@uipath/gov-tool 0.3.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/tool.js +548 -357
- package/package.json +4 -12
package/dist/tool.js
CHANGED
|
@@ -1004,7 +1004,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
1004
1004
|
this._exitCallback = (err) => {
|
|
1005
1005
|
if (err.code !== "commander.executeSubCommandAsync") {
|
|
1006
1006
|
throw err;
|
|
1007
|
-
}
|
|
1007
|
+
}
|
|
1008
1008
|
};
|
|
1009
1009
|
}
|
|
1010
1010
|
return this;
|
|
@@ -2980,16 +2980,14 @@ var init_node = __esm(() => {
|
|
|
2980
2980
|
init_open();
|
|
2981
2981
|
});
|
|
2982
2982
|
var fsInstance;
|
|
2983
|
-
var getFileSystem = () =>
|
|
2984
|
-
return fsInstance;
|
|
2985
|
-
};
|
|
2983
|
+
var getFileSystem = () => fsInstance;
|
|
2986
2984
|
var init_src = __esm(() => {
|
|
2987
2985
|
init_node();
|
|
2988
2986
|
init_node();
|
|
2989
2987
|
fsInstance = new NodeFileSystem;
|
|
2990
2988
|
});
|
|
2991
2989
|
var require_coreipc = __commonJS2((exports, module) => {
|
|
2992
|
-
var __dirname3 = "/
|
|
2990
|
+
var __dirname3 = "/Users/alexandru.oltean/github/cli/node_modules/@uipath/coreipc";
|
|
2993
2991
|
/*! For license information please see index.js.LICENSE.txt */
|
|
2994
2992
|
(function(e, t) {
|
|
2995
2993
|
typeof exports == "object" && typeof module == "object" ? module.exports = t() : typeof define == "function" && define.amd ? define([], t) : typeof exports == "object" ? exports.ipc = t() : e.ipc = t();
|
|
@@ -20791,7 +20789,7 @@ var require_dist = __commonJS2((exports) => {
|
|
|
20791
20789
|
});
|
|
20792
20790
|
var package_default = {
|
|
20793
20791
|
name: "@uipath/access-policy-tool",
|
|
20794
|
-
version: "
|
|
20792
|
+
version: "1.1.0",
|
|
20795
20793
|
description: "Manage UiPath Access Policies, rules, and compliance evaluations.",
|
|
20796
20794
|
private: false,
|
|
20797
20795
|
repository: {
|
|
@@ -20828,7 +20826,7 @@ var package_default = {
|
|
|
20828
20826
|
commander: "^14.0.3",
|
|
20829
20827
|
"@uipath/common": "workspace:*",
|
|
20830
20828
|
"@uipath/filesystem": "workspace:*",
|
|
20831
|
-
"@uipath/
|
|
20829
|
+
"@uipath/authz-sdk": "workspace:*",
|
|
20832
20830
|
"@types/node": "^25.5.2",
|
|
20833
20831
|
typescript: "^6.0.2"
|
|
20834
20832
|
}
|
|
@@ -21019,10 +21017,6 @@ class ResponseError extends Error {
|
|
|
21019
21017
|
constructor(response, msg) {
|
|
21020
21018
|
super(msg);
|
|
21021
21019
|
this.response = response;
|
|
21022
|
-
const actualProto = new.target.prototype;
|
|
21023
|
-
if (Object.setPrototypeOf) {
|
|
21024
|
-
Object.setPrototypeOf(this, actualProto);
|
|
21025
|
-
}
|
|
21026
21020
|
}
|
|
21027
21021
|
}
|
|
21028
21022
|
|
|
@@ -21032,10 +21026,6 @@ class FetchError extends Error {
|
|
|
21032
21026
|
constructor(cause, msg) {
|
|
21033
21027
|
super(msg);
|
|
21034
21028
|
this.cause = cause;
|
|
21035
|
-
const actualProto = new.target.prototype;
|
|
21036
|
-
if (Object.setPrototypeOf) {
|
|
21037
|
-
Object.setPrototypeOf(this, actualProto);
|
|
21038
|
-
}
|
|
21039
21029
|
}
|
|
21040
21030
|
}
|
|
21041
21031
|
|
|
@@ -21045,10 +21035,6 @@ class RequiredError extends Error {
|
|
|
21045
21035
|
constructor(field, msg) {
|
|
21046
21036
|
super(msg);
|
|
21047
21037
|
this.field = field;
|
|
21048
|
-
const actualProto = new.target.prototype;
|
|
21049
|
-
if (Object.setPrototypeOf) {
|
|
21050
|
-
Object.setPrototypeOf(this, actualProto);
|
|
21051
|
-
}
|
|
21052
21038
|
}
|
|
21053
21039
|
}
|
|
21054
21040
|
function querystring(params, prefix = "") {
|
|
@@ -21138,30 +21124,6 @@ function PolicyActorTypePolicyEntityRuleToJSONTyped(value, ignoreDiscriminator =
|
|
|
21138
21124
|
operator: PolicyOperatorToJSON(value["operator"])
|
|
21139
21125
|
};
|
|
21140
21126
|
}
|
|
21141
|
-
function PolicyAttributeRuleFromJSON(json) {
|
|
21142
|
-
return PolicyAttributeRuleFromJSONTyped(json, false);
|
|
21143
|
-
}
|
|
21144
|
-
function PolicyAttributeRuleFromJSONTyped(json, ignoreDiscriminator) {
|
|
21145
|
-
if (json == null) {
|
|
21146
|
-
return json;
|
|
21147
|
-
}
|
|
21148
|
-
return {
|
|
21149
|
-
values: json["values"] == null ? undefined : json["values"],
|
|
21150
|
-
operator: json["operator"] == null ? undefined : PolicyOperatorFromJSON(json["operator"])
|
|
21151
|
-
};
|
|
21152
|
-
}
|
|
21153
|
-
function PolicyAttributeRuleToJSON(json) {
|
|
21154
|
-
return PolicyAttributeRuleToJSONTyped(json, false);
|
|
21155
|
-
}
|
|
21156
|
-
function PolicyAttributeRuleToJSONTyped(value, ignoreDiscriminator = false) {
|
|
21157
|
-
if (value == null) {
|
|
21158
|
-
return value;
|
|
21159
|
-
}
|
|
21160
|
-
return {
|
|
21161
|
-
values: value["values"],
|
|
21162
|
-
operator: PolicyOperatorToJSON(value["operator"])
|
|
21163
|
-
};
|
|
21164
|
-
}
|
|
21165
21127
|
function ActorRuleFromJSON(json) {
|
|
21166
21128
|
return ActorRuleFromJSONTyped(json, false);
|
|
21167
21129
|
}
|
|
@@ -21170,8 +21132,7 @@ function ActorRuleFromJSONTyped(json, ignoreDiscriminator) {
|
|
|
21170
21132
|
return json;
|
|
21171
21133
|
}
|
|
21172
21134
|
return {
|
|
21173
|
-
values: json["values"] == null ? undefined : json["values"].map(PolicyActorTypePolicyEntityRuleFromJSON)
|
|
21174
|
-
groupMemberships: json["groupMemberships"] == null ? undefined : PolicyAttributeRuleFromJSON(json["groupMemberships"])
|
|
21135
|
+
values: json["values"] == null ? undefined : json["values"].map(PolicyActorTypePolicyEntityRuleFromJSON)
|
|
21175
21136
|
};
|
|
21176
21137
|
}
|
|
21177
21138
|
function ActorRuleToJSON(json) {
|
|
@@ -21182,8 +21143,7 @@ function ActorRuleToJSONTyped(value, ignoreDiscriminator = false) {
|
|
|
21182
21143
|
return value;
|
|
21183
21144
|
}
|
|
21184
21145
|
return {
|
|
21185
|
-
values: value["values"] == null ? undefined : value["values"].map(PolicyActorTypePolicyEntityRuleToJSON)
|
|
21186
|
-
groupMemberships: PolicyAttributeRuleToJSON(value["groupMemberships"])
|
|
21146
|
+
values: value["values"] == null ? undefined : value["values"].map(PolicyActorTypePolicyEntityRuleToJSON)
|
|
21187
21147
|
};
|
|
21188
21148
|
}
|
|
21189
21149
|
var PolicyExecutableType = {
|
|
@@ -21227,6 +21187,30 @@ function PolicyExecutableTypePolicyEntityRuleToJSONTyped(value, ignoreDiscrimina
|
|
|
21227
21187
|
operator: PolicyOperatorToJSON(value["operator"])
|
|
21228
21188
|
};
|
|
21229
21189
|
}
|
|
21190
|
+
function PolicyAttributeRuleFromJSON(json) {
|
|
21191
|
+
return PolicyAttributeRuleFromJSONTyped(json, false);
|
|
21192
|
+
}
|
|
21193
|
+
function PolicyAttributeRuleFromJSONTyped(json, ignoreDiscriminator) {
|
|
21194
|
+
if (json == null) {
|
|
21195
|
+
return json;
|
|
21196
|
+
}
|
|
21197
|
+
return {
|
|
21198
|
+
values: json["values"] == null ? undefined : json["values"],
|
|
21199
|
+
operator: json["operator"] == null ? undefined : PolicyOperatorFromJSON(json["operator"])
|
|
21200
|
+
};
|
|
21201
|
+
}
|
|
21202
|
+
function PolicyAttributeRuleToJSON(json) {
|
|
21203
|
+
return PolicyAttributeRuleToJSONTyped(json, false);
|
|
21204
|
+
}
|
|
21205
|
+
function PolicyAttributeRuleToJSONTyped(value, ignoreDiscriminator = false) {
|
|
21206
|
+
if (value == null) {
|
|
21207
|
+
return value;
|
|
21208
|
+
}
|
|
21209
|
+
return {
|
|
21210
|
+
values: value["values"],
|
|
21211
|
+
operator: PolicyOperatorToJSON(value["operator"])
|
|
21212
|
+
};
|
|
21213
|
+
}
|
|
21230
21214
|
function ExecutableRuleFromJSON(json) {
|
|
21231
21215
|
return ExecutableRuleFromJSONTyped(json, false);
|
|
21232
21216
|
}
|
|
@@ -21403,7 +21387,6 @@ function PolicyEvaluationApiRequestDtoToJSONTyped(value, ignoreDiscriminator = f
|
|
|
21403
21387
|
return {
|
|
21404
21388
|
organizationId: value["organizationId"],
|
|
21405
21389
|
actorIdentifier: value["actorIdentifier"],
|
|
21406
|
-
actorType: PolicyActorTypeToJSON(value["actorType"]),
|
|
21407
21390
|
executableIdentifier: value["executableIdentifier"],
|
|
21408
21391
|
executableType: PolicyExecutableTypeToJSON(value["executableType"]),
|
|
21409
21392
|
resourceIdentifier: value["resourceIdentifier"],
|
|
@@ -21453,7 +21436,7 @@ function PolicyUpsertResultDtoFromJSONTyped(json, ignoreDiscriminator) {
|
|
|
21453
21436
|
}
|
|
21454
21437
|
|
|
21455
21438
|
class PolicyEvaluationApi extends BaseAPI {
|
|
21456
|
-
async
|
|
21439
|
+
async apiPolicyEvaluateTenantTenantIdPostRaw(requestParameters, initOverrides) {
|
|
21457
21440
|
if (requestParameters["tenantId"] == null) {
|
|
21458
21441
|
throw new RequiredError("tenantId", 'Required parameter "tenantId" was null or undefined when calling apiPolicyEvaluateTenantTenantIdPost().');
|
|
21459
21442
|
}
|
|
@@ -21475,17 +21458,13 @@ class PolicyEvaluationApi extends BaseAPI {
|
|
|
21475
21458
|
}
|
|
21476
21459
|
let urlPath = `/api/policy/evaluate/tenant/{tenantId}`;
|
|
21477
21460
|
urlPath = urlPath.replace(`{${"tenantId"}}`, encodeURIComponent(String(requestParameters["tenantId"])));
|
|
21478
|
-
|
|
21461
|
+
const response = await this.request({
|
|
21479
21462
|
path: urlPath,
|
|
21480
21463
|
method: "POST",
|
|
21481
21464
|
headers: headerParameters,
|
|
21482
21465
|
query: queryParameters,
|
|
21483
21466
|
body: PolicyEvaluationApiRequestDtoToJSON(requestParameters["policyEvaluationApiRequestDto"])
|
|
21484
|
-
};
|
|
21485
|
-
}
|
|
21486
|
-
async apiPolicyEvaluateTenantTenantIdPostRaw(requestParameters, initOverrides) {
|
|
21487
|
-
const requestOptions = await this.apiPolicyEvaluateTenantTenantIdPostRequestOpts(requestParameters);
|
|
21488
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21467
|
+
}, initOverrides);
|
|
21489
21468
|
return new JSONApiResponse(response, (jsonValue) => PolicyEvaluationResultDtoFromJSON(jsonValue));
|
|
21490
21469
|
}
|
|
21491
21470
|
async apiPolicyEvaluateTenantTenantIdPost(requestParameters, initOverrides) {
|
|
@@ -21495,7 +21474,7 @@ class PolicyEvaluationApi extends BaseAPI {
|
|
|
21495
21474
|
}
|
|
21496
21475
|
|
|
21497
21476
|
class PolicyManagementApi extends BaseAPI {
|
|
21498
|
-
async
|
|
21477
|
+
async apiPoliciesDeleteRaw(requestParameters, initOverrides) {
|
|
21499
21478
|
const queryParameters = {};
|
|
21500
21479
|
if (requestParameters["policyId"] != null) {
|
|
21501
21480
|
queryParameters["policyId"] = requestParameters["policyId"];
|
|
@@ -21512,22 +21491,18 @@ class PolicyManagementApi extends BaseAPI {
|
|
|
21512
21491
|
}
|
|
21513
21492
|
}
|
|
21514
21493
|
let urlPath = `/api/policies`;
|
|
21515
|
-
|
|
21494
|
+
const response = await this.request({
|
|
21516
21495
|
path: urlPath,
|
|
21517
21496
|
method: "DELETE",
|
|
21518
21497
|
headers: headerParameters,
|
|
21519
21498
|
query: queryParameters
|
|
21520
|
-
};
|
|
21521
|
-
}
|
|
21522
|
-
async apiPoliciesDeleteRaw(requestParameters, initOverrides) {
|
|
21523
|
-
const requestOptions = await this.apiPoliciesDeleteRequestOpts(requestParameters);
|
|
21524
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21499
|
+
}, initOverrides);
|
|
21525
21500
|
return new VoidApiResponse(response);
|
|
21526
21501
|
}
|
|
21527
21502
|
async apiPoliciesDelete(requestParameters = {}, initOverrides) {
|
|
21528
21503
|
await this.apiPoliciesDeleteRaw(requestParameters, initOverrides);
|
|
21529
21504
|
}
|
|
21530
|
-
async
|
|
21505
|
+
async apiPoliciesGetRaw(requestParameters, initOverrides) {
|
|
21531
21506
|
const queryParameters = {};
|
|
21532
21507
|
if (requestParameters["top"] != null) {
|
|
21533
21508
|
queryParameters["top"] = requestParameters["top"];
|
|
@@ -21553,23 +21528,19 @@ class PolicyManagementApi extends BaseAPI {
|
|
|
21553
21528
|
}
|
|
21554
21529
|
}
|
|
21555
21530
|
let urlPath = `/api/policies`;
|
|
21556
|
-
|
|
21531
|
+
const response = await this.request({
|
|
21557
21532
|
path: urlPath,
|
|
21558
21533
|
method: "GET",
|
|
21559
21534
|
headers: headerParameters,
|
|
21560
21535
|
query: queryParameters
|
|
21561
|
-
};
|
|
21562
|
-
}
|
|
21563
|
-
async apiPoliciesGetRaw(requestParameters, initOverrides) {
|
|
21564
|
-
const requestOptions = await this.apiPoliciesGetRequestOpts(requestParameters);
|
|
21565
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21536
|
+
}, initOverrides);
|
|
21566
21537
|
return new JSONApiResponse(response, (jsonValue) => PolicyDefinitionPagedResultFromJSON(jsonValue));
|
|
21567
21538
|
}
|
|
21568
21539
|
async apiPoliciesGet(requestParameters = {}, initOverrides) {
|
|
21569
21540
|
const response = await this.apiPoliciesGetRaw(requestParameters, initOverrides);
|
|
21570
21541
|
return await response.value();
|
|
21571
21542
|
}
|
|
21572
|
-
async
|
|
21543
|
+
async apiPoliciesPatchRaw(requestParameters, initOverrides) {
|
|
21573
21544
|
const queryParameters = {};
|
|
21574
21545
|
const headerParameters = {};
|
|
21575
21546
|
headerParameters["Content-Type"] = "application/json";
|
|
@@ -21584,24 +21555,20 @@ class PolicyManagementApi extends BaseAPI {
|
|
|
21584
21555
|
}
|
|
21585
21556
|
}
|
|
21586
21557
|
let urlPath = `/api/policies`;
|
|
21587
|
-
|
|
21558
|
+
const response = await this.request({
|
|
21588
21559
|
path: urlPath,
|
|
21589
21560
|
method: "PATCH",
|
|
21590
21561
|
headers: headerParameters,
|
|
21591
21562
|
query: queryParameters,
|
|
21592
21563
|
body: PolicyDefinitionToJSON(requestParameters["policyDefinition"])
|
|
21593
|
-
};
|
|
21594
|
-
}
|
|
21595
|
-
async apiPoliciesPatchRaw(requestParameters, initOverrides) {
|
|
21596
|
-
const requestOptions = await this.apiPoliciesPatchRequestOpts(requestParameters);
|
|
21597
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21564
|
+
}, initOverrides);
|
|
21598
21565
|
return new JSONApiResponse(response, (jsonValue) => PolicyUpsertResultDtoFromJSON(jsonValue));
|
|
21599
21566
|
}
|
|
21600
21567
|
async apiPoliciesPatch(requestParameters = {}, initOverrides) {
|
|
21601
21568
|
const response = await this.apiPoliciesPatchRaw(requestParameters, initOverrides);
|
|
21602
21569
|
return await response.value();
|
|
21603
21570
|
}
|
|
21604
|
-
async
|
|
21571
|
+
async apiPoliciesPolicyIdGetRaw(requestParameters, initOverrides) {
|
|
21605
21572
|
if (requestParameters["policyId"] == null) {
|
|
21606
21573
|
throw new RequiredError("policyId", 'Required parameter "policyId" was null or undefined when calling apiPoliciesPolicyIdGet().');
|
|
21607
21574
|
}
|
|
@@ -21619,23 +21586,19 @@ class PolicyManagementApi extends BaseAPI {
|
|
|
21619
21586
|
}
|
|
21620
21587
|
let urlPath = `/api/policies/{policyId}`;
|
|
21621
21588
|
urlPath = urlPath.replace(`{${"policyId"}}`, encodeURIComponent(String(requestParameters["policyId"])));
|
|
21622
|
-
|
|
21589
|
+
const response = await this.request({
|
|
21623
21590
|
path: urlPath,
|
|
21624
21591
|
method: "GET",
|
|
21625
21592
|
headers: headerParameters,
|
|
21626
21593
|
query: queryParameters
|
|
21627
|
-
};
|
|
21628
|
-
}
|
|
21629
|
-
async apiPoliciesPolicyIdGetRaw(requestParameters, initOverrides) {
|
|
21630
|
-
const requestOptions = await this.apiPoliciesPolicyIdGetRequestOpts(requestParameters);
|
|
21631
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21594
|
+
}, initOverrides);
|
|
21632
21595
|
return new JSONApiResponse(response, (jsonValue) => PolicyDefinitionFromJSON(jsonValue));
|
|
21633
21596
|
}
|
|
21634
21597
|
async apiPoliciesPolicyIdGet(requestParameters, initOverrides) {
|
|
21635
21598
|
const response = await this.apiPoliciesPolicyIdGetRaw(requestParameters, initOverrides);
|
|
21636
21599
|
return await response.value();
|
|
21637
21600
|
}
|
|
21638
|
-
async
|
|
21601
|
+
async apiPoliciesPostRaw(requestParameters, initOverrides) {
|
|
21639
21602
|
const queryParameters = {};
|
|
21640
21603
|
const headerParameters = {};
|
|
21641
21604
|
headerParameters["Content-Type"] = "application/json";
|
|
@@ -21650,17 +21613,13 @@ class PolicyManagementApi extends BaseAPI {
|
|
|
21650
21613
|
}
|
|
21651
21614
|
}
|
|
21652
21615
|
let urlPath = `/api/policies`;
|
|
21653
|
-
|
|
21616
|
+
const response = await this.request({
|
|
21654
21617
|
path: urlPath,
|
|
21655
21618
|
method: "POST",
|
|
21656
21619
|
headers: headerParameters,
|
|
21657
21620
|
query: queryParameters,
|
|
21658
21621
|
body: PolicyDefinitionToJSON(requestParameters["policyDefinition"])
|
|
21659
|
-
};
|
|
21660
|
-
}
|
|
21661
|
-
async apiPoliciesPostRaw(requestParameters, initOverrides) {
|
|
21662
|
-
const requestOptions = await this.apiPoliciesPostRequestOpts(requestParameters);
|
|
21663
|
-
const response = await this.request(requestOptions, initOverrides);
|
|
21622
|
+
}, initOverrides);
|
|
21664
21623
|
return new JSONApiResponse(response, (jsonValue) => PolicyUpsertResultDtoFromJSON(jsonValue));
|
|
21665
21624
|
}
|
|
21666
21625
|
async apiPoliciesPost(requestParameters = {}, initOverrides) {
|
|
@@ -21713,7 +21672,9 @@ var DEFAULT_SCOPES = [
|
|
|
21713
21672
|
"AutomationSolutions",
|
|
21714
21673
|
"StudioWebTypeCacheService",
|
|
21715
21674
|
"Docs.GPT.Search",
|
|
21716
|
-
"Insights"
|
|
21675
|
+
"Insights",
|
|
21676
|
+
"ReferenceToken",
|
|
21677
|
+
"Audit.Read"
|
|
21717
21678
|
];
|
|
21718
21679
|
var normalizeAndValidateBaseUrl = (rawUrl) => {
|
|
21719
21680
|
let baseUrl = rawUrl;
|
|
@@ -21847,6 +21808,7 @@ var getTokenExpiration = (accessToken) => {
|
|
|
21847
21808
|
}
|
|
21848
21809
|
};
|
|
21849
21810
|
var ENV_AUTH_ENABLE_VAR = "UIPATH_CLI_ENABLE_ENV_AUTH";
|
|
21811
|
+
var ENFORCE_ROBOT_AUTH_VAR = "UIPATH_CLI_ENFORCE_ROBOT_AUTH";
|
|
21850
21812
|
var ENV_AUTH_VARS = {
|
|
21851
21813
|
token: "UIPATH_CLI_AUTH_TOKEN",
|
|
21852
21814
|
organizationName: "UIPATH_CLI_ORGANIZATION_NAME",
|
|
@@ -21862,6 +21824,7 @@ class EnvAuthConfigError extends Error {
|
|
|
21862
21824
|
}
|
|
21863
21825
|
}
|
|
21864
21826
|
var isEnvAuthEnabled = () => process.env[ENV_AUTH_ENABLE_VAR] === "true";
|
|
21827
|
+
var isRobotAuthEnforced = () => process.env[ENFORCE_ROBOT_AUTH_VAR] === "true";
|
|
21865
21828
|
var requireEnv = (name) => {
|
|
21866
21829
|
const value = process.env[name];
|
|
21867
21830
|
if (!value) {
|
|
@@ -21903,6 +21866,7 @@ var readAuthFromEnv = () => {
|
|
|
21903
21866
|
expiration
|
|
21904
21867
|
};
|
|
21905
21868
|
};
|
|
21869
|
+
init_src();
|
|
21906
21870
|
var DEFAULT_TIMEOUT_MS = 1000;
|
|
21907
21871
|
var CLOSE_TIMEOUT_MS = 500;
|
|
21908
21872
|
var NOTICE_SENTINEL = Symbol.for("@uipath/auth/robotFallbackNoticePrinted");
|
|
@@ -21914,6 +21878,35 @@ var printNoticeOnce = () => {
|
|
|
21914
21878
|
catchError(() => process.stderr.write(`Using UiPath Robot credentials. Run 'uip login' for a dedicated session.
|
|
21915
21879
|
`));
|
|
21916
21880
|
};
|
|
21881
|
+
var ROBOT_USER_SERVICES_PIPE = "UiPathUserServices";
|
|
21882
|
+
var ROBOT_USER_SERVICES_ALTERNATE_PIPE = `${ROBOT_USER_SERVICES_PIPE}Alternate`;
|
|
21883
|
+
var PIPE_NAME_MAX_LENGTH = 103;
|
|
21884
|
+
var getRobotIpcPipeNames = async () => {
|
|
21885
|
+
const fs7 = getFileSystem();
|
|
21886
|
+
const username = fs7.env.getenv("USER") ?? fs7.env.getenv("USERNAME");
|
|
21887
|
+
if (!username) {
|
|
21888
|
+
throw new Error("Unable to determine current username");
|
|
21889
|
+
}
|
|
21890
|
+
const tempPath = fs7.env.getenv("TMPDIR") ?? "/tmp/";
|
|
21891
|
+
return [ROBOT_USER_SERVICES_PIPE, ROBOT_USER_SERVICES_ALTERNATE_PIPE].map((baseName) => fs7.path.join(tempPath, `${baseName}_${username}`).substring(0, PIPE_NAME_MAX_LENGTH));
|
|
21892
|
+
};
|
|
21893
|
+
var defaultIsRobotIpcAvailable = async () => {
|
|
21894
|
+
if (process.platform === "win32") {
|
|
21895
|
+
return true;
|
|
21896
|
+
}
|
|
21897
|
+
const [pipeNamesError, pipeNames] = await catchError(getRobotIpcPipeNames());
|
|
21898
|
+
if (pipeNamesError || !pipeNames) {
|
|
21899
|
+
return false;
|
|
21900
|
+
}
|
|
21901
|
+
const fs7 = getFileSystem();
|
|
21902
|
+
for (const pipeName of pipeNames) {
|
|
21903
|
+
const [existsError, exists] = await catchError(fs7.exists(pipeName));
|
|
21904
|
+
if (!existsError && exists === true) {
|
|
21905
|
+
return true;
|
|
21906
|
+
}
|
|
21907
|
+
}
|
|
21908
|
+
return false;
|
|
21909
|
+
};
|
|
21917
21910
|
var withTimeout = (promise, timeoutMs) => new Promise((resolve2, reject) => {
|
|
21918
21911
|
const timer = setTimeout(() => reject(new Error(`Robot IPC call timed out after ${timeoutMs}ms`)), timeoutMs);
|
|
21919
21912
|
promise.then((value) => {
|
|
@@ -21945,14 +21938,20 @@ var defaultLoadModule = async () => {
|
|
|
21945
21938
|
var tryRobotClientFallback = async (options = {}) => {
|
|
21946
21939
|
if (isBrowser())
|
|
21947
21940
|
return;
|
|
21948
|
-
if (
|
|
21949
|
-
|
|
21950
|
-
|
|
21951
|
-
|
|
21952
|
-
|
|
21941
|
+
if (!options.force) {
|
|
21942
|
+
if (process.env.CI || process.env.GITHUB_ACTIONS) {
|
|
21943
|
+
return;
|
|
21944
|
+
}
|
|
21945
|
+
if (process.env.UIPATH_URL) {
|
|
21946
|
+
return;
|
|
21947
|
+
}
|
|
21953
21948
|
}
|
|
21954
21949
|
const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
|
|
21950
|
+
const isRobotIpcAvailable = options.isRobotIpcAvailable ?? defaultIsRobotIpcAvailable;
|
|
21955
21951
|
const loadModule = options.loadModule ?? defaultLoadModule;
|
|
21952
|
+
if (!await isRobotIpcAvailable()) {
|
|
21953
|
+
return;
|
|
21954
|
+
}
|
|
21956
21955
|
const mod = await loadModule();
|
|
21957
21956
|
if (!mod)
|
|
21958
21957
|
return;
|
|
@@ -22214,10 +22213,6 @@ function normalizeTokenRefreshUnavailableFailure() {
|
|
|
22214
22213
|
return "token refresh failed before authentication completed";
|
|
22215
22214
|
}
|
|
22216
22215
|
var getLoginStatusWithDeps = async (options = {}, deps = {}) => {
|
|
22217
|
-
if (isEnvAuthEnabled()) {
|
|
22218
|
-
return readAuthFromEnv();
|
|
22219
|
-
}
|
|
22220
|
-
const { envFilePath = DEFAULT_ENV_FILENAME, ensureTokenValidityMinutes } = options;
|
|
22221
22216
|
const {
|
|
22222
22217
|
resolveEnvFilePath = resolveEnvFilePathAsync,
|
|
22223
22218
|
loadEnvFile = loadEnvFileAsync,
|
|
@@ -22227,6 +22222,34 @@ var getLoginStatusWithDeps = async (options = {}, deps = {}) => {
|
|
|
22227
22222
|
resolveConfig = resolveConfigAsync,
|
|
22228
22223
|
robotFallback = tryRobotClientFallback
|
|
22229
22224
|
} = deps;
|
|
22225
|
+
if (isRobotAuthEnforced()) {
|
|
22226
|
+
if (isEnvAuthEnabled()) {
|
|
22227
|
+
throw new EnvAuthConfigError(`${ENV_AUTH_ENABLE_VAR}=true and ${ENFORCE_ROBOT_AUTH_VAR}=true ` + `are mutually exclusive. Unset one of them and re-run.`);
|
|
22228
|
+
}
|
|
22229
|
+
const robotCreds = await robotFallback({ force: true });
|
|
22230
|
+
if (!robotCreds) {
|
|
22231
|
+
return {
|
|
22232
|
+
loginStatus: "Not logged in",
|
|
22233
|
+
hint: `${ENFORCE_ROBOT_AUTH_VAR}=true but the UiPath Robot ` + `session is unavailable. Start and sign in to the Assistant, ` + `or unset ${ENFORCE_ROBOT_AUTH_VAR} to fall back to file or ` + `env-var authentication.`
|
|
22234
|
+
};
|
|
22235
|
+
}
|
|
22236
|
+
const expiration2 = getTokenExpiration(robotCreds.accessToken);
|
|
22237
|
+
return {
|
|
22238
|
+
loginStatus: "Logged in",
|
|
22239
|
+
accessToken: robotCreds.accessToken,
|
|
22240
|
+
baseUrl: robotCreds.baseUrl,
|
|
22241
|
+
organizationName: robotCreds.organizationName,
|
|
22242
|
+
organizationId: robotCreds.organizationId,
|
|
22243
|
+
tenantName: robotCreds.tenantName,
|
|
22244
|
+
tenantId: robotCreds.tenantId,
|
|
22245
|
+
expiration: expiration2,
|
|
22246
|
+
source: "robot"
|
|
22247
|
+
};
|
|
22248
|
+
}
|
|
22249
|
+
if (isEnvAuthEnabled()) {
|
|
22250
|
+
return readAuthFromEnv();
|
|
22251
|
+
}
|
|
22252
|
+
const { envFilePath = DEFAULT_ENV_FILENAME, ensureTokenValidityMinutes } = options;
|
|
22230
22253
|
const { absolutePath } = await resolveEnvFilePath(envFilePath);
|
|
22231
22254
|
if (absolutePath === undefined) {
|
|
22232
22255
|
const robotCreds = await robotFallback();
|
|
@@ -22375,7 +22398,7 @@ var getLoginStatusAsync = async (options = {}) => {
|
|
|
22375
22398
|
};
|
|
22376
22399
|
init_src();
|
|
22377
22400
|
init_src();
|
|
22378
|
-
async function resolveConfig(
|
|
22401
|
+
async function resolveConfig(plane, options) {
|
|
22379
22402
|
const status = await getLoginStatusAsync({
|
|
22380
22403
|
ensureTokenValidityMinutes: options?.loginValidity
|
|
22381
22404
|
});
|
|
@@ -22385,29 +22408,34 @@ async function resolveConfig(service, options) {
|
|
|
22385
22408
|
if (!status.organizationId) {
|
|
22386
22409
|
throw new Error("Organization ID not available. Ensure you are logged in with an organization context.");
|
|
22387
22410
|
}
|
|
22388
|
-
const basePath = `${status.baseUrl}/${status.organizationId}/${
|
|
22411
|
+
const basePath = `${status.baseUrl}/${status.organizationId}/${plane}_`;
|
|
22412
|
+
const bearerToken = options?.s2sToken ?? status.accessToken;
|
|
22389
22413
|
return {
|
|
22390
22414
|
config: new Configuration({
|
|
22391
22415
|
basePath,
|
|
22392
|
-
|
|
22393
|
-
Authorization: `Bearer ${status.accessToken}`
|
|
22394
|
-
}
|
|
22416
|
+
accessToken: async () => bearerToken
|
|
22395
22417
|
}),
|
|
22396
|
-
status
|
|
22418
|
+
organizationId: status.organizationId,
|
|
22419
|
+
tenantId: status.tenantId,
|
|
22420
|
+
tenantName: status.tenantName
|
|
22397
22421
|
};
|
|
22398
22422
|
}
|
|
22399
|
-
async function
|
|
22400
|
-
const { config } = await resolveConfig(
|
|
22401
|
-
return new ApiClass(config);
|
|
22402
|
-
}
|
|
22403
|
-
async function createPdpApiClient(ApiClass, options) {
|
|
22404
|
-
const { config, status } = await resolveConfig("pdp", options);
|
|
22423
|
+
async function createApiClient(ApiClass, plane, options) {
|
|
22424
|
+
const { config, organizationId, tenantId, tenantName } = await resolveConfig(plane, options);
|
|
22405
22425
|
return {
|
|
22406
22426
|
api: new ApiClass(config),
|
|
22407
|
-
organizationId
|
|
22408
|
-
tenantId
|
|
22427
|
+
organizationId,
|
|
22428
|
+
tenantId,
|
|
22429
|
+
tenantName
|
|
22409
22430
|
};
|
|
22410
22431
|
}
|
|
22432
|
+
async function createPapClient(ApiClass, options) {
|
|
22433
|
+
return createApiClient(ApiClass, "pap", options);
|
|
22434
|
+
}
|
|
22435
|
+
async function createPdpClient(ApiClass, options) {
|
|
22436
|
+
return createApiClient(ApiClass, "pdp", options);
|
|
22437
|
+
}
|
|
22438
|
+
init_src();
|
|
22411
22439
|
function isPromiseLike2(value) {
|
|
22412
22440
|
return value !== null && typeof value === "object" && typeof value.then === "function";
|
|
22413
22441
|
}
|
|
@@ -22434,71 +22462,6 @@ function settlePromiseLike2(thenable) {
|
|
|
22434
22462
|
undefined
|
|
22435
22463
|
]);
|
|
22436
22464
|
}
|
|
22437
|
-
var examplesByCommand = new WeakMap;
|
|
22438
|
-
Command.prototype.examples = function(examples) {
|
|
22439
|
-
examplesByCommand.set(this, examples);
|
|
22440
|
-
return this;
|
|
22441
|
-
};
|
|
22442
|
-
var PREFIX = "@uipath/common/";
|
|
22443
|
-
var _g = globalThis;
|
|
22444
|
-
function singleton(ctorOrName) {
|
|
22445
|
-
const name = typeof ctorOrName === "string" ? ctorOrName : ctorOrName.name;
|
|
22446
|
-
const key = Symbol.for(PREFIX + name);
|
|
22447
|
-
return {
|
|
22448
|
-
get(fallback) {
|
|
22449
|
-
return _g[key] ?? fallback;
|
|
22450
|
-
},
|
|
22451
|
-
set(value) {
|
|
22452
|
-
_g[key] = value;
|
|
22453
|
-
},
|
|
22454
|
-
clear() {
|
|
22455
|
-
delete _g[key];
|
|
22456
|
-
},
|
|
22457
|
-
getOrInit(factory, guard) {
|
|
22458
|
-
const existing = _g[key];
|
|
22459
|
-
if (existing != null && typeof existing === "object") {
|
|
22460
|
-
if (!guard || guard(existing)) {
|
|
22461
|
-
return existing;
|
|
22462
|
-
}
|
|
22463
|
-
}
|
|
22464
|
-
const instance = factory();
|
|
22465
|
-
_g[key] = instance;
|
|
22466
|
-
return instance;
|
|
22467
|
-
}
|
|
22468
|
-
};
|
|
22469
|
-
}
|
|
22470
|
-
function createStorage() {
|
|
22471
|
-
const [error, mod] = catchError2(() => __require2("node:async_hooks"));
|
|
22472
|
-
if (error || typeof mod?.AsyncLocalStorage !== "function") {
|
|
22473
|
-
return {
|
|
22474
|
-
getStore: () => {
|
|
22475
|
-
return;
|
|
22476
|
-
},
|
|
22477
|
-
run: (_store, fn) => fn()
|
|
22478
|
-
};
|
|
22479
|
-
}
|
|
22480
|
-
return new mod.AsyncLocalStorage;
|
|
22481
|
-
}
|
|
22482
|
-
var storageSingleton = singleton("OutputStorage");
|
|
22483
|
-
var sinkSlot = singleton("OutputSink");
|
|
22484
|
-
var outputStorage = storageSingleton.getOrInit(createStorage, (v) => ("getStore" in v));
|
|
22485
|
-
var CONSOLE_FALLBACK = {
|
|
22486
|
-
writeOut: (str) => process.stdout.write(str),
|
|
22487
|
-
writeErr: (str) => process.stderr.write(str),
|
|
22488
|
-
writeLog: (str) => process.stdout.write(str),
|
|
22489
|
-
capabilities: {
|
|
22490
|
-
isInteractive: false,
|
|
22491
|
-
supportsColor: false,
|
|
22492
|
-
outputWidth: 80
|
|
22493
|
-
}
|
|
22494
|
-
};
|
|
22495
|
-
function getOutputSink() {
|
|
22496
|
-
return outputStorage.getStore() ?? sinkSlot.get() ?? CONSOLE_FALLBACK;
|
|
22497
|
-
}
|
|
22498
|
-
var COMPLETER_SYMBOL = Symbol.for("@uipath/common/completer");
|
|
22499
|
-
var guardInstalledSlot = singleton("ConsoleGuardInstalled");
|
|
22500
|
-
var savedOriginalsSlot = singleton("ConsoleGuardOriginals");
|
|
22501
|
-
var DEFAULT_AUTH_TIMEOUT_MS2 = 5 * 60 * 1000;
|
|
22502
22465
|
var DEFAULT_401 = "Unauthorized (401). Run `uip login` to authenticate.";
|
|
22503
22466
|
var DEFAULT_403 = "Forbidden (403). Ensure the account has the required permissions.";
|
|
22504
22467
|
var DEFAULT_405 = "Method Not Allowed (405). The endpoint may not exist or the base URL may be incorrect.";
|
|
@@ -22633,6 +22596,71 @@ async function extractErrorMessage(error, options) {
|
|
|
22633
22596
|
const { message } = await extractErrorDetails(error, options);
|
|
22634
22597
|
return message;
|
|
22635
22598
|
}
|
|
22599
|
+
var examplesByCommand = new WeakMap;
|
|
22600
|
+
Command.prototype.examples = function(examples) {
|
|
22601
|
+
examplesByCommand.set(this, examples);
|
|
22602
|
+
return this;
|
|
22603
|
+
};
|
|
22604
|
+
var PREFIX = "@uipath/common/";
|
|
22605
|
+
var _g = globalThis;
|
|
22606
|
+
function singleton(ctorOrName) {
|
|
22607
|
+
const name = typeof ctorOrName === "string" ? ctorOrName : ctorOrName.name;
|
|
22608
|
+
const key = Symbol.for(PREFIX + name);
|
|
22609
|
+
return {
|
|
22610
|
+
get(fallback) {
|
|
22611
|
+
return _g[key] ?? fallback;
|
|
22612
|
+
},
|
|
22613
|
+
set(value) {
|
|
22614
|
+
_g[key] = value;
|
|
22615
|
+
},
|
|
22616
|
+
clear() {
|
|
22617
|
+
delete _g[key];
|
|
22618
|
+
},
|
|
22619
|
+
getOrInit(factory, guard) {
|
|
22620
|
+
const existing = _g[key];
|
|
22621
|
+
if (existing != null && typeof existing === "object") {
|
|
22622
|
+
if (!guard || guard(existing)) {
|
|
22623
|
+
return existing;
|
|
22624
|
+
}
|
|
22625
|
+
}
|
|
22626
|
+
const instance = factory();
|
|
22627
|
+
_g[key] = instance;
|
|
22628
|
+
return instance;
|
|
22629
|
+
}
|
|
22630
|
+
};
|
|
22631
|
+
}
|
|
22632
|
+
function createStorage() {
|
|
22633
|
+
const [error, mod] = catchError2(() => __require2("node:async_hooks"));
|
|
22634
|
+
if (error || typeof mod?.AsyncLocalStorage !== "function") {
|
|
22635
|
+
return {
|
|
22636
|
+
getStore: () => {
|
|
22637
|
+
return;
|
|
22638
|
+
},
|
|
22639
|
+
run: (_store, fn) => fn()
|
|
22640
|
+
};
|
|
22641
|
+
}
|
|
22642
|
+
return new mod.AsyncLocalStorage;
|
|
22643
|
+
}
|
|
22644
|
+
var storageSingleton = singleton("OutputStorage");
|
|
22645
|
+
var sinkSlot = singleton("OutputSink");
|
|
22646
|
+
var outputStorage = storageSingleton.getOrInit(createStorage, (v) => ("getStore" in v));
|
|
22647
|
+
var CONSOLE_FALLBACK = {
|
|
22648
|
+
writeOut: (str) => process.stdout.write(str),
|
|
22649
|
+
writeErr: (str) => process.stderr.write(str),
|
|
22650
|
+
writeLog: (str) => process.stdout.write(str),
|
|
22651
|
+
capabilities: {
|
|
22652
|
+
isInteractive: false,
|
|
22653
|
+
supportsColor: false,
|
|
22654
|
+
outputWidth: 80
|
|
22655
|
+
}
|
|
22656
|
+
};
|
|
22657
|
+
function getOutputSink() {
|
|
22658
|
+
return outputStorage.getStore() ?? sinkSlot.get() ?? CONSOLE_FALLBACK;
|
|
22659
|
+
}
|
|
22660
|
+
var COMPLETER_SYMBOL = Symbol.for("@uipath/common/completer");
|
|
22661
|
+
var guardInstalledSlot = singleton("ConsoleGuardInstalled");
|
|
22662
|
+
var savedOriginalsSlot = singleton("ConsoleGuardOriginals");
|
|
22663
|
+
var DEFAULT_AUTH_TIMEOUT_MS2 = 5 * 60 * 1000;
|
|
22636
22664
|
var isObject = (obj) => {
|
|
22637
22665
|
return obj !== null && Object.prototype.toString.call(obj) === "[object Object]";
|
|
22638
22666
|
};
|
|
@@ -27658,15 +27686,26 @@ class SuccessOutput {
|
|
|
27658
27686
|
}
|
|
27659
27687
|
}
|
|
27660
27688
|
}
|
|
27661
|
-
function
|
|
27689
|
+
function escapeNonAscii(jsonText) {
|
|
27690
|
+
return jsonText.replace(/[\u0080-\uffff]/g, (c) => {
|
|
27691
|
+
const hex = c.charCodeAt(0).toString(16).padStart(4, "0");
|
|
27692
|
+
return `\\u${hex}`;
|
|
27693
|
+
});
|
|
27694
|
+
}
|
|
27695
|
+
function needsAsciiSafeJson(sink) {
|
|
27696
|
+
return process.platform === "win32" && !sink.capabilities.isInteractive;
|
|
27697
|
+
}
|
|
27698
|
+
function printOutput(data, format = "json", logFn, asciiSafe = false) {
|
|
27662
27699
|
if (!data) {
|
|
27663
27700
|
logFn("Empty response object. No data to display.");
|
|
27664
27701
|
return;
|
|
27665
27702
|
}
|
|
27666
27703
|
switch (format) {
|
|
27667
|
-
case "json":
|
|
27668
|
-
|
|
27704
|
+
case "json": {
|
|
27705
|
+
const json2 = JSON.stringify(data, null, 2);
|
|
27706
|
+
logFn(asciiSafe ? escapeNonAscii(json2) : json2);
|
|
27669
27707
|
break;
|
|
27708
|
+
}
|
|
27670
27709
|
case "yaml":
|
|
27671
27710
|
logFn(toYaml(data));
|
|
27672
27711
|
break;
|
|
@@ -27701,7 +27740,7 @@ function printOutput(data, format = "json", logFn) {
|
|
|
27701
27740
|
function logOutput(data, format = "json") {
|
|
27702
27741
|
const sink = getOutputSink();
|
|
27703
27742
|
printOutput(data, format, (msg) => sink.writeOut(`${msg}
|
|
27704
|
-
`));
|
|
27743
|
+
`), needsAsciiSafeJson(sink));
|
|
27705
27744
|
}
|
|
27706
27745
|
function cellToString(val) {
|
|
27707
27746
|
return val != null && typeof val === "object" ? JSON.stringify(val) : String(val ?? "");
|
|
@@ -27881,7 +27920,9 @@ var OutputFormatter;
|
|
|
27881
27920
|
const format = getOutputFormat();
|
|
27882
27921
|
const sink = getOutputSink();
|
|
27883
27922
|
if (format === "json") {
|
|
27884
|
-
|
|
27923
|
+
const json2 = JSON.stringify(data);
|
|
27924
|
+
const safe = needsAsciiSafeJson(sink) ? escapeNonAscii(json2) : json2;
|
|
27925
|
+
sink.writeErr(`${safe}
|
|
27885
27926
|
`);
|
|
27886
27927
|
} else {
|
|
27887
27928
|
for (const [key, value] of Object.entries(data)) {
|
|
@@ -27897,9 +27938,10 @@ var OutputFormatter;
|
|
|
27897
27938
|
data.Data = applyFilter(data.Data, filter);
|
|
27898
27939
|
}
|
|
27899
27940
|
const lines = [];
|
|
27941
|
+
const sink = getOutputSink();
|
|
27900
27942
|
printOutput(data, getOutputFormat(), (msg) => {
|
|
27901
27943
|
lines.push(msg);
|
|
27902
|
-
});
|
|
27944
|
+
}, needsAsciiSafeJson(sink));
|
|
27903
27945
|
return lines.join(`
|
|
27904
27946
|
`);
|
|
27905
27947
|
}
|
|
@@ -29559,7 +29601,7 @@ var withLoginValidity = (cmd) => {
|
|
|
29559
29601
|
return cmd;
|
|
29560
29602
|
};
|
|
29561
29603
|
async function getPapApi(options) {
|
|
29562
|
-
const [err,
|
|
29604
|
+
const [err, client] = await catchError2(createPapClient(PolicyManagementApi, {
|
|
29563
29605
|
loginValidity: options.loginValidity
|
|
29564
29606
|
}));
|
|
29565
29607
|
if (err) {
|
|
@@ -29571,7 +29613,7 @@ async function getPapApi(options) {
|
|
|
29571
29613
|
processContext.exit(1);
|
|
29572
29614
|
return null;
|
|
29573
29615
|
}
|
|
29574
|
-
return api;
|
|
29616
|
+
return client.api;
|
|
29575
29617
|
}
|
|
29576
29618
|
async function loadPolicyDefinition(file) {
|
|
29577
29619
|
const fs7 = getFileSystem();
|
|
@@ -29627,7 +29669,7 @@ var LIST_EXAMPLES = [
|
|
|
29627
29669
|
},
|
|
29628
29670
|
{
|
|
29629
29671
|
Description: "Filter active policies, sorted by name",
|
|
29630
|
-
Command: `uip gov access-policy list --filter "status in ('Active')" --
|
|
29672
|
+
Command: `uip gov access-policy list --filter "status in ('Active')" --sort-by "Name asc"`,
|
|
29631
29673
|
Output: {
|
|
29632
29674
|
Code: "PolicyList",
|
|
29633
29675
|
Data: {
|
|
@@ -29731,11 +29773,11 @@ var registerAccessPolicyCommand = (program2) => {
|
|
|
29731
29773
|
"Search for policies matching optional filters, with pagination.",
|
|
29732
29774
|
"Returns a paged list (totalCount + results) of policy metadata.",
|
|
29733
29775
|
"",
|
|
29734
|
-
"Filters use OData syntax (e.g. `status in ('Active')`). Sort with --
|
|
29776
|
+
"Filters use OData syntax (e.g. `status in ('Active')`). Sort with --sort-by using",
|
|
29735
29777
|
"`<Field> asc|desc` (e.g. `Name asc`, `CreatedOn desc`).",
|
|
29736
29778
|
"Use the returned `id` with `access-policy get|update|delete|evaluate`."
|
|
29737
29779
|
].join(`
|
|
29738
|
-
`)).option("--limit <n>", "Page size — maximum number of policies to return. Defaults to 20.", parseNonNegativeInt, 20).option("--offset <n>", "Number of records to skip before the returned page (zero-based).", parseNonNegativeInt, 0).option("--filter <filter>", `OData-style filter expression (e.g. "status in ('Active')").`).option("--
|
|
29780
|
+
`)).option("--limit <n>", "Page size — maximum number of policies to return. Defaults to 20.", parseNonNegativeInt, 20).option("--offset <n>", "Number of records to skip before the returned page (zero-based).", parseNonNegativeInt, 0).option("--filter <filter>", `OData-style filter expression (e.g. "status in ('Active')").`).option("--sort-by <order>", "Sort expression — '<Field> asc|desc' (e.g. 'Name asc', 'CreatedOn desc').").examples(LIST_EXAMPLES)).trackedAction(processContext, async (options) => {
|
|
29739
29781
|
const api = await getPapApi(options);
|
|
29740
29782
|
if (!api)
|
|
29741
29783
|
return;
|
|
@@ -29743,13 +29785,13 @@ var registerAccessPolicyCommand = (program2) => {
|
|
|
29743
29785
|
top: options.limit,
|
|
29744
29786
|
skip: options.offset,
|
|
29745
29787
|
filter: options.filter,
|
|
29746
|
-
orderBy: options.
|
|
29788
|
+
orderBy: options.sortBy
|
|
29747
29789
|
}));
|
|
29748
29790
|
if (error) {
|
|
29749
29791
|
OutputFormatter.error({
|
|
29750
29792
|
Result: RESULTS.Failure,
|
|
29751
29793
|
Message: await extractErrorMessage(error),
|
|
29752
|
-
Instructions: "Verify --filter uses OData syntax and --
|
|
29794
|
+
Instructions: "Verify --filter uses OData syntax and --sort-by is '<Field> asc|desc'. Ensure you have access to the access-policy service."
|
|
29753
29795
|
});
|
|
29754
29796
|
processContext.exit(1);
|
|
29755
29797
|
return;
|
|
@@ -29885,7 +29927,7 @@ var registerAccessPolicyCommand = (program2) => {
|
|
|
29885
29927
|
"why a production request was allowed/denied."
|
|
29886
29928
|
].join(`
|
|
29887
29929
|
`)).addOption(new Option("--resource-type <type>", "The protected asset being accessed (e.g. the Agent being invoked).").choices(RESOURCE_TYPES).makeOptionMandatory(true)).option("--resource-id <id>", "Identifier of the specific resource instance (e.g. an Agent UUID).").option("--actor-identity-id <id>", "Identifier of the actor — only required when calling with an S2S token. With a user token the actor is inferred from the bearer.").addOption(new Option("--actor-process-type <type>", "The workflow/agent being executed on behalf of the actor, if any.").choices(EXECUTABLE_TYPES)).option("--actor-process-id <id>", "Identifier of the executable (e.g. a Flow UUID).").option("--folder-key <key>", "Folder key (UUID) scoping the request to a specific folder.").option("--trace-parent-id <id>", "W3C traceparent header value to correlate this evaluation with upstream traces.").examples(EVALUATE_EXAMPLES)).trackedAction(processContext, async (options) => {
|
|
29888
|
-
const [apiErr, client] = await catchError2(
|
|
29930
|
+
const [apiErr, client] = await catchError2(createPdpClient(PolicyEvaluationApi, {
|
|
29889
29931
|
loginValidity: options.loginValidity
|
|
29890
29932
|
}));
|
|
29891
29933
|
if (apiErr) {
|
|
@@ -30783,16 +30825,14 @@ var init_node2 = __esm2(() => {
|
|
|
30783
30825
|
init_open2();
|
|
30784
30826
|
});
|
|
30785
30827
|
var fsInstance2;
|
|
30786
|
-
var getFileSystem2 = () =>
|
|
30787
|
-
return fsInstance2;
|
|
30788
|
-
};
|
|
30828
|
+
var getFileSystem2 = () => fsInstance2;
|
|
30789
30829
|
var init_src2 = __esm2(() => {
|
|
30790
30830
|
init_node2();
|
|
30791
30831
|
init_node2();
|
|
30792
30832
|
fsInstance2 = new NodeFileSystem2;
|
|
30793
30833
|
});
|
|
30794
30834
|
var require_coreipc2 = __commonJS3((exports, module) => {
|
|
30795
|
-
var __dirname3 = "/
|
|
30835
|
+
var __dirname3 = "/Users/alexandru.oltean/github/cli/node_modules/@uipath/coreipc";
|
|
30796
30836
|
/*! For license information please see index.js.LICENSE.txt */
|
|
30797
30837
|
(function(e, t) {
|
|
30798
30838
|
typeof exports == "object" && typeof module == "object" ? module.exports = t() : typeof define == "function" && define.amd ? define([], t) : typeof exports == "object" ? exports.ipc = t() : e.ipc = t();
|
|
@@ -48594,7 +48634,7 @@ var require_dist2 = __commonJS3((exports) => {
|
|
|
48594
48634
|
});
|
|
48595
48635
|
var package_default2 = {
|
|
48596
48636
|
name: "@uipath/aops-policy-tool",
|
|
48597
|
-
version: "
|
|
48637
|
+
version: "1.1.0",
|
|
48598
48638
|
description: "CLI plugin for managing UiPath AOps governance policies.",
|
|
48599
48639
|
private: false,
|
|
48600
48640
|
repository: {
|
|
@@ -51581,7 +51621,9 @@ var DEFAULT_SCOPES2 = [
|
|
|
51581
51621
|
"AutomationSolutions",
|
|
51582
51622
|
"StudioWebTypeCacheService",
|
|
51583
51623
|
"Docs.GPT.Search",
|
|
51584
|
-
"Insights"
|
|
51624
|
+
"Insights",
|
|
51625
|
+
"ReferenceToken",
|
|
51626
|
+
"Audit.Read"
|
|
51585
51627
|
];
|
|
51586
51628
|
var normalizeAndValidateBaseUrl2 = (rawUrl) => {
|
|
51587
51629
|
let baseUrl = rawUrl;
|
|
@@ -51715,6 +51757,7 @@ var getTokenExpiration2 = (accessToken) => {
|
|
|
51715
51757
|
}
|
|
51716
51758
|
};
|
|
51717
51759
|
var ENV_AUTH_ENABLE_VAR2 = "UIPATH_CLI_ENABLE_ENV_AUTH";
|
|
51760
|
+
var ENFORCE_ROBOT_AUTH_VAR2 = "UIPATH_CLI_ENFORCE_ROBOT_AUTH";
|
|
51718
51761
|
var ENV_AUTH_VARS2 = {
|
|
51719
51762
|
token: "UIPATH_CLI_AUTH_TOKEN",
|
|
51720
51763
|
organizationName: "UIPATH_CLI_ORGANIZATION_NAME",
|
|
@@ -51730,6 +51773,7 @@ class EnvAuthConfigError2 extends Error {
|
|
|
51730
51773
|
}
|
|
51731
51774
|
}
|
|
51732
51775
|
var isEnvAuthEnabled2 = () => process.env[ENV_AUTH_ENABLE_VAR2] === "true";
|
|
51776
|
+
var isRobotAuthEnforced2 = () => process.env[ENFORCE_ROBOT_AUTH_VAR2] === "true";
|
|
51733
51777
|
var requireEnv2 = (name) => {
|
|
51734
51778
|
const value = process.env[name];
|
|
51735
51779
|
if (!value) {
|
|
@@ -51771,6 +51815,7 @@ var readAuthFromEnv2 = () => {
|
|
|
51771
51815
|
expiration
|
|
51772
51816
|
};
|
|
51773
51817
|
};
|
|
51818
|
+
init_src2();
|
|
51774
51819
|
var DEFAULT_TIMEOUT_MS2 = 1000;
|
|
51775
51820
|
var CLOSE_TIMEOUT_MS2 = 500;
|
|
51776
51821
|
var NOTICE_SENTINEL2 = Symbol.for("@uipath/auth/robotFallbackNoticePrinted");
|
|
@@ -51782,6 +51827,35 @@ var printNoticeOnce2 = () => {
|
|
|
51782
51827
|
catchError3(() => process.stderr.write(`Using UiPath Robot credentials. Run 'uip login' for a dedicated session.
|
|
51783
51828
|
`));
|
|
51784
51829
|
};
|
|
51830
|
+
var ROBOT_USER_SERVICES_PIPE2 = "UiPathUserServices";
|
|
51831
|
+
var ROBOT_USER_SERVICES_ALTERNATE_PIPE2 = `${ROBOT_USER_SERVICES_PIPE2}Alternate`;
|
|
51832
|
+
var PIPE_NAME_MAX_LENGTH2 = 103;
|
|
51833
|
+
var getRobotIpcPipeNames2 = async () => {
|
|
51834
|
+
const fs72 = getFileSystem2();
|
|
51835
|
+
const username = fs72.env.getenv("USER") ?? fs72.env.getenv("USERNAME");
|
|
51836
|
+
if (!username) {
|
|
51837
|
+
throw new Error("Unable to determine current username");
|
|
51838
|
+
}
|
|
51839
|
+
const tempPath = fs72.env.getenv("TMPDIR") ?? "/tmp/";
|
|
51840
|
+
return [ROBOT_USER_SERVICES_PIPE2, ROBOT_USER_SERVICES_ALTERNATE_PIPE2].map((baseName) => fs72.path.join(tempPath, `${baseName}_${username}`).substring(0, PIPE_NAME_MAX_LENGTH2));
|
|
51841
|
+
};
|
|
51842
|
+
var defaultIsRobotIpcAvailable2 = async () => {
|
|
51843
|
+
if (process.platform === "win32") {
|
|
51844
|
+
return true;
|
|
51845
|
+
}
|
|
51846
|
+
const [pipeNamesError, pipeNames] = await catchError3(getRobotIpcPipeNames2());
|
|
51847
|
+
if (pipeNamesError || !pipeNames) {
|
|
51848
|
+
return false;
|
|
51849
|
+
}
|
|
51850
|
+
const fs72 = getFileSystem2();
|
|
51851
|
+
for (const pipeName of pipeNames) {
|
|
51852
|
+
const [existsError, exists] = await catchError3(fs72.exists(pipeName));
|
|
51853
|
+
if (!existsError && exists === true) {
|
|
51854
|
+
return true;
|
|
51855
|
+
}
|
|
51856
|
+
}
|
|
51857
|
+
return false;
|
|
51858
|
+
};
|
|
51785
51859
|
var withTimeout2 = (promise, timeoutMs) => new Promise((resolve22, reject) => {
|
|
51786
51860
|
const timer = setTimeout(() => reject(new Error(`Robot IPC call timed out after ${timeoutMs}ms`)), timeoutMs);
|
|
51787
51861
|
promise.then((value) => {
|
|
@@ -51813,14 +51887,20 @@ var defaultLoadModule2 = async () => {
|
|
|
51813
51887
|
var tryRobotClientFallback2 = async (options = {}) => {
|
|
51814
51888
|
if (isBrowser2())
|
|
51815
51889
|
return;
|
|
51816
|
-
if (
|
|
51817
|
-
|
|
51818
|
-
|
|
51819
|
-
|
|
51820
|
-
|
|
51890
|
+
if (!options.force) {
|
|
51891
|
+
if (process.env.CI || process.env.GITHUB_ACTIONS) {
|
|
51892
|
+
return;
|
|
51893
|
+
}
|
|
51894
|
+
if (process.env.UIPATH_URL) {
|
|
51895
|
+
return;
|
|
51896
|
+
}
|
|
51821
51897
|
}
|
|
51822
51898
|
const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS2;
|
|
51899
|
+
const isRobotIpcAvailable = options.isRobotIpcAvailable ?? defaultIsRobotIpcAvailable2;
|
|
51823
51900
|
const loadModule = options.loadModule ?? defaultLoadModule2;
|
|
51901
|
+
if (!await isRobotIpcAvailable()) {
|
|
51902
|
+
return;
|
|
51903
|
+
}
|
|
51824
51904
|
const mod2 = await loadModule();
|
|
51825
51905
|
if (!mod2)
|
|
51826
51906
|
return;
|
|
@@ -52082,10 +52162,6 @@ function normalizeTokenRefreshUnavailableFailure2() {
|
|
|
52082
52162
|
return "token refresh failed before authentication completed";
|
|
52083
52163
|
}
|
|
52084
52164
|
var getLoginStatusWithDeps2 = async (options = {}, deps = {}) => {
|
|
52085
|
-
if (isEnvAuthEnabled2()) {
|
|
52086
|
-
return readAuthFromEnv2();
|
|
52087
|
-
}
|
|
52088
|
-
const { envFilePath = DEFAULT_ENV_FILENAME2, ensureTokenValidityMinutes } = options;
|
|
52089
52165
|
const {
|
|
52090
52166
|
resolveEnvFilePath = resolveEnvFilePathAsync2,
|
|
52091
52167
|
loadEnvFile = loadEnvFileAsync2,
|
|
@@ -52095,6 +52171,34 @@ var getLoginStatusWithDeps2 = async (options = {}, deps = {}) => {
|
|
|
52095
52171
|
resolveConfig: resolveConfig2 = resolveConfigAsync2,
|
|
52096
52172
|
robotFallback = tryRobotClientFallback2
|
|
52097
52173
|
} = deps;
|
|
52174
|
+
if (isRobotAuthEnforced2()) {
|
|
52175
|
+
if (isEnvAuthEnabled2()) {
|
|
52176
|
+
throw new EnvAuthConfigError2(`${ENV_AUTH_ENABLE_VAR2}=true and ${ENFORCE_ROBOT_AUTH_VAR2}=true ` + `are mutually exclusive. Unset one of them and re-run.`);
|
|
52177
|
+
}
|
|
52178
|
+
const robotCreds = await robotFallback({ force: true });
|
|
52179
|
+
if (!robotCreds) {
|
|
52180
|
+
return {
|
|
52181
|
+
loginStatus: "Not logged in",
|
|
52182
|
+
hint: `${ENFORCE_ROBOT_AUTH_VAR2}=true but the UiPath Robot ` + `session is unavailable. Start and sign in to the Assistant, ` + `or unset ${ENFORCE_ROBOT_AUTH_VAR2} to fall back to file or ` + `env-var authentication.`
|
|
52183
|
+
};
|
|
52184
|
+
}
|
|
52185
|
+
const expiration2 = getTokenExpiration2(robotCreds.accessToken);
|
|
52186
|
+
return {
|
|
52187
|
+
loginStatus: "Logged in",
|
|
52188
|
+
accessToken: robotCreds.accessToken,
|
|
52189
|
+
baseUrl: robotCreds.baseUrl,
|
|
52190
|
+
organizationName: robotCreds.organizationName,
|
|
52191
|
+
organizationId: robotCreds.organizationId,
|
|
52192
|
+
tenantName: robotCreds.tenantName,
|
|
52193
|
+
tenantId: robotCreds.tenantId,
|
|
52194
|
+
expiration: expiration2,
|
|
52195
|
+
source: "robot"
|
|
52196
|
+
};
|
|
52197
|
+
}
|
|
52198
|
+
if (isEnvAuthEnabled2()) {
|
|
52199
|
+
return readAuthFromEnv2();
|
|
52200
|
+
}
|
|
52201
|
+
const { envFilePath = DEFAULT_ENV_FILENAME2, ensureTokenValidityMinutes } = options;
|
|
52098
52202
|
const { absolutePath } = await resolveEnvFilePath(envFilePath);
|
|
52099
52203
|
if (absolutePath === undefined) {
|
|
52100
52204
|
const robotCreds = await robotFallback();
|
|
@@ -52261,10 +52365,11 @@ async function createGovernanceConfig(options) {
|
|
|
52261
52365
|
apiKey: () => `Bearer ${bearerToken}`
|
|
52262
52366
|
});
|
|
52263
52367
|
}
|
|
52264
|
-
async function
|
|
52368
|
+
async function createApiClient2(ApiClass, options) {
|
|
52265
52369
|
const config = await createGovernanceConfig(options);
|
|
52266
52370
|
return new ApiClass(config);
|
|
52267
52371
|
}
|
|
52372
|
+
init_src2();
|
|
52268
52373
|
function isPromiseLike22(value) {
|
|
52269
52374
|
return value !== null && typeof value === "object" && typeof value.then === "function";
|
|
52270
52375
|
}
|
|
@@ -52291,71 +52396,6 @@ function settlePromiseLike22(thenable) {
|
|
|
52291
52396
|
undefined
|
|
52292
52397
|
]);
|
|
52293
52398
|
}
|
|
52294
|
-
var examplesByCommand2 = new WeakMap;
|
|
52295
|
-
Command.prototype.examples = function(examples) {
|
|
52296
|
-
examplesByCommand2.set(this, examples);
|
|
52297
|
-
return this;
|
|
52298
|
-
};
|
|
52299
|
-
var PREFIX2 = "@uipath/common/";
|
|
52300
|
-
var _g2 = globalThis;
|
|
52301
|
-
function singleton2(ctorOrName) {
|
|
52302
|
-
const name = typeof ctorOrName === "string" ? ctorOrName : ctorOrName.name;
|
|
52303
|
-
const key = Symbol.for(PREFIX2 + name);
|
|
52304
|
-
return {
|
|
52305
|
-
get(fallback) {
|
|
52306
|
-
return _g2[key] ?? fallback;
|
|
52307
|
-
},
|
|
52308
|
-
set(value) {
|
|
52309
|
-
_g2[key] = value;
|
|
52310
|
-
},
|
|
52311
|
-
clear() {
|
|
52312
|
-
delete _g2[key];
|
|
52313
|
-
},
|
|
52314
|
-
getOrInit(factory, guard) {
|
|
52315
|
-
const existing = _g2[key];
|
|
52316
|
-
if (existing != null && typeof existing === "object") {
|
|
52317
|
-
if (!guard || guard(existing)) {
|
|
52318
|
-
return existing;
|
|
52319
|
-
}
|
|
52320
|
-
}
|
|
52321
|
-
const instance = factory();
|
|
52322
|
-
_g2[key] = instance;
|
|
52323
|
-
return instance;
|
|
52324
|
-
}
|
|
52325
|
-
};
|
|
52326
|
-
}
|
|
52327
|
-
function createStorage2() {
|
|
52328
|
-
const [error, mod2] = catchError22(() => __require3("node:async_hooks"));
|
|
52329
|
-
if (error || typeof mod2?.AsyncLocalStorage !== "function") {
|
|
52330
|
-
return {
|
|
52331
|
-
getStore: () => {
|
|
52332
|
-
return;
|
|
52333
|
-
},
|
|
52334
|
-
run: (_store, fn) => fn()
|
|
52335
|
-
};
|
|
52336
|
-
}
|
|
52337
|
-
return new mod2.AsyncLocalStorage;
|
|
52338
|
-
}
|
|
52339
|
-
var storageSingleton2 = singleton2("OutputStorage");
|
|
52340
|
-
var sinkSlot2 = singleton2("OutputSink");
|
|
52341
|
-
var outputStorage2 = storageSingleton2.getOrInit(createStorage2, (v) => ("getStore" in v));
|
|
52342
|
-
var CONSOLE_FALLBACK2 = {
|
|
52343
|
-
writeOut: (str2) => process.stdout.write(str2),
|
|
52344
|
-
writeErr: (str2) => process.stderr.write(str2),
|
|
52345
|
-
writeLog: (str2) => process.stdout.write(str2),
|
|
52346
|
-
capabilities: {
|
|
52347
|
-
isInteractive: false,
|
|
52348
|
-
supportsColor: false,
|
|
52349
|
-
outputWidth: 80
|
|
52350
|
-
}
|
|
52351
|
-
};
|
|
52352
|
-
function getOutputSink2() {
|
|
52353
|
-
return outputStorage2.getStore() ?? sinkSlot2.get() ?? CONSOLE_FALLBACK2;
|
|
52354
|
-
}
|
|
52355
|
-
var COMPLETER_SYMBOL2 = Symbol.for("@uipath/common/completer");
|
|
52356
|
-
var guardInstalledSlot2 = singleton2("ConsoleGuardInstalled");
|
|
52357
|
-
var savedOriginalsSlot2 = singleton2("ConsoleGuardOriginals");
|
|
52358
|
-
var DEFAULT_AUTH_TIMEOUT_MS22 = 5 * 60 * 1000;
|
|
52359
52399
|
var DEFAULT_4012 = "Unauthorized (401). Run `uip login` to authenticate.";
|
|
52360
52400
|
var DEFAULT_4032 = "Forbidden (403). Ensure the account has the required permissions.";
|
|
52361
52401
|
var DEFAULT_4052 = "Method Not Allowed (405). The endpoint may not exist or the base URL may be incorrect.";
|
|
@@ -52490,6 +52530,71 @@ async function extractErrorMessage2(error, options) {
|
|
|
52490
52530
|
const { message } = await extractErrorDetails2(error, options);
|
|
52491
52531
|
return message;
|
|
52492
52532
|
}
|
|
52533
|
+
var examplesByCommand2 = new WeakMap;
|
|
52534
|
+
Command.prototype.examples = function(examples) {
|
|
52535
|
+
examplesByCommand2.set(this, examples);
|
|
52536
|
+
return this;
|
|
52537
|
+
};
|
|
52538
|
+
var PREFIX2 = "@uipath/common/";
|
|
52539
|
+
var _g2 = globalThis;
|
|
52540
|
+
function singleton2(ctorOrName) {
|
|
52541
|
+
const name = typeof ctorOrName === "string" ? ctorOrName : ctorOrName.name;
|
|
52542
|
+
const key = Symbol.for(PREFIX2 + name);
|
|
52543
|
+
return {
|
|
52544
|
+
get(fallback) {
|
|
52545
|
+
return _g2[key] ?? fallback;
|
|
52546
|
+
},
|
|
52547
|
+
set(value) {
|
|
52548
|
+
_g2[key] = value;
|
|
52549
|
+
},
|
|
52550
|
+
clear() {
|
|
52551
|
+
delete _g2[key];
|
|
52552
|
+
},
|
|
52553
|
+
getOrInit(factory, guard) {
|
|
52554
|
+
const existing = _g2[key];
|
|
52555
|
+
if (existing != null && typeof existing === "object") {
|
|
52556
|
+
if (!guard || guard(existing)) {
|
|
52557
|
+
return existing;
|
|
52558
|
+
}
|
|
52559
|
+
}
|
|
52560
|
+
const instance = factory();
|
|
52561
|
+
_g2[key] = instance;
|
|
52562
|
+
return instance;
|
|
52563
|
+
}
|
|
52564
|
+
};
|
|
52565
|
+
}
|
|
52566
|
+
function createStorage2() {
|
|
52567
|
+
const [error, mod2] = catchError22(() => __require3("node:async_hooks"));
|
|
52568
|
+
if (error || typeof mod2?.AsyncLocalStorage !== "function") {
|
|
52569
|
+
return {
|
|
52570
|
+
getStore: () => {
|
|
52571
|
+
return;
|
|
52572
|
+
},
|
|
52573
|
+
run: (_store, fn) => fn()
|
|
52574
|
+
};
|
|
52575
|
+
}
|
|
52576
|
+
return new mod2.AsyncLocalStorage;
|
|
52577
|
+
}
|
|
52578
|
+
var storageSingleton2 = singleton2("OutputStorage");
|
|
52579
|
+
var sinkSlot2 = singleton2("OutputSink");
|
|
52580
|
+
var outputStorage2 = storageSingleton2.getOrInit(createStorage2, (v) => ("getStore" in v));
|
|
52581
|
+
var CONSOLE_FALLBACK2 = {
|
|
52582
|
+
writeOut: (str2) => process.stdout.write(str2),
|
|
52583
|
+
writeErr: (str2) => process.stderr.write(str2),
|
|
52584
|
+
writeLog: (str2) => process.stdout.write(str2),
|
|
52585
|
+
capabilities: {
|
|
52586
|
+
isInteractive: false,
|
|
52587
|
+
supportsColor: false,
|
|
52588
|
+
outputWidth: 80
|
|
52589
|
+
}
|
|
52590
|
+
};
|
|
52591
|
+
function getOutputSink2() {
|
|
52592
|
+
return outputStorage2.getStore() ?? sinkSlot2.get() ?? CONSOLE_FALLBACK2;
|
|
52593
|
+
}
|
|
52594
|
+
var COMPLETER_SYMBOL2 = Symbol.for("@uipath/common/completer");
|
|
52595
|
+
var guardInstalledSlot2 = singleton2("ConsoleGuardInstalled");
|
|
52596
|
+
var savedOriginalsSlot2 = singleton2("ConsoleGuardOriginals");
|
|
52597
|
+
var DEFAULT_AUTH_TIMEOUT_MS22 = 5 * 60 * 1000;
|
|
52493
52598
|
var isObject3 = (obj) => {
|
|
52494
52599
|
return obj !== null && Object.prototype.toString.call(obj) === "[object Object]";
|
|
52495
52600
|
};
|
|
@@ -57515,15 +57620,26 @@ class SuccessOutput2 {
|
|
|
57515
57620
|
}
|
|
57516
57621
|
}
|
|
57517
57622
|
}
|
|
57518
|
-
function
|
|
57623
|
+
function escapeNonAscii2(jsonText) {
|
|
57624
|
+
return jsonText.replace(/[\u0080-\uffff]/g, (c) => {
|
|
57625
|
+
const hex = c.charCodeAt(0).toString(16).padStart(4, "0");
|
|
57626
|
+
return `\\u${hex}`;
|
|
57627
|
+
});
|
|
57628
|
+
}
|
|
57629
|
+
function needsAsciiSafeJson2(sink) {
|
|
57630
|
+
return process.platform === "win32" && !sink.capabilities.isInteractive;
|
|
57631
|
+
}
|
|
57632
|
+
function printOutput2(data, format = "json", logFn, asciiSafe = false) {
|
|
57519
57633
|
if (!data) {
|
|
57520
57634
|
logFn("Empty response object. No data to display.");
|
|
57521
57635
|
return;
|
|
57522
57636
|
}
|
|
57523
57637
|
switch (format) {
|
|
57524
|
-
case "json":
|
|
57525
|
-
|
|
57638
|
+
case "json": {
|
|
57639
|
+
const json22 = JSON.stringify(data, null, 2);
|
|
57640
|
+
logFn(asciiSafe ? escapeNonAscii2(json22) : json22);
|
|
57526
57641
|
break;
|
|
57642
|
+
}
|
|
57527
57643
|
case "yaml":
|
|
57528
57644
|
logFn(toYaml2(data));
|
|
57529
57645
|
break;
|
|
@@ -57558,7 +57674,7 @@ function printOutput2(data, format = "json", logFn) {
|
|
|
57558
57674
|
function logOutput2(data, format = "json") {
|
|
57559
57675
|
const sink = getOutputSink2();
|
|
57560
57676
|
printOutput2(data, format, (msg) => sink.writeOut(`${msg}
|
|
57561
|
-
`));
|
|
57677
|
+
`), needsAsciiSafeJson2(sink));
|
|
57562
57678
|
}
|
|
57563
57679
|
function cellToString2(val) {
|
|
57564
57680
|
return val != null && typeof val === "object" ? JSON.stringify(val) : String(val ?? "");
|
|
@@ -57738,7 +57854,9 @@ var OutputFormatter2;
|
|
|
57738
57854
|
const format = getOutputFormat2();
|
|
57739
57855
|
const sink = getOutputSink2();
|
|
57740
57856
|
if (format === "json") {
|
|
57741
|
-
|
|
57857
|
+
const json22 = JSON.stringify(data);
|
|
57858
|
+
const safe = needsAsciiSafeJson2(sink) ? escapeNonAscii2(json22) : json22;
|
|
57859
|
+
sink.writeErr(`${safe}
|
|
57742
57860
|
`);
|
|
57743
57861
|
} else {
|
|
57744
57862
|
for (const [key, value] of Object.entries(data)) {
|
|
@@ -57754,9 +57872,10 @@ var OutputFormatter2;
|
|
|
57754
57872
|
data.Data = applyFilter2(data.Data, filter);
|
|
57755
57873
|
}
|
|
57756
57874
|
const lines = [];
|
|
57875
|
+
const sink = getOutputSink2();
|
|
57757
57876
|
printOutput2(data, getOutputFormat2(), (msg) => {
|
|
57758
57877
|
lines.push(msg);
|
|
57759
|
-
});
|
|
57878
|
+
}, needsAsciiSafeJson2(sink));
|
|
57760
57879
|
return lines.join(`
|
|
57761
57880
|
`);
|
|
57762
57881
|
}
|
|
@@ -59402,13 +59521,15 @@ async function readJsonFile(path32) {
|
|
|
59402
59521
|
async function readRawJson(raw) {
|
|
59403
59522
|
if (raw.status === 204)
|
|
59404
59523
|
return null;
|
|
59524
|
+
const text = await raw.text();
|
|
59525
|
+
if (!text)
|
|
59526
|
+
return null;
|
|
59405
59527
|
const contentType = raw.headers.get("content-type") ?? "";
|
|
59406
59528
|
if (!contentType.toLowerCase().includes("json")) {
|
|
59407
|
-
const
|
|
59408
|
-
const preview = body.length > 500 ? `${body.slice(0, 500)}…` : body;
|
|
59529
|
+
const preview = text.length > 500 ? `${text.slice(0, 500)}…` : text;
|
|
59409
59530
|
throw new Error(`Expected JSON response but got content-type '${contentType || "(none)"}' (HTTP ${raw.status}). Body: ${preview}`);
|
|
59410
59531
|
}
|
|
59411
|
-
return
|
|
59532
|
+
return JSON.parse(text);
|
|
59412
59533
|
}
|
|
59413
59534
|
var GET_EXAMPLES2 = [
|
|
59414
59535
|
{
|
|
@@ -59426,7 +59547,7 @@ var GET_EXAMPLES2 = [
|
|
|
59426
59547
|
];
|
|
59427
59548
|
var LIST_EXAMPLES2 = [
|
|
59428
59549
|
{
|
|
59429
|
-
Description: "List every rule that applies to a (
|
|
59550
|
+
Description: "List every rule that applies to a (license type, product, tenant) for the caller",
|
|
59430
59551
|
Command: "uip gov aops-policy deployed-policy list Attended StudioX a1b2c3d4-0000-0000-0000-000000000100",
|
|
59431
59552
|
Output: {
|
|
59432
59553
|
Code: "AopsPolicyDeployedPolicyList",
|
|
@@ -59475,7 +59596,7 @@ var registerDeployedPolicyCommands = (aopsPolicy) => {
|
|
|
59475
59596
|
].join(`
|
|
59476
59597
|
`));
|
|
59477
59598
|
deployedPolicy.command("get").description([
|
|
59478
|
-
"Return the single effective deployed policy for a (
|
|
59599
|
+
"Return the single effective deployed policy for a (license type, product, tenant) subject.",
|
|
59479
59600
|
"",
|
|
59480
59601
|
"Three resolution modes:",
|
|
59481
59602
|
" (default) — use the caller's own user token; resolves for the caller's own identity.",
|
|
@@ -59488,7 +59609,7 @@ var registerDeployedPolicyCommands = (aopsPolicy) => {
|
|
|
59488
59609
|
"Output: the resolved policy's data payload, or `{ Message: 'No policy applies.' }` when the service returns 204",
|
|
59489
59610
|
"(no rule matches and no default exists). Use `deployed-policy list` to see every rule, not just the effective one."
|
|
59490
59611
|
].join(`
|
|
59491
|
-
`)).argument("<
|
|
59612
|
+
`)).argument("<license-type>", "License type (e.g. Attended, Unattended). Must match a name from `license-type list`.").argument("<product-name>", "Product name (e.g. StudioX). Must match a name from `product list`.").argument("<tenantIdentifier>", "Tenant GUID. From `deployment tenant list`.").option("--s2s-token <token>", "Service-to-service bearer token. Overrides the user token from 'uip login' for this call only. Still requires `uip login` for base URL / org context. For security, prefer setting the UIP_S2S_TOKEN environment variable — tokens passed as CLI arguments are visible in process listings (ps aux, /proc/*/cmdline).").option("--user-id <userId>", "Resolve the effective policy for this specific user (runs the full user→group→tenant walk). Requires --s2s-token.").option("--tenant-only", "Resolve the tenant-level policy only, ignoring user/group overrides. Requires --s2s-token.").option("--login-validity <minutes>", "Override the interactive-login token lifetime. Ignored when --s2s-token is set (the S2S token lifetime is controlled by the caller).", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES2).trackedAction(processContext2, async (licenseType, productName, tenantIdentifier, options) => {
|
|
59492
59613
|
const s2sToken = resolveS2sToken(options);
|
|
59493
59614
|
const validationError = validateGetOptions(options, s2sToken);
|
|
59494
59615
|
if (validationError) {
|
|
@@ -59501,7 +59622,7 @@ var registerDeployedPolicyCommands = (aopsPolicy) => {
|
|
|
59501
59622
|
return;
|
|
59502
59623
|
}
|
|
59503
59624
|
const [error, result] = await catchError22((async () => {
|
|
59504
|
-
const api = await
|
|
59625
|
+
const api = await createApiClient2(PolicyApi, {
|
|
59505
59626
|
loginValidity: options.loginValidity,
|
|
59506
59627
|
s2sToken
|
|
59507
59628
|
});
|
|
@@ -59551,7 +59672,7 @@ var registerDeployedPolicyCommands = (aopsPolicy) => {
|
|
|
59551
59672
|
});
|
|
59552
59673
|
});
|
|
59553
59674
|
deployedPolicy.command("list").description([
|
|
59554
|
-
"List every rule that applies to a (
|
|
59675
|
+
"List every rule that applies to a (license type, product, tenant) for the calling user.",
|
|
59555
59676
|
"",
|
|
59556
59677
|
"Unlike `deployed-policy get` (which returns only the effective top-priority policy), this returns the",
|
|
59557
59678
|
"full set of applicable rules in priority order — useful for understanding why a particular value wins.",
|
|
@@ -59560,9 +59681,9 @@ var registerDeployedPolicyCommands = (aopsPolicy) => {
|
|
|
59560
59681
|
"user or use `deployed-policy get --s2s-token --user-id <id>` for the effective single policy.",
|
|
59561
59682
|
"Returns an empty array when no rules apply."
|
|
59562
59683
|
].join(`
|
|
59563
|
-
`)).argument("<
|
|
59684
|
+
`)).argument("<license-type>", "License type (e.g. Attended, Unattended). Must match a name from `license-type list`.").argument("<product-name>", "Product name (e.g. StudioX). Must match a name from `product list`.").argument("<tenantIdentifier>", "Tenant GUID. From `deployment tenant list`.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES2).trackedAction(processContext2, async (licenseType, productName, tenantIdentifier, options) => {
|
|
59564
59685
|
const [error, result] = await catchError22((async () => {
|
|
59565
|
-
const api = await
|
|
59686
|
+
const api = await createApiClient2(PolicyApi, {
|
|
59566
59687
|
loginValidity: options.loginValidity
|
|
59567
59688
|
});
|
|
59568
59689
|
return await api.policyGetAllRulesForProduct({
|
|
@@ -59683,7 +59804,7 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59683
59804
|
].join(`
|
|
59684
59805
|
`)).option("--limit <n>", "Page size — how many groups to return in one call. Defaults to 20.", (v) => Number.parseInt(v, 10), 20).option("--offset <n>", "Zero-based page index (NOT a row offset). Page 0 returns rows 1..limit.", (v) => Number.parseInt(v, 10), 0).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES22).trackedAction(processContext2, async (options) => {
|
|
59685
59806
|
const [error, result] = await catchError22((async () => {
|
|
59686
|
-
const api = await
|
|
59807
|
+
const api = await createApiClient2(GroupApi, {
|
|
59687
59808
|
loginValidity: options.loginValidity
|
|
59688
59809
|
});
|
|
59689
59810
|
return await api.groupGetAllGroups({
|
|
@@ -59713,7 +59834,7 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59713
59834
|
].join(`
|
|
59714
59835
|
`)).argument("<groupIdentifier>", "Group GUID. From `deployment group list` (the `identifier` field).").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES22).trackedAction(processContext2, async (groupIdentifier, options) => {
|
|
59715
59836
|
const [error, result] = await catchError22((async () => {
|
|
59716
|
-
const api = await
|
|
59837
|
+
const api = await createApiClient2(PolicyApi, {
|
|
59717
59838
|
loginValidity: options.loginValidity
|
|
59718
59839
|
});
|
|
59719
59840
|
const response = await api.policyGetGroupPoliciesForAllProductsRaw({
|
|
@@ -59739,6 +59860,10 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59739
59860
|
group.command("configure").description([
|
|
59740
59861
|
"Replace a group's per-product policy overrides with the list from a JSON file.",
|
|
59741
59862
|
"",
|
|
59863
|
+
"If the group is not yet registered with the governance service, this command",
|
|
59864
|
+
"auto-registers it (via the AddGroup endpoint) in the same call. For already-",
|
|
59865
|
+
"registered groups it runs as a full-replace upsert (SaveGroupPolicies).",
|
|
59866
|
+
"",
|
|
59742
59867
|
"This is a FULL replace, not a merge: products not in the input file are removed from the group's",
|
|
59743
59868
|
"override list (members fall back to tenant inheritance unless a per-user override exists).",
|
|
59744
59869
|
"Scope is per productIdentifier (not license-type-scoped).",
|
|
@@ -59757,7 +59882,7 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59757
59882
|
" policyIdentifier = null — pins 'No Policy' at group level (blocks tenant inheritance for members).",
|
|
59758
59883
|
" policyIdentifier = GUID — pins that policy for this group + product."
|
|
59759
59884
|
].join(`
|
|
59760
|
-
`)).argument("<groupIdentifier>", "Group GUID to configure. From `deployment group list`, or the upstream identity provider.").requiredOption("--group <group>", "Display name stored alongside the override (surfaced in audit logs / UI).").requiredOption("--input <path>", "Path to the JSON file holding the assignment array (see command description for the shape).").option("--source <source>", "Identity-provider source for the group (e.g. 'local', 'aad', 'cloud'). Defaults to 'local'.
|
|
59885
|
+
`)).argument("<groupIdentifier>", "Group GUID to configure. From `deployment group list`, or the upstream identity provider.").requiredOption("--group <group>", "Display name stored alongside the override (surfaced in audit logs / UI).").requiredOption("--input <path>", "Path to the JSON file holding the assignment array (see command description for the shape).").option("--source <source>", "Identity-provider source for the group (e.g. 'local', 'aad', 'cloud'). Defaults to 'local'. Used only on the upsert path (when the group already exists in governance); on first-time registration the server resolves source from CIS.", "local").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(CONFIGURE_EXAMPLES).trackedAction(processContext2, async (groupIdentifier, options) => {
|
|
59761
59886
|
const [error, result] = await catchError22((async () => {
|
|
59762
59887
|
const raw = await readJsonFile(options.input);
|
|
59763
59888
|
const entries = parseGroupPolicyInput(raw);
|
|
@@ -59767,22 +59892,40 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59767
59892
|
groupId: groupIdentifier,
|
|
59768
59893
|
groupName: options.group
|
|
59769
59894
|
}));
|
|
59770
|
-
const
|
|
59771
|
-
|
|
59895
|
+
const groupApi = await createApiClient2(GroupApi, {
|
|
59896
|
+
loginValidity: options.loginValidity
|
|
59897
|
+
});
|
|
59898
|
+
const existingRaw = await groupApi.groupGetGroupByIdentifierRaw({
|
|
59899
|
+
identifier: groupIdentifier
|
|
59900
|
+
});
|
|
59901
|
+
const existing = await readRawJson(existingRaw.raw);
|
|
59902
|
+
if (existing?.identifier) {
|
|
59903
|
+
const groupDto = {
|
|
59904
|
+
source: options.source,
|
|
59905
|
+
identifier: groupIdentifier,
|
|
59906
|
+
name: options.group,
|
|
59907
|
+
groupPolicies
|
|
59908
|
+
};
|
|
59909
|
+
const saved = await groupApi.groupSaveGroupPoliciesRaw({
|
|
59910
|
+
groupDto
|
|
59911
|
+
});
|
|
59912
|
+
return await readRawJson(saved.raw);
|
|
59913
|
+
}
|
|
59914
|
+
const groupToAddDto = {
|
|
59772
59915
|
identifier: groupIdentifier,
|
|
59773
59916
|
name: options.group,
|
|
59774
59917
|
groupPolicies
|
|
59775
59918
|
};
|
|
59776
|
-
const
|
|
59777
|
-
|
|
59919
|
+
const added = await groupApi.groupAddGroupRaw({
|
|
59920
|
+
groupToAddDto
|
|
59778
59921
|
});
|
|
59779
|
-
return await
|
|
59922
|
+
return await readRawJson(added.raw);
|
|
59780
59923
|
})());
|
|
59781
59924
|
if (error) {
|
|
59782
59925
|
OutputFormatter2.error({
|
|
59783
59926
|
Result: RESULTS2.Failure,
|
|
59784
59927
|
Message: await extractErrorMessage2(error),
|
|
59785
|
-
Instructions: "
|
|
59928
|
+
Instructions: "Check that the group identifier is correct, the input file is valid JSON, and you have governance admin permissions."
|
|
59786
59929
|
});
|
|
59787
59930
|
processContext2.exit(1);
|
|
59788
59931
|
return;
|
|
@@ -59800,10 +59943,13 @@ var registerDeploymentGroupCommands = (deployment) => {
|
|
|
59800
59943
|
].join(`
|
|
59801
59944
|
`)).argument("<groupIdentifier>", "Group GUID to delete. From `deployment group list`.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(DELETE_EXAMPLES2).trackedAction(processContext2, async (groupIdentifier, options) => {
|
|
59802
59945
|
const [error, result] = await catchError22((async () => {
|
|
59803
|
-
const api = await
|
|
59946
|
+
const api = await createApiClient2(GroupApi, {
|
|
59804
59947
|
loginValidity: options.loginValidity
|
|
59805
59948
|
});
|
|
59806
|
-
|
|
59949
|
+
const deleted = await api.groupDeleteGroupRaw({
|
|
59950
|
+
groupIdentifier
|
|
59951
|
+
});
|
|
59952
|
+
return await readRawJson(deleted.raw);
|
|
59807
59953
|
})());
|
|
59808
59954
|
if (error) {
|
|
59809
59955
|
OutputFormatter2.error({
|
|
@@ -59846,7 +59992,7 @@ var LIST_EXAMPLES3 = [
|
|
|
59846
59992
|
];
|
|
59847
59993
|
var GET_EXAMPLES3 = [
|
|
59848
59994
|
{
|
|
59849
|
-
Description: "Fetch a tenant's full set of (product,
|
|
59995
|
+
Description: "Fetch a tenant's full set of (product, license type, policy) assignments",
|
|
59850
59996
|
Command: "uip gov aops-policy deployment tenant get a1b2c3d4-0000-0000-0000-000000000100",
|
|
59851
59997
|
Output: {
|
|
59852
59998
|
Code: "AopsPolicyDeploymentTenantGet",
|
|
@@ -59937,18 +60083,23 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
59937
60083
|
`));
|
|
59938
60084
|
tenant.command("list").description([
|
|
59939
60085
|
"List tenants registered in the governance system along with their current policy assignments.",
|
|
60086
|
+
"",
|
|
60087
|
+
"Triggers an upstream sync from OMS before returning, so the page reflects the latest",
|
|
60088
|
+
"tenant catalog (new tenants, disabled/re-enabled state) — not just governance's local cache.",
|
|
59940
60089
|
"Each entry includes the `tenantIdentifier` needed by `deployment tenant get/configure/remove`",
|
|
59941
60090
|
"and by `deployed-policy get/list`. Results are paginated."
|
|
59942
60091
|
].join(`
|
|
59943
|
-
`)).option("--product-name <
|
|
60092
|
+
`)).option("--product-name <product-name>", "Return only tenants that have an assignment for this product (e.g. StudioX). Matches `product list` names.").option("--limit <n>", "Page size — how many tenants to return in one call. Defaults to 20.", (v) => Number.parseInt(v, 10), 20).option("--offset <n>", "Zero-based page index (NOT a row offset). Page 0 returns rows 1..limit.", (v) => Number.parseInt(v, 10), 0).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES3).trackedAction(processContext2, async (options) => {
|
|
59944
60093
|
const [error, result] = await catchError22((async () => {
|
|
59945
|
-
const api = await
|
|
60094
|
+
const api = await createApiClient2(TenantApi, {
|
|
59946
60095
|
loginValidity: options.loginValidity
|
|
59947
60096
|
});
|
|
59948
|
-
return await api.
|
|
59949
|
-
|
|
59950
|
-
|
|
59951
|
-
|
|
60097
|
+
return await api.tenantSyncAndGetAllTenants({
|
|
60098
|
+
governanceQueryOptions: {
|
|
60099
|
+
pageIndex: options.offset,
|
|
60100
|
+
pageSize: options.limit,
|
|
60101
|
+
productName: options.productName
|
|
60102
|
+
}
|
|
59952
60103
|
});
|
|
59953
60104
|
})());
|
|
59954
60105
|
if (error) {
|
|
@@ -59972,10 +60123,13 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
59972
60123
|
].join(`
|
|
59973
60124
|
`)).argument("<tenantIdentifier>", "Tenant GUID. Obtain from `deployment tenant list` (the `identifier` field).").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES3).trackedAction(processContext2, async (tenantIdentifier, options) => {
|
|
59974
60125
|
const [error, result] = await catchError22((async () => {
|
|
59975
|
-
const api = await
|
|
60126
|
+
const api = await createApiClient2(TenantApi, {
|
|
59976
60127
|
loginValidity: options.loginValidity
|
|
59977
60128
|
});
|
|
59978
|
-
|
|
60129
|
+
const fetched = await api.tenantGetTenantByIdRaw({
|
|
60130
|
+
tenantIdentifier
|
|
60131
|
+
});
|
|
60132
|
+
return await readRawJson(fetched.raw);
|
|
59979
60133
|
})());
|
|
59980
60134
|
if (error) {
|
|
59981
60135
|
OutputFormatter2.error({
|
|
@@ -59993,7 +60147,10 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
59993
60147
|
});
|
|
59994
60148
|
});
|
|
59995
60149
|
tenant.command("configure").description([
|
|
59996
|
-
"Replace a tenant's per-(product,
|
|
60150
|
+
"Replace a tenant's per-(product, license type) policy assignments with the list from a JSON file.",
|
|
60151
|
+
"",
|
|
60152
|
+
"Triggers an upstream sync from OMS before saving, so a freshly-created tenant (or a tenant",
|
|
60153
|
+
"whose status changed) is reconciled into governance before assignments are persisted.",
|
|
59997
60154
|
"",
|
|
59998
60155
|
"This is a FULL replace, not a merge: entries not in the input file are removed from the tenant.",
|
|
59999
60156
|
"To preserve existing assignments while adding new ones, start from `deployment tenant get` output.",
|
|
@@ -60009,9 +60166,9 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
60009
60166
|
" ]",
|
|
60010
60167
|
"",
|
|
60011
60168
|
"Semantics:",
|
|
60012
|
-
" Omit
|
|
60169
|
+
" Omit a (product, license type) entry entirely — inherits (nothing pinned at tenant level).",
|
|
60013
60170
|
" Set policyIdentifier to null — pins 'No Policy' at tenant level (blocks inheritance).",
|
|
60014
|
-
" Set policyIdentifier to a GUID — pins that policy for this (product,
|
|
60171
|
+
" Set policyIdentifier to a GUID — pins that policy for this (product, license type)."
|
|
60015
60172
|
].join(`
|
|
60016
60173
|
`)).argument("<tenantIdentifier>", "Tenant GUID to configure. From `deployment tenant list`.").requiredOption("--tenant-name <tenantName>", "Tenant display name. Must match the tenant's name in the governance service (from `tenant get`/`tenant list`).").requiredOption("--input <path>", "Path to the JSON file holding the assignment array (see command description for the shape).").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(CONFIGURE_EXAMPLES2).trackedAction(processContext2, async (tenantIdentifier, options) => {
|
|
60017
60174
|
const [error, result] = await catchError22((async () => {
|
|
@@ -60024,12 +60181,14 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
60024
60181
|
productIdentifier: entry.productIdentifier,
|
|
60025
60182
|
licenseTypeIdentifier: entry.licenseTypeIdentifier
|
|
60026
60183
|
}));
|
|
60027
|
-
const tenantApi = await
|
|
60184
|
+
const tenantApi = await createApiClient2(TenantApi, {
|
|
60028
60185
|
loginValidity: options.loginValidity
|
|
60029
60186
|
});
|
|
60030
|
-
|
|
60187
|
+
await tenantApi.tenantSyncAndGetAllTenants({});
|
|
60188
|
+
const saved = await tenantApi.tenantSaveTenantPoliciesRaw({
|
|
60031
60189
|
tenantPolicyDto
|
|
60032
60190
|
});
|
|
60191
|
+
return await readRawJson(saved.raw);
|
|
60033
60192
|
})());
|
|
60034
60193
|
if (error) {
|
|
60035
60194
|
OutputFormatter2.error({
|
|
@@ -60049,6 +60208,9 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
60049
60208
|
tenant.command("remove").description([
|
|
60050
60209
|
"Remove a tenant's policy assignment(s) for a product without rewriting the full list yourself.",
|
|
60051
60210
|
"",
|
|
60211
|
+
"Triggers an upstream sync from OMS before reading, so the read-modify-write sees the latest",
|
|
60212
|
+
"tenant state.",
|
|
60213
|
+
"",
|
|
60052
60214
|
"The command reads the tenant's current assignments, drops entries matching --product-name",
|
|
60053
60215
|
"(and --license-type if supplied), then re-saves the filtered list via `tenant configure`.",
|
|
60054
60216
|
"Fails fast with 'No matching policy assignment to remove' if nothing matches.",
|
|
@@ -60059,14 +60221,19 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
60059
60221
|
"",
|
|
60060
60222
|
"Output includes both the removed entries and the new tenantPolicies snapshot so you can audit the change."
|
|
60061
60223
|
].join(`
|
|
60062
|
-
`)).argument("<tenantIdentifier>", "Tenant GUID. From `deployment tenant list`.").requiredOption("--product-name <
|
|
60224
|
+
`)).argument("<tenantIdentifier>", "Tenant GUID. From `deployment tenant list`.").requiredOption("--product-name <product-name>", "Product to unpin (e.g. StudioX). Matches the `productIdentifier` field on the tenant's saved entries.").option("--license-type <license-type>", "Narrow the removal to one license type. Omit to remove every license-type entry for the product.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(REMOVE_EXAMPLES).trackedAction(processContext2, async (tenantIdentifier, options) => {
|
|
60063
60225
|
const [error, result] = await catchError22((async () => {
|
|
60064
|
-
const tenantApi = await
|
|
60226
|
+
const tenantApi = await createApiClient2(TenantApi, {
|
|
60065
60227
|
loginValidity: options.loginValidity
|
|
60066
60228
|
});
|
|
60067
|
-
|
|
60229
|
+
await tenantApi.tenantSyncAndGetAllTenants({});
|
|
60230
|
+
const currentRaw = await tenantApi.tenantGetTenantByIdRaw({
|
|
60068
60231
|
tenantIdentifier
|
|
60069
60232
|
});
|
|
60233
|
+
const current = await readRawJson(currentRaw.raw);
|
|
60234
|
+
if (!current) {
|
|
60235
|
+
throw new Error(`Tenant '${tenantIdentifier}' not found in governance.`);
|
|
60236
|
+
}
|
|
60070
60237
|
const existing = current.tenantPolicies ?? [];
|
|
60071
60238
|
const removed = [];
|
|
60072
60239
|
const kept = [];
|
|
@@ -60082,9 +60249,10 @@ var registerDeploymentTenantCommands = (deployment) => {
|
|
|
60082
60249
|
if (removed.length === 0) {
|
|
60083
60250
|
throw new Error("No matching policy assignment to remove.");
|
|
60084
60251
|
}
|
|
60085
|
-
const
|
|
60252
|
+
const savedRaw = await tenantApi.tenantSaveTenantPoliciesRaw({
|
|
60086
60253
|
tenantPolicyDto: kept
|
|
60087
60254
|
});
|
|
60255
|
+
const saved = await readRawJson(savedRaw.raw);
|
|
60088
60256
|
return { removed, tenantPolicies: saved };
|
|
60089
60257
|
})());
|
|
60090
60258
|
if (error) {
|
|
@@ -60195,7 +60363,7 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60195
60363
|
const user = deployment.command("user").description([
|
|
60196
60364
|
"Override tenant-level policy assignments for an individual user.",
|
|
60197
60365
|
"User assignments win over group and tenant at resolution time. Scope is per productIdentifier",
|
|
60198
|
-
"(unlike tenant, which is per (product,
|
|
60366
|
+
"(unlike tenant, which is per (product, license type))."
|
|
60199
60367
|
].join(`
|
|
60200
60368
|
`));
|
|
60201
60369
|
user.command("list").description([
|
|
@@ -60205,7 +60373,7 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60205
60373
|
].join(`
|
|
60206
60374
|
`)).option("--limit <n>", "Page size — how many users to return in one call. Defaults to 20.", (v) => Number.parseInt(v, 10), 20).option("--offset <n>", "Zero-based page index (NOT a row offset). Page 0 returns rows 1..limit.", (v) => Number.parseInt(v, 10), 0).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES4).trackedAction(processContext2, async (options) => {
|
|
60207
60375
|
const [error, result] = await catchError22((async () => {
|
|
60208
|
-
const api = await
|
|
60376
|
+
const api = await createApiClient2(UserApi, {
|
|
60209
60377
|
loginValidity: options.loginValidity
|
|
60210
60378
|
});
|
|
60211
60379
|
return await api.userGetAllUsers({
|
|
@@ -60236,7 +60404,7 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60236
60404
|
].join(`
|
|
60237
60405
|
`)).argument("<userIdentifier>", "User GUID. From `deployment user list` (the `identifier` field).").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES4).trackedAction(processContext2, async (userIdentifier, options) => {
|
|
60238
60406
|
const [error, result] = await catchError22((async () => {
|
|
60239
|
-
const api = await
|
|
60407
|
+
const api = await createApiClient2(PolicyApi, {
|
|
60240
60408
|
loginValidity: options.loginValidity
|
|
60241
60409
|
});
|
|
60242
60410
|
const response = await api.policyGetUserPoliciesForAllProductsRaw({
|
|
@@ -60262,9 +60430,13 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60262
60430
|
user.command("configure").description([
|
|
60263
60431
|
"Replace a user's per-product policy overrides with the list from a JSON file.",
|
|
60264
60432
|
"",
|
|
60433
|
+
"If the user is not yet registered with the governance service, this command",
|
|
60434
|
+
"auto-registers them (via the AddUser endpoint) in the same call. For already-",
|
|
60435
|
+
"registered users it runs as a full-replace upsert (SaveUserPolicies).",
|
|
60436
|
+
"",
|
|
60265
60437
|
"This is a FULL replace, not a merge: products not in the input file are removed from the user's",
|
|
60266
60438
|
"override list (they will fall back to group/tenant inheritance). Scope is per productIdentifier —",
|
|
60267
|
-
"user overrides are not license-type
|
|
60439
|
+
"user overrides are not license-type scoped (unlike tenant assignments).",
|
|
60268
60440
|
"",
|
|
60269
60441
|
"Input file shape (JSON array):",
|
|
60270
60442
|
" [",
|
|
@@ -60280,7 +60452,7 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60280
60452
|
" policyIdentifier = null — pins 'No Policy' at user level (blocks group/tenant inheritance).",
|
|
60281
60453
|
" policyIdentifier = GUID — pins that policy for this user + product."
|
|
60282
60454
|
].join(`
|
|
60283
|
-
`)).argument("<userIdentifier>", "User GUID to configure. From `deployment user list`, or the upstream identity provider.").requiredOption("--user <user>", "Display name stored alongside the override (surfaced in audit logs / UI).").requiredOption("--input <path>", "Path to the JSON file holding the assignment array (see command description for the shape).").option("--source <source>", "Identity-provider source for the user (e.g. 'local', 'aad', 'cloud'). Defaults to 'local'.
|
|
60455
|
+
`)).argument("<userIdentifier>", "User GUID to configure. From `deployment user list`, or the upstream identity provider.").requiredOption("--user <user>", "Display name stored alongside the override (surfaced in audit logs / UI).").requiredOption("--input <path>", "Path to the JSON file holding the assignment array (see command description for the shape).").option("--source <source>", "Identity-provider source for the user (e.g. 'local', 'aad', 'cloud'). Defaults to 'local'. Used only on the upsert path (when the user already exists in governance); on first-time registration the server resolves source from CIS.", "local").option("--email <email>", "Email used only when registering a brand-new user with the governance service. Ignored once the user is already known to governance. Defaults to --user when omitted.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(CONFIGURE_EXAMPLES3).trackedAction(processContext2, async (userIdentifier, options) => {
|
|
60284
60456
|
const [error, result] = await catchError22((async () => {
|
|
60285
60457
|
const raw = await readJsonFile(options.input);
|
|
60286
60458
|
const entries = parseUserPolicyInput(raw);
|
|
@@ -60290,22 +60462,40 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60290
60462
|
userId: userIdentifier,
|
|
60291
60463
|
userName: options.user
|
|
60292
60464
|
}));
|
|
60293
|
-
const
|
|
60294
|
-
|
|
60465
|
+
const userApi = await createApiClient2(UserApi, {
|
|
60466
|
+
loginValidity: options.loginValidity
|
|
60467
|
+
});
|
|
60468
|
+
const existingRaw = await userApi.userGetUserByIdentifierRaw({
|
|
60469
|
+
identifier: userIdentifier
|
|
60470
|
+
});
|
|
60471
|
+
const existing = await readRawJson(existingRaw.raw);
|
|
60472
|
+
if (existing?.identifier) {
|
|
60473
|
+
const userDto = {
|
|
60474
|
+
source: options.source,
|
|
60475
|
+
identifier: userIdentifier,
|
|
60476
|
+
name: options.user,
|
|
60477
|
+
userPolicies
|
|
60478
|
+
};
|
|
60479
|
+
const saved = await userApi.userSaveUserPoliciesRaw({
|
|
60480
|
+
userDto
|
|
60481
|
+
});
|
|
60482
|
+
return await readRawJson(saved.raw);
|
|
60483
|
+
}
|
|
60484
|
+
const userToAddDto = {
|
|
60295
60485
|
identifier: userIdentifier,
|
|
60296
|
-
|
|
60486
|
+
email: options.email ?? options.user,
|
|
60297
60487
|
userPolicies
|
|
60298
60488
|
};
|
|
60299
|
-
const
|
|
60300
|
-
|
|
60489
|
+
const added = await userApi.userAddUserRaw({
|
|
60490
|
+
userToAddDto
|
|
60301
60491
|
});
|
|
60302
|
-
return await
|
|
60492
|
+
return await readRawJson(added.raw);
|
|
60303
60493
|
})());
|
|
60304
60494
|
if (error) {
|
|
60305
60495
|
OutputFormatter2.error({
|
|
60306
60496
|
Result: RESULTS2.Failure,
|
|
60307
60497
|
Message: await extractErrorMessage2(error),
|
|
60308
|
-
Instructions: "
|
|
60498
|
+
Instructions: "Check that the user identifier is correct, the input file is valid JSON, and you have governance admin permissions."
|
|
60309
60499
|
});
|
|
60310
60500
|
processContext2.exit(1);
|
|
60311
60501
|
return;
|
|
@@ -60323,12 +60513,13 @@ var registerDeploymentUserCommands = (deployment) => {
|
|
|
60323
60513
|
].join(`
|
|
60324
60514
|
`)).argument("<userIdentifier>", "User GUID whose overrides should be cleared. From `deployment user list`.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(DELETE_EXAMPLES22).trackedAction(processContext2, async (userIdentifier, options) => {
|
|
60325
60515
|
const [error, result] = await catchError22((async () => {
|
|
60326
|
-
const api = await
|
|
60516
|
+
const api = await createApiClient2(UserApi, {
|
|
60327
60517
|
loginValidity: options.loginValidity
|
|
60328
60518
|
});
|
|
60329
|
-
|
|
60519
|
+
const deleted = await api.userDeleteUserPoliciesRaw({
|
|
60330
60520
|
userIdentifier
|
|
60331
60521
|
});
|
|
60522
|
+
return await readRawJson(deleted.raw);
|
|
60332
60523
|
})());
|
|
60333
60524
|
if (error) {
|
|
60334
60525
|
OutputFormatter2.error({
|
|
@@ -60351,7 +60542,7 @@ var registerDeploymentCommands = (aopsPolicy) => {
|
|
|
60351
60542
|
"Assign, remove, and inspect policy deployments on governance subjects (tenants, users, groups).",
|
|
60352
60543
|
"",
|
|
60353
60544
|
"Resolution order at runtime is user → group → tenant (user beats group beats tenant). A subject with no",
|
|
60354
|
-
"explicit assignment for a (product,
|
|
60545
|
+
"explicit assignment for a (product, license type) inherits from the next level up; use `null` as the",
|
|
60355
60546
|
"policyIdentifier in a configure input to explicitly pin 'No Policy' and short-circuit inheritance.",
|
|
60356
60547
|
"",
|
|
60357
60548
|
"Subcommand groups:",
|
|
@@ -60389,17 +60580,17 @@ var registerLicenseTypeCommands = (aopsPolicy) => {
|
|
|
60389
60580
|
const licenseType = aopsPolicy.command("license-type").description([
|
|
60390
60581
|
"Inspect the catalog of license types recognized by the governance service.",
|
|
60391
60582
|
"License types (e.g. Attended, Unattended) are read-only — used to scope `deployment tenant configure` entries",
|
|
60392
|
-
"and as the `<
|
|
60583
|
+
"and as the `<license-type>` argument to `deployed-policy get/list`."
|
|
60393
60584
|
].join(`
|
|
60394
60585
|
`));
|
|
60395
60586
|
licenseType.command("list").description([
|
|
60396
60587
|
"List every license type known to the governance service.",
|
|
60397
|
-
"The `identifier` field feeds `deployment tenant configure` entries (one policy per (product,
|
|
60398
|
-
"the display name is what `deployed-policy get/list` accept as the `<
|
|
60588
|
+
"The `identifier` field feeds `deployment tenant configure` entries (one policy per (product, license type) pair);",
|
|
60589
|
+
"the display name is what `deployed-policy get/list` accept as the `<license-type>` argument."
|
|
60399
60590
|
].join(`
|
|
60400
60591
|
`)).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES5).trackedAction(processContext2, async (options) => {
|
|
60401
60592
|
const [error, result] = await catchError22((async () => {
|
|
60402
|
-
const api = await
|
|
60593
|
+
const api = await createApiClient2(LicenseTypeApi, {
|
|
60403
60594
|
loginValidity: options.loginValidity
|
|
60404
60595
|
});
|
|
60405
60596
|
return await api.licenseTypeGetAllLicenseTypes();
|
|
@@ -60470,7 +60661,7 @@ var registerProductCommands = (aopsPolicy) => {
|
|
|
60470
60661
|
].join(`
|
|
60471
60662
|
`)).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES6).trackedAction(processContext2, async (options) => {
|
|
60472
60663
|
const [error, result] = await catchError22((async () => {
|
|
60473
|
-
const api = await
|
|
60664
|
+
const api = await createApiClient2(ProductApi, {
|
|
60474
60665
|
loginValidity: options.loginValidity
|
|
60475
60666
|
});
|
|
60476
60667
|
return await api.productGetAllProducts();
|
|
@@ -60492,7 +60683,7 @@ var registerProductCommands = (aopsPolicy) => {
|
|
|
60492
60683
|
});
|
|
60493
60684
|
product.command("get").description("Fetch a single product record (name, label, identifier, flags). Use to verify a name is valid before calling `policy create` or `template get`.").argument("<productIdentifier>", "Product name (e.g. StudioX) or GUID. Either the `name` or the `identifier` from `product list` is accepted.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES5).trackedAction(processContext2, async (productIdentifier, options) => {
|
|
60494
60685
|
const [error, result] = await catchError22((async () => {
|
|
60495
|
-
const api = await
|
|
60686
|
+
const api = await createApiClient2(ProductApi, {
|
|
60496
60687
|
loginValidity: options.loginValidity
|
|
60497
60688
|
});
|
|
60498
60689
|
return await api.productGetProductByName({
|
|
@@ -62747,7 +62938,7 @@ var registerTemplateCommands = (aopsPolicy) => {
|
|
|
62747
62938
|
`));
|
|
62748
62939
|
template.command("get").description("Fetch the active Form.io policy template for one product and emit policy artifacts. " + "Pass --output-form-data to write the fillable blueprint (the object you fill in and submit back on create/update); display-only components (hidden, button, submit, HTML, content) are skipped and missing leaves get type-appropriate defaults (false for checkbox, [] for editgrid, {} for selectboxes, null for text/select). " + "Pass --output-template-locale-resource to write a human-readable reference derived from the DTO: every product-scoped locale key is replaced with its English string (with a sibling `<prop>-key` preserving the original for traceability) and `defaultData.data` is replaced with a flat annotated map ({ value, type, label, description?, tooltip? }); cross-product prefixes (e.g. `AutomationOps.submit`) are left unresolved. " + "If neither --output flag is passed, the template and form-data are returned in the stdout Success payload (`Data.template` and `Data.formData`) for piping/scripting.").argument("<productIdentifier>", "Product name or identifier (e.g. StudioX, AITrustLayer). Use 'uip gov aops-policy product list' to list options.").option("--output-form-data <path>", "Write the fillable form-data blueprint JSON (the object you edit and submit back).").option("--output-template-locale-resource <path>", "Write the locale-resolved template reference JSON (open this to understand every field, option label, description, tooltip, and validation message).").option("--login-validity <minutes>", "Login token validity in minutes", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES6).trackedAction(processContext2, async (productIdentifier, options) => {
|
|
62749
62940
|
const [templateError, dto] = await catchError22((async () => {
|
|
62750
|
-
const api = await
|
|
62941
|
+
const api = await createApiClient2(ContentApi, {
|
|
62751
62942
|
loginValidity: options.loginValidity
|
|
62752
62943
|
});
|
|
62753
62944
|
return await api.contentGetFormioTemplatesByProductIdentifier({ productIdentifier });
|
|
@@ -62806,7 +62997,7 @@ var registerTemplateCommands = (aopsPolicy) => {
|
|
|
62806
62997
|
});
|
|
62807
62998
|
template.command("list").description("Fetch every product's active Form.io template and dump a full artifact set per product. " + "For each product, writes three files under <output-dir>/<ProductName>/: " + "`form-template.json` (the raw DTO returned by the governance API, for debugging/reference); " + "`form-data.json` (the fillable blueprint — edit this and submit to create/update a policy); " + "`form-template-locale-resource.json` (the locale-resolved reference — open this first to understand each field, its options, and its validation rules before filling `form-data.json`; see `template get --help` for the file's shape). " + "Per-product fetch failures are collected and do not abort the run; the command exits 1 only if every product fails. Use this instead of looping `template get` to dump all products in one pass.").requiredOption("--output-dir <path>", "Directory under which <ProductName>/ folders (containing the three artifacts) will be created.").option("--login-validity <minutes>", "Login token validity in minutes", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES7).trackedAction(processContext2, async (options) => {
|
|
62808
62999
|
const [productsError, products] = await catchError22((async () => {
|
|
62809
|
-
const api = await
|
|
63000
|
+
const api = await createApiClient2(ProductApi, {
|
|
62810
63001
|
loginValidity: options.loginValidity
|
|
62811
63002
|
});
|
|
62812
63003
|
return await api.productGetAllProducts();
|
|
@@ -62823,7 +63014,7 @@ var registerTemplateCommands = (aopsPolicy) => {
|
|
|
62823
63014
|
const locale = en_US_default;
|
|
62824
63015
|
const fs72 = getFileSystem2();
|
|
62825
63016
|
const outputDir = fs72.path.resolve(options.outputDir);
|
|
62826
|
-
const contentApi = await
|
|
63017
|
+
const contentApi = await createApiClient2(ContentApi, {
|
|
62827
63018
|
loginValidity: options.loginValidity
|
|
62828
63019
|
});
|
|
62829
63020
|
const productList = Array.isArray(products) ? products : [];
|
|
@@ -62979,7 +63170,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
62979
63170
|
" license-type — list license types (feeds deployment entries).",
|
|
62980
63171
|
" template — fetch Form.io templates and emit the form-data blueprint you pass to create/update.",
|
|
62981
63172
|
" deployment — assign policies to tenants/users/groups.",
|
|
62982
|
-
" deployed-policy — resolve the effective policy for a (
|
|
63173
|
+
" deployed-policy — resolve the effective policy for a (license type, product, tenant) subject.",
|
|
62983
63174
|
"",
|
|
62984
63175
|
"Typical flow: `template get <product>` → edit the emitted form-data.json →",
|
|
62985
63176
|
"`policy create --product-name <product> --name <name> --input form-data.json` →",
|
|
@@ -62997,24 +63188,24 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
62997
63188
|
"Use the returned `identifier` with `policy get`, `policy update`, `policy delete`, or with",
|
|
62998
63189
|
"`deployment tenant|user|group configure` to assign the policy."
|
|
62999
63190
|
].join(`
|
|
63000
|
-
`)).option("--product-name <
|
|
63191
|
+
`)).option("--product-name <product-name>", "Restrict results to one product (e.g. StudioX). Matches `product.name` — use `product list` to see available names.").option("--product-label <productLabel>", "Restrict results to one product by its display label (e.g. 'Studio X'). Prefer --product-name for scripting.").option("--search <searchTerm>", "Case-insensitive substring match against policy name/description.").option("--sort-by <field>", "Field to sort by (e.g. name, createdOn, priority). Passed through to the governance API.").option("--sort-order <direction>", "Sort direction for --sort-by: 'asc' (ascending) or 'desc' (descending). Case-insensitive.").option("--limit <n>", "Page size — how many policies to return in one call. Defaults to 20.", (v) => Number.parseInt(v, 10), 20).option("--offset <n>", "Zero-based page index (NOT a row offset). Page 0 returns rows 1..limit, page 1 returns limit+1..2*limit, etc.", (v) => Number.parseInt(v, 10), 0).option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(LIST_EXAMPLES8).trackedAction(processContext2, async (options) => {
|
|
63001
63192
|
const [error, result] = await catchError22((async () => {
|
|
63002
63193
|
let sortOrder;
|
|
63003
|
-
if (options.
|
|
63004
|
-
const direction = options.
|
|
63194
|
+
if (options.sortOrder) {
|
|
63195
|
+
const direction = options.sortOrder.toLowerCase();
|
|
63005
63196
|
if (direction !== "asc" && direction !== "desc") {
|
|
63006
|
-
throw new Error(`Invalid --order
|
|
63197
|
+
throw new Error(`Invalid --sort-order '${options.sortOrder}'. Use 'asc' or 'desc'.`);
|
|
63007
63198
|
}
|
|
63008
63199
|
sortOrder = direction === "asc" ? SortOrder.NUMBER_0 : SortOrder.NUMBER_1;
|
|
63009
63200
|
}
|
|
63010
|
-
const api = await
|
|
63201
|
+
const api = await createApiClient2(PolicyApi, {
|
|
63011
63202
|
loginValidity: options.loginValidity
|
|
63012
63203
|
});
|
|
63013
63204
|
return await api.policyGetAllPoliciesByQueryOptions({
|
|
63014
63205
|
productName: options.productName,
|
|
63015
63206
|
productLabel: options.productLabel,
|
|
63016
63207
|
searchTerm: options.search,
|
|
63017
|
-
sortBy: options.
|
|
63208
|
+
sortBy: options.sortBy,
|
|
63018
63209
|
sortOrder,
|
|
63019
63210
|
pageIndex: options.offset,
|
|
63020
63211
|
pageSize: options.limit
|
|
@@ -63042,7 +63233,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63042
63233
|
].join(`
|
|
63043
63234
|
`)).argument("<policyIdentifier>", "Policy GUID. Obtain from `policy list` (the `identifier` field of each returned policy).").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(GET_EXAMPLES7).trackedAction(processContext2, async (policyIdentifier, options) => {
|
|
63044
63235
|
const [error, result] = await catchError22((async () => {
|
|
63045
|
-
const api = await
|
|
63236
|
+
const api = await createApiClient2(PolicyApi, {
|
|
63046
63237
|
loginValidity: options.loginValidity
|
|
63047
63238
|
});
|
|
63048
63239
|
return await api.policyGetPolicyById({ policyIdentifier });
|
|
@@ -63072,7 +63263,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63072
63263
|
"After creation, the new policy's identifier can be passed to `deployment tenant|user|group configure`",
|
|
63073
63264
|
"to assign it to a subject."
|
|
63074
63265
|
].join(`
|
|
63075
|
-
`)).requiredOption("--name <name>", "Human-readable policy name (must be unique within the product).").requiredOption("--product-name <
|
|
63266
|
+
`)).requiredOption("--name <name>", "Human-readable policy name (must be unique within the product).").requiredOption("--product-name <product-name>", "Target product (e.g. StudioX, AITrustLayer). Must match a name from `product list`.").option("--description <description>", "Optional free-text description surfaced in the governance UI.").option("--priority <n>", "Integer priority. When multiple policies apply to the same subject, higher numbers win.", (v) => Number.parseInt(v, 10)).option("--availability <n>", "Availability flag (product-specific enum). Check the governance UI or service docs for valid values.", (v) => Number.parseInt(v, 10)).option("--input <path>", "Path to a JSON file with the filled form-data object (produced by `template get --output-form-data`). Omit for a policy with no data payload.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(CREATE_EXAMPLES2).trackedAction(processContext2, async (options) => {
|
|
63076
63267
|
const [error, result] = await catchError22((async () => {
|
|
63077
63268
|
const data = await readPolicyDataFile(options.input);
|
|
63078
63269
|
const createPolicyRequest = {
|
|
@@ -63083,7 +63274,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63083
63274
|
availability: options.availability,
|
|
63084
63275
|
data
|
|
63085
63276
|
};
|
|
63086
|
-
const api = await
|
|
63277
|
+
const api = await createApiClient2(PolicyApi, {
|
|
63087
63278
|
loginValidity: options.loginValidity
|
|
63088
63279
|
});
|
|
63089
63280
|
return await api.policyCreatePolicyV2({
|
|
@@ -63115,7 +63306,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63115
63306
|
"Fails with a 'template upgrade in progress' error if the underlying Form.io template is being migrated;",
|
|
63116
63307
|
"retry once the upgrade completes."
|
|
63117
63308
|
].join(`
|
|
63118
|
-
`)).requiredOption("--identifier <identifier>", "Policy GUID to update. From `policy list` or `policy get`.").requiredOption("--name <name>", "Policy name. Required on every update — passing the existing name preserves it.").requiredOption("--product-name <
|
|
63309
|
+
`)).requiredOption("--identifier <identifier>", "Policy GUID to update. From `policy list` or `policy get`.").requiredOption("--name <name>", "Policy name. Required on every update — passing the existing name preserves it.").requiredOption("--product-name <product-name>", "Target product. Must match the policy's existing product (changing product on update is not supported).").option("--description <description>", "Free-text description. Full-replace: omitting this flag clears the description — re-pass the existing value from `policy get` to preserve it.").option("--priority <n>", "Integer priority. Full-replace: omitting this flag clears priority on the server — re-pass the existing value from `policy get` to preserve it.", (v) => Number.parseInt(v, 10)).option("--availability <n>", "Availability flag. Full-replace: omitting this flag clears availability — re-pass the existing value from `policy get` to preserve it.", (v) => Number.parseInt(v, 10)).option("--input <path>", "Path to a JSON file with the updated form-data object. Full-replace: omitting this flag clears the data payload — re-pass the existing data (save `policy get` output to a file) to preserve it.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(UPDATE_EXAMPLES2).trackedAction(processContext2, async (options) => {
|
|
63119
63310
|
const [error, result] = await catchError22((async () => {
|
|
63120
63311
|
const data = await readPolicyDataFile(options.input);
|
|
63121
63312
|
const updatePolicyRequest = {
|
|
@@ -63127,7 +63318,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63127
63318
|
availability: options.availability,
|
|
63128
63319
|
data
|
|
63129
63320
|
};
|
|
63130
|
-
const api = await
|
|
63321
|
+
const api = await createApiClient2(PolicyApi, {
|
|
63131
63322
|
loginValidity: options.loginValidity
|
|
63132
63323
|
});
|
|
63133
63324
|
return await api.policyUpdatePolicyV2({
|
|
@@ -63158,7 +63349,7 @@ var registerAopsPolicyCommand = (program2) => {
|
|
|
63158
63349
|
].join(`
|
|
63159
63350
|
`)).argument("<policyIdentifier>", "Policy GUID to delete. From `policy list`.").option("--login-validity <minutes>", "Override the interactive-login token lifetime for this call. Rarely needed.", (v) => Number.parseInt(v, 10)).examples(DELETE_EXAMPLES3).trackedAction(processContext2, async (policyIdentifier, options) => {
|
|
63160
63351
|
const [error, result] = await catchError22((async () => {
|
|
63161
|
-
const api = await
|
|
63352
|
+
const api = await createApiClient2(PolicyApi, {
|
|
63162
63353
|
loginValidity: options.loginValidity
|
|
63163
63354
|
});
|
|
63164
63355
|
return await api.policyDeletePolicy({ policyIdentifier });
|
|
@@ -63191,7 +63382,7 @@ var registerCommands2 = async (program2) => {
|
|
|
63191
63382
|
// package.json
|
|
63192
63383
|
var package_default3 = {
|
|
63193
63384
|
name: "@uipath/gov-tool",
|
|
63194
|
-
version: "
|
|
63385
|
+
version: "1.1.0",
|
|
63195
63386
|
description: "Manage UiPath governance (AOps and Access policies) end-to-end.",
|
|
63196
63387
|
private: false,
|
|
63197
63388
|
repository: {
|