dienianindya
/
gsi_ess_mobile
2
1
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
GSI - Employe Self Service Mobile
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
39 MiB
 
 
 
 
 
Tree: 8bd65e0bb9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8bd65e0bb9'
${ noResults }
gsi_ess_mobile/node_modules/firebase-tools/lib/gcp/resourceManager.js

73 lines
3.1 KiB
Raw Blame History

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.serviceAccountHasRoles = exports.addServiceAccountToRoles = exports.setIamPolicy = exports.getIamPolicy = exports.firebaseRoles = void 0;
const lodash_1 = require("lodash");
const api_1 = require("../api");
const apiv2_1 = require("../apiv2");
const iam_1 = require("./iam");
const API_VERSION = "v1";
const apiClient = new apiv2_1.Client({ urlPrefix: api_1.resourceManagerOrigin, apiVersion: API_VERSION });
exports.firebaseRoles = {
apiKeysViewer: "roles/serviceusage.apiKeysViewer",
authAdmin: "roles/firebaseauth.admin",
hostingAdmin: "roles/firebasehosting.admin",
runViewer: "roles/run.viewer",
};
async function getIamPolicy(projectIdOrNumber) {
const response = await apiClient.post(`/projects/${projectIdOrNumber}:getIamPolicy`);
return response.body;
}
exports.getIamPolicy = getIamPolicy;
async function setIamPolicy(projectIdOrNumber, newPolicy, updateMask = "") {
const response = await apiClient.post(`/projects/${projectIdOrNumber}:setIamPolicy`, {
policy: newPolicy,
updateMask: updateMask,
});
return response.body;
}
exports.setIamPolicy = setIamPolicy;
async function addServiceAccountToRoles(projectId, serviceAccountName, roles, skipAccountLookup = false) {
const [{ name: fullServiceAccountName }, projectPolicy] = await Promise.all([
skipAccountLookup
? Promise.resolve({ name: serviceAccountName })
: (0, iam_1.getServiceAccount)(projectId, serviceAccountName),
getIamPolicy(projectId),
]);
const newMemberName = `serviceAccount:${fullServiceAccountName.split("/").pop()}`;
roles.forEach((roleName) => {
let bindingIndex = (0, lodash_1.findIndex)(projectPolicy.bindings, (binding) => binding.role === roleName);
if (bindingIndex === -1) {
bindingIndex =
projectPolicy.bindings.push({
role: roleName,
members: [],
}) - 1;
}
const binding = projectPolicy.bindings[bindingIndex];
if (!binding.members.includes(newMemberName)) {
binding.members.push(newMemberName);
}
});
return setIamPolicy(projectId, projectPolicy, "bindings");
}
exports.addServiceAccountToRoles = addServiceAccountToRoles;
async function serviceAccountHasRoles(projectId, serviceAccountName, roles, skipAccountLookup = false) {
const [{ name: fullServiceAccountName }, projectPolicy] = await Promise.all([
skipAccountLookup
? Promise.resolve({ name: serviceAccountName })
: (0, iam_1.getServiceAccount)(projectId, serviceAccountName),
getIamPolicy(projectId),
]);
const memberName = `serviceAccount:${fullServiceAccountName.split("/").pop()}`;
for (const roleName of roles) {
const binding = projectPolicy.bindings.find((b) => b.role === roleName);
if (!binding) {
return false;
}
if (!binding.members.includes(memberName)) {
return false;
}
}
return true;
}
exports.serviceAccountHasRoles = serviceAccountHasRoles;