Migrated to TypeScript.

src/cli/commands.ts

@@ -0,0 +1,164 @@
+// SPDX-License-Identifier: MIT
+
+import { minimatch } from "minimatch";
+
+import { loadPublicConfig } from "../index.ts";
+import { getGraphClient } from "../graph/auth.ts";
+import { login, logout } from "../azure/index.ts";
+import {
+  listApps,
+  listAppPermissions,
+  listAppPermissionsResolved,
+  listAppGrants,
+  listResourcePermissions,
+} from "../graph/app.ts";
+import { readJsonFromStdin } from "./utils.ts";
+
+type CommandValues = {
+  [key: string]: string | boolean | undefined;
+  resources?: string;
+  "use-device-code"?: boolean;
+  "no-browser"?: boolean;
+  browser?: string;
+  "browser-profile"?: string;
+  all?: boolean;
+  "display-name"?: string;
+  "app-id"?: string;
+  filter?: string;
+  resolve?: boolean;
+};
+
+type PermissionRow = {
+  permissionValue?: string | null;
+  permissionDisplayName?: string | null;
+};
+
+type DisplayNameRow = {
+  displayName?: string | null;
+};
+
+function filterByPermissionName<T extends PermissionRow>(rows: T[], pattern: string): T[] {
+  return rows.filter((item) =>
+    minimatch(item.permissionValue ?? "", pattern, { nocase: true })
+    || minimatch(item.permissionDisplayName ?? "", pattern, { nocase: true }),
+  );
+}
+
+function filterByDisplayName<T extends DisplayNameRow>(rows: T[], pattern: string): T[] {
+  return rows.filter((item) =>
+    minimatch(item.displayName ?? "", pattern, { nocase: true }),
+  );
+}
+
+async function getGraphClientFromPublicConfig(): Promise<{ client: any }> {
+  const config = await loadPublicConfig();
+  return getGraphClient({
+    tenantId: config.tenantId,
+    clientId: config.clientId,
+  });
+}
+
+async function runTableCommand(): Promise<unknown> {
+  return readJsonFromStdin();
+}
+
+async function runLoginCommand(values: CommandValues): Promise<unknown> {
+  const config = await loadPublicConfig();
+  return login({
+    tenantId: config.tenantId,
+    clientId: config.clientId,
+    resourcesCsv: values.resources,
+    useDeviceCode: Boolean(values["use-device-code"]),
+    noBrowser: Boolean(values["no-browser"]),
+    browser: values.browser,
+    browserProfile: values["browser-profile"],
+  });
+}
+
+async function runLogoutCommand(values: CommandValues): Promise<unknown> {
+  const config = await loadPublicConfig();
+  return logout({
+    tenantId: config.tenantId,
+    clientId: config.clientId,
+    clearAll: Boolean(values.all),
+  });
+}
+
+async function runListAppsCommand(values: CommandValues): Promise<unknown> {
+  const { client } = await getGraphClientFromPublicConfig();
+  let result = await listApps(client, {
+    displayName: values["display-name"],
+    appId: values["app-id"],
+  });
+  if (values["app-id"] && result.length > 1) {
+    throw new Error(`Expected a single app for --app-id ${values["app-id"]}, but got ${result.length}`);
+  }
+  if (values.filter) {
+    result = filterByDisplayName(result, values.filter);
+  }
+  return result;
+}
+
+async function runListAppPermissionsCommand(values: CommandValues): Promise<unknown> {
+  if (!values["app-id"]) {
+    throw new Error("--app-id is required for list-app-permissions");
+  }
+
+  const { client } = await getGraphClientFromPublicConfig();
+  let result = values.resolve || values.filter
+    ? await listAppPermissionsResolved(client, values["app-id"])
+    : await listAppPermissions(client, values["app-id"]);
+  if (values.filter) {
+    result = filterByPermissionName(result, values.filter);
+  }
+  return result;
+}
+
+async function runListAppGrantsCommand(values: CommandValues): Promise<unknown> {
+  if (!values["app-id"]) {
+    throw new Error("--app-id is required for list-app-grants");
+  }
+
+  const { client } = await getGraphClientFromPublicConfig();
+  return listAppGrants(client, values["app-id"]);
+}
+
+async function runListResourcePermissionsCommand(values: CommandValues): Promise<unknown> {
+  if (!values["app-id"] && !values["display-name"]) {
+    throw new Error("--app-id or --display-name is required for list-resource-permissions");
+  }
+  if (values["app-id"] && values["display-name"]) {
+    throw new Error("Use either --app-id or --display-name for list-resource-permissions, not both");
+  }
+
+  const { client } = await getGraphClientFromPublicConfig();
+  let result = await listResourcePermissions(client, {
+    appId: values["app-id"],
+    displayName: values["display-name"],
+  });
+  if (values.filter) {
+    result = filterByPermissionName(result, values.filter);
+  }
+  return result;
+}
+
+export async function runCommand(command: string, values: CommandValues): Promise<unknown> {
+  switch (command) {
+    case "login":
+      return runLoginCommand(values);
+    case "logout":
+      return runLogoutCommand(values);
+    case "table":
+      return runTableCommand();
+    case "list-apps":
+      return runListAppsCommand(values);
+    case "list-app-permissions":
+      return runListAppPermissionsCommand(values);
+    case "list-app-grants":
+      return runListAppGrantsCommand(values);
+    case "list-resource-permissions":
+      return runListResourcePermissionsCommand(values);
+    default:
+      throw new Error(`Unknown command: ${command}`);
+  }
+}