1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
'use strict'
const npa = require('npm-package-arg')
const npmFetch = require('npm-registry-fetch')
const npar = (spec) => {
spec = npa(spec)
if (!spec.registry) {
throw new Error('must use package name only')
}
return spec
}
const parseTeam = (scopeTeam) => {
let slice = 0
if (scopeTeam.startsWith('@')) {
slice = 1
}
const [scope, team] = scopeTeam.slice(slice).split(':').map(encodeURIComponent)
return { scope, team }
}
const getPackages = async (scopeTeam, opts) => {
const { scope, team } = parseTeam(scopeTeam)
let uri
if (team) {
uri = `/-/team/${scope}/${team}/package`
} else {
uri = `/-/org/${scope}/package`
}
try {
return await npmFetch.json(uri, opts)
} catch (err) {
if (err.code === 'E404') {
uri = `/-/user/${scope}/package`
return npmFetch.json(uri, opts)
}
throw err
}
}
const getCollaborators = async (pkg, opts) => {
const spec = npar(pkg)
const uri = `/-/package/${spec.escapedName}/collaborators`
return npmFetch.json(uri, opts)
}
const getVisibility = async (pkg, opts) => {
const spec = npar(pkg)
const uri = `/-/package/${spec.escapedName}/visibility`
return npmFetch.json(uri, opts)
}
const setAccess = async (pkg, access, opts) => {
const spec = npar(pkg)
const uri = `/-/package/${spec.escapedName}/access`
await npmFetch(uri, {
...opts,
method: 'POST',
body: { access },
spec,
ignoreBody: true,
})
return true
}
const setMfa = async (pkg, level, opts) => {
const spec = npar(pkg)
const body = {}
switch (level) {
case 'none':
body.publish_requires_tfa = false
break
case 'publish':
// tfa is required, automation tokens can not override tfa
body.publish_requires_tfa = true
body.automation_token_overrides_tfa = false
break
case 'automation':
// tfa is required, automation tokens can override tfa
body.publish_requires_tfa = true
body.automation_token_overrides_tfa = true
break
default:
throw new Error(`Invalid mfa setting ${level}`)
}
const uri = `/-/package/${spec.escapedName}/access`
await npmFetch(uri, {
...opts,
method: 'POST',
body,
spec,
ignoreBody: true,
})
return true
}
const setPermissions = async (scopeTeam, pkg, permissions, opts) => {
const spec = npar(pkg)
const { scope, team } = parseTeam(scopeTeam)
if (!scope || !team) {
throw new Error('team must be in format `scope:team`')
}
const uri = `/-/team/${scope}/${team}/package`
await npmFetch(uri, {
...opts,
method: 'PUT',
body: { package: spec.name, permissions },
scope,
spec,
ignoreBody: true,
})
return true
}
const removePermissions = async (scopeTeam, pkg, opts) => {
const spec = npar(pkg)
const { scope, team } = parseTeam(scopeTeam)
const uri = `/-/team/${scope}/${team}/package`
await npmFetch(uri, {
...opts,
method: 'DELETE',
body: { package: spec.name },
scope,
spec,
ignoreBody: true,
})
return true
}
module.exports = {
getCollaborators,
getPackages,
getVisibility,
removePermissions,
setAccess,
setMfa,
setPermissions,
}
|