
|
+
get name() {
|
|
8
|
+
return commands_1.default.USER_PASSWORD_VALIDATE;
|
|
9
|
+
}
|
|
10
|
+
get description() {
|
|
11
|
+
return "Check a user's password against the organization's password validation policy";
|
|
12
|
+
}
|
|
13
|
+
commandAction(logger, args, cb) {
|
|
14
|
+
const requestOptions = {
|
|
15
|
+
url: `${this.resource}/beta/users/validatePassword`,
|
|
16
|
+
headers: {
|
|
17
|
+
accept: 'application/json;odata.metadata=none'
|
|
18
|
+
},
|
|
19
|
+
data: {
|
|
20
|
+
password: args.options.password
|
|
21
|
+
},
|
|
22
|
+
responseType: 'json'
|
|
23
|
+
};
|
|
24
|
+
request_1.default
|
|
25
|
+
.post(requestOptions)
|
|
26
|
+
.then((res) => {
|
|
27
|
+
logger.log(res);
|
|
28
|
+
cb();
|
|
29
|
+
}, (err) => this.handleRejectedODataJsonPromise(err, logger, cb));
|
|
30
|
+
}
|
|
31
|
+
options() {
|
|
32
|
+
const options = [
|
|
33
|
+
{
|
|
34
|
+
option: '-p, --password <password>'
|
|
35
|
+
}
|
|
36
|
+
];
|
|
37
|
+
const parentOptions = super.options();
|
|
38
|
+
return options.concat(parentOptions);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
module.exports = new AadUserPasswordValidateCommand();
|
|
42
|
+
//# sourceMappingURL=user-password-validate.js.map
|
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
const prefix = 'aad';
|
|
4
4
|
exports.default = {
|
|
5
5
|
APP_ADD: `${prefix} app add`,
|
|
6
|
+
APP_GET: `${prefix} app get`,
|
|
6
7
|
APP_SET: `${prefix} app set`,
|
|
7
8
|
APP_ROLE_ADD: `${prefix} app role add`,
|
|
8
9
|
APP_ROLE_LIST: `${prefix} app role list`,
|
|
@@ -10,6 +11,7 @@ exports.default = {
|
|
|
10
11
|
APPROLEASSIGNMENT_ADD: `${prefix} approleassignment add`,
|
|
11
12
|
APPROLEASSIGNMENT_LIST: `${prefix} approleassignment list`,
|
|
12
13
|
APPROLEASSIGNMENT_REMOVE: `${prefix} approleassignment remove`,
|
|
14
|
+
GROUP_LIST: `${prefix} group list`,
|
|
13
15
|
GROUPSETTING_ADD: `${prefix} groupsetting add`,
|
|
14
16
|
GROUPSETTING_GET: `${prefix} groupsetting get`,
|
|
15
17
|
GROUPSETTING_LIST: `${prefix} groupsetting list`,
|
|
@@ -49,7 +51,9 @@ exports.default = {
|
|
|
49
51
|
SP_ADD: `${prefix} sp add`,
|
|
50
52
|
SP_GET: `${prefix} sp get`,
|
|
51
53
|
USER_GET: `${prefix} user get`,
|
|
54
|
+
USER_HIBP: `${prefix} user hibp`,
|
|
52
55
|
USER_LIST: `${prefix} user list`,
|
|
56
|
+
USER_PASSWORD_VALIDATE: `${prefix} user password validate`,
|
|
53
57
|
USER_SET: `${prefix} user set`
|
|
54
58
|
};
|
|
55
59
|
//# sourceMappingURL=commands.js.map
|
|
@@ -0,0 +1,266 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
const cli_1 = require("../../../../cli");
|
|
13
|
+
const request_1 = require("../../../../request");
|
|
14
|
+
const appGetCommand = require("../../../aad/commands/app/app-get");
|
|
15
|
+
const AppCommand_1 = require("../../../base/AppCommand");
|
|
16
|
+
const commands_1 = require("../../commands");
|
|
17
|
+
var GetServicePrincipal;
|
|
18
|
+
(function (GetServicePrincipal) {
|
|
19
|
+
GetServicePrincipal[GetServicePrincipal["withPermissions"] = 0] = "withPermissions";
|
|
20
|
+
GetServicePrincipal[GetServicePrincipal["withPermissionDefinitions"] = 1] = "withPermissionDefinitions";
|
|
21
|
+
})(GetServicePrincipal || (GetServicePrincipal = {}));
|
|
22
|
+
class AppPermissionListCommand extends AppCommand_1.default {
|
|
23
|
+
get name() {
|
|
24
|
+
return commands_1.default.PERMISSION_LIST;
|
|
25
|
+
}
|
|
26
|
+
get description() {
|
|
27
|
+
return 'Lists API permissions for the current AAD app';
|
|
28
|
+
}
|
|
29
|
+
commandAction(logger, args, cb) {
|
|
30
|
+
this
|
|
31
|
+
.getServicePrincipal({ appId: this.appId }, logger, GetServicePrincipal.withPermissions)
|
|
32
|
+
.then(servicePrincipal => {
|
|
33
|
+
if (servicePrincipal) {
|
|
34
|
+
// service principal found, get permissions from the service principal
|
|
35
|
+
return this.getServicePrincipalPermissions(servicePrincipal, logger);
|
|
36
|
+
}
|
|
37
|
+
else {
|
|
38
|
+
// service principal not found, get permissions from app registration
|
|
39
|
+
return this.getAppRegPermissions(this.appId, logger);
|
|
40
|
+
}
|
|
41
|
+
})
|
|
42
|
+
.then(permissions => {
|
|
43
|
+
logger.log(permissions);
|
|
44
|
+
cb();
|
|
45
|
+
}, err => this.handleRejectedODataJsonPromise(err, logger, cb));
|
|
46
|
+
}
|
|
47
|
+
getServicePrincipal(servicePrincipalInfo, logger, mode) {
|
|
48
|
+
var _a;
|
|
49
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
50
|
+
if (this.verbose) {
|
|
51
|
+
logger.logToStderr(`Retrieving service principal ${(_a = servicePrincipalInfo.appId) !== null && _a !== void 0 ? _a : servicePrincipalInfo.id}`);
|
|
52
|
+
}
|
|
53
|
+
const lookupUrl = servicePrincipalInfo.appId ? `?$filter=appId eq '${servicePrincipalInfo.appId}'&` : `/${servicePrincipalInfo.id}?`;
|
|
54
|
+
const requestOptions = {
|
|
55
|
+
url: `${this.resource}/v1.0/servicePrincipals${lookupUrl}$select=appId,id,displayName`,
|
|
56
|
+
headers: {
|
|
57
|
+
accept: 'application/json;odata.metadata=none'
|
|
58
|
+
},
|
|
59
|
+
responseType: 'json'
|
|
60
|
+
};
|
|
61
|
+
const response = yield request_1.default.get(requestOptions);
|
|
62
|
+
if ((servicePrincipalInfo.id && !response) ||
|
|
63
|
+
(servicePrincipalInfo.appId && response.value.length === 0)) {
|
|
64
|
+
return undefined;
|
|
65
|
+
}
|
|
66
|
+
const servicePrincipal = servicePrincipalInfo.appId ?
|
|
67
|
+
response.value[0] :
|
|
68
|
+
response;
|
|
69
|
+
if (this.verbose) {
|
|
70
|
+
logger.logToStderr(`Retrieving permissions for service principal ${servicePrincipal.id}...`);
|
|
71
|
+
}
|
|
72
|
+
const permissionsPromises = [];
|
|
73
|
+
switch (mode) {
|
|
74
|
+
case GetServicePrincipal.withPermissions:
|
|
75
|
+
const appRoleAssignmentsRequestOptions = {
|
|
76
|
+
url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/appRoleAssignments`,
|
|
77
|
+
headers: {
|
|
78
|
+
accept: 'application/json;odata.metadata=none'
|
|
79
|
+
},
|
|
80
|
+
responseType: 'json'
|
|
81
|
+
};
|
|
82
|
+
const oauth2PermissionGrantsRequestOptions = {
|
|
83
|
+
url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/oauth2PermissionGrants`,
|
|
84
|
+
headers: {
|
|
85
|
+
accept: 'application/json;odata.metadata=none'
|
|
86
|
+
},
|
|
87
|
+
responseType: 'json'
|
|
88
|
+
};
|
|
89
|
+
permissionsPromises.push(...[
|
|
90
|
+
request_1.default.get(appRoleAssignmentsRequestOptions),
|
|
91
|
+
request_1.default.get(oauth2PermissionGrantsRequestOptions)
|
|
92
|
+
]);
|
|
93
|
+
break;
|
|
94
|
+
case GetServicePrincipal.withPermissionDefinitions:
|
|
95
|
+
const oauth2PermissionScopesRequestOptions = {
|
|
96
|
+
url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/oauth2PermissionScopes`,
|
|
97
|
+
headers: {
|
|
98
|
+
accept: 'application/json;odata.metadata=none'
|
|
99
|
+
},
|
|
100
|
+
responseType: 'json'
|
|
101
|
+
};
|
|
102
|
+
const appRolesRequestOptions = {
|
|
103
|
+
url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/appRoles`,
|
|
104
|
+
headers: {
|
|
105
|
+
accept: 'application/json;odata.metadata=none'
|
|
106
|
+
},
|
|
107
|
+
responseType: 'json'
|
|
108
|
+
};
|
|
109
|
+
permissionsPromises.push(...[
|
|
110
|
+
request_1.default.get(oauth2PermissionScopesRequestOptions),
|
|
111
|
+
request_1.default.get(appRolesRequestOptions)
|
|
112
|
+
]);
|
|
113
|
+
break;
|
|
114
|
+
}
|
|
115
|
+
const permissions = yield Promise.all(permissionsPromises);
|
|
116
|
+
switch (mode) {
|
|
117
|
+
case GetServicePrincipal.withPermissions:
|
|
118
|
+
servicePrincipal.appRoleAssignments = permissions[0].value;
|
|
119
|
+
servicePrincipal.oauth2PermissionGrants = permissions[1].value;
|
|
120
|
+
break;
|
|
121
|
+
case GetServicePrincipal.withPermissionDefinitions:
|
|
122
|
+
servicePrincipal.oauth2PermissionScopes = permissions[0].value;
|
|
123
|
+
servicePrincipal.appRoles = permissions[1].value;
|
|
124
|
+
break;
|
|
125
|
+
}
|
|
126
|
+
return servicePrincipal;
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
getServicePrincipalPermissions(servicePrincipal, logger) {
|
|
130
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
131
|
+
if (this.verbose) {
|
|
132
|
+
logger.logToStderr(`Resolving permissions for the service principal...`);
|
|
133
|
+
}
|
|
134
|
+
const apiPermissions = [];
|
|
135
|
+
// hash table for resolving resource IDs to names
|
|
136
|
+
const resourceLookup = {};
|
|
137
|
+
// list of service principals for which to load permissions
|
|
138
|
+
const servicePrincipalsToResolve = [];
|
|
139
|
+
const appRoleAssignments = servicePrincipal.appRoleAssignments;
|
|
140
|
+
apiPermissions.push(...appRoleAssignments.map(appRoleAssignment => {
|
|
141
|
+
// store resource name for resolving OAuth2 grants
|
|
142
|
+
resourceLookup[appRoleAssignment.resourceId] = appRoleAssignment.resourceDisplayName;
|
|
143
|
+
// add to the list of service principals to load to get the app role
|
|
144
|
+
// display name
|
|
145
|
+
if (!servicePrincipalsToResolve.find(r => r.id === appRoleAssignment.resourceId)) {
|
|
146
|
+
servicePrincipalsToResolve.push({ id: appRoleAssignment.resourceId });
|
|
147
|
+
}
|
|
148
|
+
return {
|
|
149
|
+
resource: appRoleAssignment.resourceDisplayName,
|
|
150
|
+
// we store the app role ID temporarily and will later resolve to display name
|
|
151
|
+
permission: appRoleAssignment.appRoleId,
|
|
152
|
+
type: 'Application'
|
|
153
|
+
};
|
|
154
|
+
}));
|
|
155
|
+
const oauth2Grants = servicePrincipal.oauth2PermissionGrants;
|
|
156
|
+
oauth2Grants.forEach(oauth2Grant => {
|
|
157
|
+
var _a;
|
|
158
|
+
// see if we can resolve the resource name from the resources
|
|
159
|
+
// retrieved from app role assignments
|
|
160
|
+
const resource = (_a = resourceLookup[oauth2Grant.resourceId]) !== null && _a !== void 0 ? _a : oauth2Grant.resourceId;
|
|
161
|
+
if (resource === oauth2Grant.resourceId &&
|
|
162
|
+
!servicePrincipalsToResolve.find(r => r.id === oauth2Grant.resourceId)) {
|
|
163
|
+
// resource name not found in the resources
|
|
164
|
+
// add it to the list of resources to resolve
|
|
165
|
+
servicePrincipalsToResolve.push({ id: oauth2Grant.resourceId });
|
|
166
|
+
}
|
|
167
|
+
const scopes = oauth2Grant.scope.split(' ');
|
|
168
|
+
scopes.forEach(scope => {
|
|
169
|
+
apiPermissions.push({
|
|
170
|
+
resource,
|
|
171
|
+
permission: scope,
|
|
172
|
+
type: 'Delegated'
|
|
173
|
+
});
|
|
174
|
+
});
|
|
175
|
+
});
|
|
176
|
+
if (servicePrincipalsToResolve.length > 0) {
|
|
177
|
+
const servicePrincipals = yield Promise
|
|
178
|
+
.all(servicePrincipalsToResolve
|
|
179
|
+
.map(servicePrincipalInfo => this.getServicePrincipal(servicePrincipalInfo, logger, GetServicePrincipal.withPermissionDefinitions)));
|
|
180
|
+
servicePrincipals.forEach(servicePrincipal => {
|
|
181
|
+
apiPermissions.forEach(apiPermission => {
|
|
182
|
+
var _a, _b;
|
|
183
|
+
if (apiPermission.resource === servicePrincipal.id) {
|
|
184
|
+
apiPermission.resource = servicePrincipal.displayName;
|
|
185
|
+
}
|
|
186
|
+
if (apiPermission.resource === servicePrincipal.displayName &&
|
|
187
|
+
apiPermission.type === 'Application') {
|
|
188
|
+
apiPermission.permission = (_b = (_a = servicePrincipal.appRoles
|
|
189
|
+
.find(appRole => appRole.id === apiPermission.permission)) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : apiPermission.permission;
|
|
190
|
+
}
|
|
191
|
+
});
|
|
192
|
+
});
|
|
193
|
+
}
|
|
194
|
+
return apiPermissions;
|
|
195
|
+
});
|
|
196
|
+
}
|
|
197
|
+
getAppRegistration(appId, logger) {
|
|
198
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
199
|
+
if (this.verbose) {
|
|
200
|
+
logger.logToStderr(`Retrieving Azure AD application registration ${appId}`);
|
|
201
|
+
}
|
|
202
|
+
const options = {
|
|
203
|
+
appId: appId,
|
|
204
|
+
output: 'json',
|
|
205
|
+
debug: this.debug,
|
|
206
|
+
verbose: this.verbose
|
|
207
|
+
};
|
|
208
|
+
const output = yield cli_1.Cli.executeCommandWithOutput(appGetCommand, { options: Object.assign(Object.assign({}, options), { _: [] }) });
|
|
209
|
+
if (this.debug) {
|
|
210
|
+
logger.logToStderr(output.stderr);
|
|
211
|
+
}
|
|
212
|
+
return JSON.parse(output.stdout);
|
|
213
|
+
});
|
|
214
|
+
}
|
|
215
|
+
getAppRegPermissions(appId, logger) {
|
|
216
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
217
|
+
const application = yield this.getAppRegistration(appId, logger);
|
|
218
|
+
if (application.requiredResourceAccess.length === 0) {
|
|
219
|
+
return [];
|
|
220
|
+
}
|
|
221
|
+
const servicePrincipalsToResolve = application.requiredResourceAccess
|
|
222
|
+
.map(resourceAccess => {
|
|
223
|
+
return {
|
|
224
|
+
appId: resourceAccess.resourceAppId
|
|
225
|
+
};
|
|
226
|
+
});
|
|
227
|
+
const servicePrincipals = yield Promise
|
|
228
|
+
.all(servicePrincipalsToResolve.map(servicePrincipalInfo => this.getServicePrincipal(servicePrincipalInfo, logger, GetServicePrincipal.withPermissionDefinitions)));
|
|
229
|
+
const apiPermissions = [];
|
|
230
|
+
application.requiredResourceAccess.forEach(requiredResourceAccess => {
|
|
231
|
+
var _a;
|
|
232
|
+
const servicePrincipal = servicePrincipals
|
|
233
|
+
.find(servicePrincipal => (servicePrincipal === null || servicePrincipal === void 0 ? void 0 : servicePrincipal.appId) === requiredResourceAccess.resourceAppId);
|
|
234
|
+
const resourceName = (_a = servicePrincipal === null || servicePrincipal === void 0 ? void 0 : servicePrincipal.displayName) !== null && _a !== void 0 ? _a : requiredResourceAccess.resourceAppId;
|
|
235
|
+
requiredResourceAccess.resourceAccess.forEach(permission => {
|
|
236
|
+
apiPermissions.push({
|
|
237
|
+
resource: resourceName,
|
|
238
|
+
permission: this.getPermissionName(permission.id, permission.type, servicePrincipal),
|
|
239
|
+
type: permission.type === 'Role' ? 'Application' : 'Delegated'
|
|
240
|
+
});
|
|
241
|
+
});
|
|
242
|
+
});
|
|
243
|
+
return apiPermissions;
|
|
244
|
+
});
|
|
245
|
+
}
|
|
246
|
+
getPermissionName(permissionId, permissionType, servicePrincipal) {
|
|
247
|
+
var _a, _b, _c, _d;
|
|
248
|
+
if (!servicePrincipal) {
|
|
249
|
+
return permissionId;
|
|
250
|
+
}
|
|
251
|
+
switch (permissionType) {
|
|
252
|
+
case 'Role':
|
|
253
|
+
return (_b = (_a = servicePrincipal.appRoles
|
|
254
|
+
.find(appRole => appRole.id === permissionId)) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : permissionId;
|
|
255
|
+
case 'Scope':
|
|
256
|
+
return (_d = (_c = servicePrincipal.oauth2PermissionScopes
|
|
257
|
+
.find(permissionScope => permissionScope.id === permissionId)) === null || _c === void 0 ? void 0 : _c.value) !== null && _d !== void 0 ? _d : permissionId;
|
|
258
|
+
}
|
|
259
|
+
/* c8 ignore next 4 */
|
|
260
|
+
// permissionType is either 'Scope' or 'Role' but we need a safe default
|
|
261
|
+
// to avoid building errors. This code will never be reached.
|
|
262
|
+
return permissionId;
|
|
263
|
+
}
|
|
264
|
+
}
|
|
265
|
+
module.exports = new AppPermissionListCommand();
|
|
266
|
+
//# sourceMappingURL=permission-list.js.map
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const fs = require("fs");
|
|
4
|
+
const cli_1 = require("../../cli");
|
|
5
|
+
const Command_1 = require("../../Command");
|
|
6
|
+
const Utils_1 = require("../../Utils");
|
|
7
|
+
class AppCommand extends Command_1.default {
|
|
8
|
+
get resource() {
|
|
9
|
+
return 'https://graph.microsoft.com';
|
|
10
|
+
}
|
|
11
|
+
action(logger, args, cb) {
|
|
12
|
+
const m365rcJsonPath = '.m365rc.json';
|
|
13
|
+
if (!fs.existsSync(m365rcJsonPath)) {
|
|
14
|
+
return cb(new Command_1.CommandError(`Could not find file: ${m365rcJsonPath}`));
|
|
15
|
+
}
|
|
16
|
+
try {
|
|
17
|
+
const m365rcJsonContents = fs.readFileSync(m365rcJsonPath, 'utf8');
|
|
18
|
+
if (!m365rcJsonContents) {
|
|
19
|
+
return cb(new Command_1.CommandError(`File ${m365rcJsonPath} is empty`));
|
|
20
|
+
}
|
|
21
|
+
this.m365rcJson = JSON.parse(m365rcJsonContents);
|
|
22
|
+
}
|
|
23
|
+
catch (e) {
|
|
24
|
+
return cb(new Command_1.CommandError(`Could not parse file: ${m365rcJsonPath}`));
|
|
25
|
+
}
|
|
26
|
+
if (!this.m365rcJson.apps ||
|
|
27
|
+
this.m365rcJson.apps.length === 0) {
|
|
28
|
+
return cb(new Command_1.CommandError(`No Azure AD apps found in ${m365rcJsonPath}`));
|
|
29
|
+
}
|
|
30
|
+
if (args.options.appId) {
|
|
31
|
+
if (!this.m365rcJson.apps.some(app => app.appId === args.options.appId)) {
|
|
32
|
+
return cb(new Command_1.CommandError(`App ${args.options.appId} not found in ${m365rcJsonPath}`));
|
|
33
|
+
}
|
|
34
|
+
this.appId = args.options.appId;
|
|
35
|
+
return super.action(logger, args, cb);
|
|
36
|
+
}
|
|
37
|
+
if (this.m365rcJson.apps.length === 1) {
|
|
38
|
+
this.appId = this.m365rcJson.apps[0].appId;
|
|
39
|
+
return super.action(logger, args, cb);
|
|
40
|
+
}
|
|
41
|
+
if (this.m365rcJson.apps.length > 1) {
|
|
42
|
+
cli_1.Cli.prompt({
|
|
43
|
+
message: `Multiple Azure AD apps found in ${m365rcJsonPath}. Which app would you like to use?`,
|
|
44
|
+
type: 'list',
|
|
45
|
+
choices: this.m365rcJson.apps.map((app, i) => {
|
|
46
|
+
return {
|
|
47
|
+
name: `${app.name} (${app.appId})`,
|
|
48
|
+
value: i
|
|
49
|
+
};
|
|
50
|
+
}),
|
|
51
|
+
default: 0,
|
|
52
|
+
name: 'appIdIndex'
|
|
53
|
+
}, (result) => {
|
|
54
|
+
this.appId = this.m365rcJson.apps[result.appIdIndex].appId;
|
|
55
|
+
super.action(logger, args, cb);
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
options() {
|
|
60
|
+
const options = [
|
|
61
|
+
{
|
|
62
|
+
option: '--appId [appId]'
|
|
63
|
+
}
|
|
64
|
+
];
|
|
65
|
+
const parentOptions = super.options();
|
|
66
|
+
return options.concat(parentOptions);
|
|
67
|
+
}
|
|
68
|
+
validate(args) {
|
|
69
|
+
if (args.options.appId && !Utils_1.default.isValidGuid(args.options.appId)) {
|
|
70
|
+
return `${args.options.appId} is not a valid GUID`;
|
|
71
|
+
}
|
|
72
|
+
return true;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
exports.default = AppCommand;
|
|
76
|
+
//# sourceMappingURL=AppCommand.js.map
|