-
Notifications
You must be signed in to change notification settings - Fork 200
Expand file tree
/
Copy pathteams.js
More file actions
144 lines (134 loc) · 5.41 KB
/
teams.js
File metadata and controls
144 lines (134 loc) · 5.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
const Diffable = require('./diffable')
const NopCommand = require('../nopcommand')
const teamRepoEndpoint = '/orgs/:owner/teams/:team_slug/repos/:owner/:repo'
module.exports = class Teams extends Diffable {
async find () {
this.log.debug(`Finding teams for ${this.repo.owner}/${this.repo.repo}`)
return this.github.paginate(this.github.repos.listTeams, this.repo).then(res => {
this.log.debug(`Found teams ${JSON.stringify(res)}`)
return this.checkSecurityManager(res)
})
}
// remove all security manager teams
async checkSecurityManager (teams) {
try {
// Uncomment the following lines to handle the deprecation of the teams api https://gh.io/security-managers-rest-api-sunset
// but this would require a new permission on the app
//
// const roles = await this.github.paginate('GET /orgs/{org}/roles', { org: this.repo.owner })
// const securityManagerRole = roles.find(role => role.name === 'security_manager')
//
// this.log.debug(`Calling API to get security managers ${JSON.stringify(this.github.request.endpoint('GET /orgs/{org}/roles/{role_id}/teams',
// {
// org: this.repo.owner,
// role_id: securityManagerRole.id
// }))} `)
// const resp = await this.github.paginate('GET /orgs/{org}/roles/{role_id}/teams',
// {
// org: this.repo.owner,
// role_id: securityManagerRole.id
// })
this.log.debug('Removing all security manager teams since they should not be handled here')
this.log.debug(`Calling API to get security managers ${JSON.stringify(this.github.request.endpoint('GET /orgs/{org}/security-managers',
{
org: this.repo.owner
}))} `)
const resp = await this.github.paginate('GET /orgs/{org}/security-managers',
{ org: this.repo.owner })
this.log.debug(`Response from the call is ${JSON.stringify(resp)}`)
return teams.filter(team => !resp.some(sec => sec.name === team.name))
} catch (e) {
if (e.status === 404) {
this.log.debug(`${this.repo.owner} Org does not have Security manager teams set up ${e}`)
} else {
this.log.error(
`Unexpected error when fetching for security manager teams org ${this.repo.owner} = ${e}`
)
}
return teams
}
}
slugify (name) {
return name.toLowerCase().replace(/\s+/g, '-')
}
comparator (existing, attrs) {
return existing.slug === this.slugify(attrs.name)
}
changed (existing, attrs) {
return existing.permission !== attrs.permission
}
update (existing, attrs) {
if (this.nop) {
return Promise.resolve([
new NopCommand(this.constructor.name, this.repo, this.github.request.endpoint(`PUT ${teamRepoEndpoint}`, this.toParams(existing, attrs)), 'Add Teams to Repo')
])
}
return this.github.request(`PUT ${teamRepoEndpoint}`, this.toParams(existing, attrs))
}
add (attrs) {
let existing = { team_id: 1 }
this.log.debug(`Getting team with the parms ${JSON.stringify(attrs)}`)
return this.github.teams.getByName({ org: this.repo.owner, team_slug: this.slugify(attrs.name) }).then(res => {
existing = res.data
this.log.debug(`adding team ${attrs.name} to repo ${this.repo.repo}`)
if (this.nop) {
return Promise.resolve([
new NopCommand(this.constructor.name, this.repo, this.github.teams.addOrUpdateRepoPermissionsInOrg.endpoint(this.toParams(existing, attrs)), 'Add Teams to Repo')
])
}
return this.github.teams.addOrUpdateRepoPermissionsInOrg(this.toParams(existing, attrs)).then(res => {
this.log.debug(`team added ${res}`)
}).catch(e => {
this.logError(`Error adding team to repo ${JSON.stringify(e)} with parms ${JSON.stringify(this.toParams(existing, attrs))}:\n`, e)
})
}).catch(e => {
if (e.status === 404) {
const createParam = {
org: this.repo.owner,
name: attrs.name
}
if (attrs.privacy) {
createParam.privacy = attrs.privacy
}
this.log.debug(`Creating teams ${JSON.stringify(createParam)}`)
if (this.nop) {
return Promise.resolve([
new NopCommand(this.constructor.name, this.repo, this.github.teams.create.endpoint(createParam), 'Create Team')
])
}
return this.github.teams.create(createParam).then(res => {
this.log.debug(`team ${createParam.name} created`)
existing = res.data
this.log.debug(`adding team ${attrs.name} to repo ${this.repo.repo}`)
return this.github.teams.addOrUpdateRepoPermissionsInOrg(this.toParams(existing, attrs))
}).catch(e => {
this.logError('Error adding team: ', e)
})
}
})
}
remove (existing) {
if (this.nop) {
return Promise.resolve([
new NopCommand(this.constructor.name, this.repo, this.github.request.endpoint(
`DELETE ${teamRepoEndpoint}`,
{ team_slug: existing.slug, ...this.repo, org: this.repo.owner }
), 'DELETE Team')
])
}
return this.github.request(
`DELETE ${teamRepoEndpoint}`,
{ team_slug: existing.slug, ...this.repo, org: this.repo.owner }
)
}
toParams (existing, attrs) {
return {
team_id: existing.id,
org: this.repo.owner,
team_slug: this.slugify(existing.name),
owner: this.repo.owner,
repo: this.repo.repo,
permission: attrs.permission
}
}
}