cloud_terrastodon_azure_devops 0.35.0

Helpers for interacting with Azure DevOps for the Cloud Terrastodon project
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160

use cloud_terrastodon_azure_devops_types::AzureDevOpsDescriptor;
use cloud_terrastodon_azure_devops_types::AzureDevOpsGroupMember;
use cloud_terrastodon_azure_devops_types::AzureDevOpsOrganizationUrl;
use cloud_terrastodon_command::CacheKey;
use cloud_terrastodon_command::CommandBuilder;
use cloud_terrastodon_command::CommandKind;
use cloud_terrastodon_command::async_trait;
use cloud_terrastodon_credentials::create_azure_devops_rest_client;
use cloud_terrastodon_credentials::get_azure_devops_personal_access_token_from_credential_manager;
use std::collections::HashMap;
use std::path::PathBuf;

pub struct AzureDevOpsGroupMembersListRequest<'a> {
    pub org_url: &'a AzureDevOpsOrganizationUrl,
    pub group_id: &'a AzureDevOpsDescriptor,
}

pub fn fetch_azure_devops_group_members<'a>(
    org_url: &'a AzureDevOpsOrganizationUrl,
    group_id: &'a AzureDevOpsDescriptor,
) -> AzureDevOpsGroupMembersListRequest<'a> {
    AzureDevOpsGroupMembersListRequest { org_url, group_id }
}

#[async_trait]
impl<'a> cloud_terrastodon_command::CacheableCommand for AzureDevOpsGroupMembersListRequest<'a> {
    type Output = HashMap<AzureDevOpsDescriptor, AzureDevOpsGroupMember>;

    fn cache_key(&self) -> CacheKey {
        CacheKey::new(PathBuf::from_iter([
            "az",
            "devops",
            self.org_url.organization_name.as_ref(),
            "security",
            "group",
            "membership",
            "list",
            "--id",
            self.group_id.to_string().as_ref(),
        ]))
    }

    async fn run(self) -> eyre::Result<Self::Output> {
        let mut cmd = CommandBuilder::new(CommandKind::AzureCLI);
        let org = self.org_url.to_string();
        let gid = self.group_id.to_string();
        cmd.args([
            "devops",
            "security",
            "group",
            "membership",
            "list",
            "--organization",
            org.as_str(),
            "--id",
            gid.as_str(),
            "--output",
            "json",
        ]);
        cmd.cache(self.cache_key());
        cmd.run().await
    }
}

cloud_terrastodon_command::impl_cacheable_into_future!(AzureDevOpsGroupMembersListRequest<'a>, 'a);

pub struct AzureDevOpsGroupMembersV2Request<'a> {
    pub org_url: &'a AzureDevOpsOrganizationUrl,
    pub group_id: &'a AzureDevOpsDescriptor,
}

pub fn fetch_azure_devops_group_members_v2<'a>(
    org_url: &'a AzureDevOpsOrganizationUrl,
    group_id: &'a AzureDevOpsDescriptor,
) -> AzureDevOpsGroupMembersV2Request<'a> {
    AzureDevOpsGroupMembersV2Request { org_url, group_id }
}

#[async_trait]
impl<'a> cloud_terrastodon_command::CacheableCommand for AzureDevOpsGroupMembersV2Request<'a> {
    type Output = serde_json::Value;

    fn cache_key(&self) -> CacheKey {
        CacheKey::new(PathBuf::from_iter([
            "az",
            "devops",
            self.org_url.organization_name.as_ref(),
            "graph",
            "memberships",
            self.group_id.to_string().as_ref(),
        ]))
    }

    async fn run(self) -> eyre::Result<Self::Output> {
        let organization = &self.org_url.organization_name;
        let subject_descriptor = self.group_id;
        let url = format!(
            "https://vssps.dev.azure.com/{organization}/_apis/graph/Memberships/{subject_descriptor}?api-version=7.1-preview.1&direction=down",
            organization = organization,
            subject_descriptor = subject_descriptor
        );
        let client = create_azure_devops_rest_client(
            &get_azure_devops_personal_access_token_from_credential_manager().await?,
        )
        .await?;
        let resp = client.get(url).send().await?;
        let resp = resp.json().await?;
        Ok(resp)
    }
}

cloud_terrastodon_command::impl_cacheable_into_future!(AzureDevOpsGroupMembersV2Request<'a>, 'a);

#[cfg(test)]
mod test {
    use crate::fetch_all_azure_devops_projects;
    use crate::fetch_azure_devops_group_members;
    use crate::fetch_azure_devops_group_members_v2;
    use crate::fetch_azure_devops_groups_for_project;
    use crate::get_default_organization_url;
    use cloud_terrastodon_azure_devops_types::AzureDevOpsDescriptor;
    use cloud_terrastodon_azure_devops_types::AzureDevOpsOrganizationUrl;
    use eyre::bail;
    use std::str::FromStr;

    #[tokio::test]
    pub async fn it_works() -> eyre::Result<()> {
        let org_url = get_default_organization_url().await?;
        let projects = fetch_all_azure_devops_projects(&org_url).await?;
        for project in &projects {
            let groups = fetch_azure_devops_groups_for_project(&org_url, &project.name).await?;
            for group in &groups {
                let members = fetch_azure_devops_group_members(&org_url, &group.descriptor).await?;
                if !members.is_empty() {
                    assert!(
                        members.into_iter().all(|(descriptor, member)| {
                            descriptor == member.descriptor && !member.display_name.is_empty()
                        }),
                        "Expected Azure DevOps group members to include matching descriptors and display names"
                    );
                    return Ok(());
                }
            }
        }
        bail!("No Azure DevOps group with members found in any project");
    }

    #[tokio::test]
    #[ignore]
    pub async fn it_works_v2() -> eyre::Result<()> {
        let org = AzureDevOpsOrganizationUrl::from_str("https://dev.azure.com/aafc/")?;
        let desc = AzureDevOpsDescriptor::AzureDevOpsGroup("vssgp.redacted".to_string());
        let resp = fetch_azure_devops_group_members_v2(&org, &desc).await?;
        assert!(
            resp.get("value").is_some() || resp.get("count").is_some(),
            "Expected Azure DevOps group memberships V2 response payload"
        );
        Ok(())
    }
}