1'use strict' 2/* eslint-disable standard/no-callback-literal */ 3 4const BB = require('bluebird') 5 6const figgyPudding = require('figgy-pudding') 7const libaccess = require('libnpm/access') 8const npmConfig = require('./config/figgy-config.js') 9const output = require('./utils/output.js') 10const otplease = require('./utils/otplease.js') 11const path = require('path') 12const prefix = require('./npm.js').prefix 13const readPackageJson = BB.promisify(require('read-package-json')) 14const usage = require('./utils/usage.js') 15const whoami = require('./whoami.js') 16 17module.exports = access 18 19access.usage = usage( 20 'npm access', 21 'npm access public [<package>]\n' + 22 'npm access restricted [<package>]\n' + 23 'npm access grant <read-only|read-write> <scope:team> [<package>]\n' + 24 'npm access revoke <scope:team> [<package>]\n' + 25 'npm access 2fa-required [<package>]\n' + 26 'npm access 2fa-not-required [<package>]\n' + 27 'npm access ls-packages [<user>|<scope>|<scope:team>]\n' + 28 'npm access ls-collaborators [<package> [<user>]]\n' + 29 'npm access edit [<package>]' 30) 31 32access.subcommands = [ 33 'public', 'restricted', 'grant', 'revoke', 34 'ls-packages', 'ls-collaborators', 'edit', 35 '2fa-required', '2fa-not-required' 36] 37 38const AccessConfig = figgyPudding({ 39 json: {} 40}) 41 42function UsageError (msg = '') { 43 throw Object.assign(new Error( 44 (msg ? `\nUsage: ${msg}\n\n` : '') + 45 access.usage 46 ), {code: 'EUSAGE'}) 47} 48 49access.completion = function (opts, cb) { 50 var argv = opts.conf.argv.remain 51 if (argv.length === 2) { 52 return cb(null, access.subcommands) 53 } 54 55 switch (argv[2]) { 56 case 'grant': 57 if (argv.length === 3) { 58 return cb(null, ['read-only', 'read-write']) 59 } else { 60 return cb(null, []) 61 } 62 case 'public': 63 case 'restricted': 64 case 'ls-packages': 65 case 'ls-collaborators': 66 case 'edit': 67 case '2fa-required': 68 case '2fa-not-required': 69 return cb(null, []) 70 case 'revoke': 71 return cb(null, []) 72 default: 73 return cb(new Error(argv[2] + ' not recognized')) 74 } 75} 76 77function access ([cmd, ...args], cb) { 78 return BB.try(() => { 79 const fn = access.subcommands.includes(cmd) && access[cmd] 80 if (!cmd) { UsageError('Subcommand is required.') } 81 if (!fn) { UsageError(`${cmd} is not a recognized subcommand.`) } 82 83 return fn(args, AccessConfig(npmConfig())) 84 }).then( 85 x => cb(null, x), 86 err => err.code === 'EUSAGE' ? cb(err.message) : cb(err) 87 ) 88} 89 90access.public = ([pkg], opts) => { 91 return modifyPackage(pkg, opts, libaccess.public) 92} 93 94access.restricted = ([pkg], opts) => { 95 return modifyPackage(pkg, opts, libaccess.restricted) 96} 97 98access.grant = ([perms, scopeteam, pkg], opts) => { 99 return BB.try(() => { 100 if (!perms || (perms !== 'read-only' && perms !== 'read-write')) { 101 UsageError('First argument must be either `read-only` or `read-write.`') 102 } 103 if (!scopeteam) { 104 UsageError('`<scope:team>` argument is required.') 105 } 106 const [, scope, team] = scopeteam.match(/^@?([^:]+):(.*)$/) || [] 107 if (!scope && !team) { 108 UsageError( 109 'Second argument used incorrect format.\n' + 110 'Example: @example:developers' 111 ) 112 } 113 return modifyPackage(pkg, opts, (pkgName, opts) => { 114 return libaccess.grant(pkgName, scopeteam, perms, opts) 115 }, false) 116 }) 117} 118 119access.revoke = ([scopeteam, pkg], opts) => { 120 return BB.try(() => { 121 if (!scopeteam) { 122 UsageError('`<scope:team>` argument is required.') 123 } 124 const [, scope, team] = scopeteam.match(/^@?([^:]+):(.*)$/) || [] 125 if (!scope || !team) { 126 UsageError( 127 'First argument used incorrect format.\n' + 128 'Example: @example:developers' 129 ) 130 } 131 return modifyPackage(pkg, opts, (pkgName, opts) => { 132 return libaccess.revoke(pkgName, scopeteam, opts) 133 }) 134 }) 135} 136 137access['2fa-required'] = access.tfaRequired = ([pkg], opts) => { 138 return modifyPackage(pkg, opts, libaccess.tfaRequired, false) 139} 140 141access['2fa-not-required'] = access.tfaNotRequired = ([pkg], opts) => { 142 return modifyPackage(pkg, opts, libaccess.tfaNotRequired, false) 143} 144 145access['ls-packages'] = access.lsPackages = ([owner], opts) => { 146 return ( 147 owner ? BB.resolve(owner) : BB.fromNode(cb => whoami([], true, cb)) 148 ).then(owner => { 149 return libaccess.lsPackages(owner, opts) 150 }).then(pkgs => { 151 // TODO - print these out nicely (breaking change) 152 output(JSON.stringify(pkgs, null, 2)) 153 }) 154} 155 156access['ls-collaborators'] = access.lsCollaborators = ([pkg, usr], opts) => { 157 return getPackage(pkg, false).then(pkgName => 158 libaccess.lsCollaborators(pkgName, usr, opts) 159 ).then(collabs => { 160 // TODO - print these out nicely (breaking change) 161 output(JSON.stringify(collabs, null, 2)) 162 }) 163} 164 165access['edit'] = () => BB.reject(new Error('edit subcommand is not implemented yet')) 166 167function modifyPackage (pkg, opts, fn, requireScope = true) { 168 return getPackage(pkg, requireScope).then(pkgName => 169 otplease(opts, opts => fn(pkgName, opts)) 170 ) 171} 172 173function getPackage (name, requireScope = true) { 174 return BB.try(() => { 175 if (name && name.trim()) { 176 return name.trim() 177 } else { 178 return readPackageJson( 179 path.resolve(prefix, 'package.json') 180 ).then( 181 data => data.name, 182 err => { 183 if (err.code === 'ENOENT') { 184 throw new Error('no package name passed to command and no package.json found') 185 } else { 186 throw err 187 } 188 } 189 ) 190 } 191 }).then(name => { 192 if (requireScope && !name.match(/^@[^/]+\/.*$/)) { 193 UsageError('This command is only available for scoped packages.') 194 } else { 195 return name 196 } 197 }) 198} 199