-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
178 lines (157 loc) · 9.02 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
const BoxSDK = require('box-node-sdk');
const ExcelJS = require('exceljs');
const moment = require('moment');
// Instantiate a Box service account connection
const boxConfig = require('./box_config.json');
const sdk = BoxSDK.getPreconfiguredInstance(boxConfig);
const client = sdk.getAppAuthClient('enterprise');
// Test mode set to true will not remediate the shared links
const TEST_MODE = true;
// Determines whether you would like to remove the shared link entirely or update it
const REMOVE_SHARED_LINK = false;
// When not removing the shared link, the following are used to determine the shared link update behavior
// SHARED_LINK_UPDATE_STRATEGY = change_access OR new_exp_date
const SHARED_LINK_UPDATE_STRATEGY = 'change_access';
// Used to set the new exp date. Now + 10 days
const SHARED_LINK_NEW_EXP_DATE_DURATION_IN_DAYS = 10;
// The maximum age allowed for a shared link
const SHARED_LINK_THRESHOLD_IN_DAYS = 90;
// File ID to the Shared Link report generated in the Admin Console
const SHARED_LINK_REPORT_FILE_ID = 'CHANGE_ME';
// Main function
async function getSharedLinks() {
try {
console.log('Getting shared links...');
// Get the stream of the report and instantiate the workbook
const excelFileStream = await client.files.getReadStream(SHARED_LINK_REPORT_FILE_ID);
const workbook = new ExcelJS.Workbook();
await workbook.xlsx.read(excelFileStream);
// Loop through each workbook sheet. There only should be one.
workbook.eachSheet(worksheet => {
console.log('Found sheet: ', worksheet.name);
// Loop through each row in the sheet
worksheet.eachRow(async (row, rowNumber) => {
// Skip the header row which iw rowNumber = 1
if (rowNumber > 1) {
// Get the values for each row and parse the values we need
const rowValues = row.values;
const ownerLogin = rowValues[1];
const itemID = rowValues[2];
const itemName = rowValues[3];
const sharedLinkStatus = rowValues[5];
const expirationDateString = rowValues[9];
const permissions = rowValues[10];
// Check to see if the shared link status is Open. Otherwise, lets ignore it
if(sharedLinkStatus === 'Open') {
// Check to see if there is already an expiration date. If there is, we want to check for the age of the date
if (expirationDateString) {
// Get the date difference
const expirationDate = moment(expirationDateString, 'MMM D, YYYY');
const now = moment();
const dateDifference = expirationDate.diff(now, 'days');
// Check to see if the difference exceeds the Shared Link Date threshold
if(dateDifference > SHARED_LINK_THRESHOLD_IN_DAYS) {
console.log(`*** Found shared link that exceeds threshold with itemID: ${itemID}, itemName: ${itemName}, owner login: ${ownerLogin}, status: ${sharedLinkStatus}, exp: ${expirationDateString}, perms: ${permissions}`);
// Call the remediateSharedLink fcuntion
await remediateSharedLink(ownerLogin, itemName, itemID);
}
}
// Theres no exp date, so lets call the remediateSharedLink function
else {
console.log(`Found open shared link with no exp with itemID: ${itemID}, itemName: ${itemName}, owner login: ${ownerLogin}, status: ${sharedLinkStatus}, exp: ${expirationDateString}, perms: ${permissions}`);
await remediateSharedLink(ownerLogin, itemName, itemID);
}
}
}
})
})
}
catch (err) {
console.error('Failed to get shared links: ', err.message);
}
}
async function remediateSharedLink(ownerLogin, itemName, itemID) {
try{
// Check to see if we're running in test mode. If TEST_MODE = true, we wont remove or update the shared link
if(!TEST_MODE) {
// Get the user object based on the login. The User ID is needed to dynamically change the user using the AS-USER header
// ATTENTION: This call will throw an error if the ownerLogin is equal to a service account. ie: when the login looks like [email protected]
const users = await client.enterprise.getUsers({ filter_term: ownerLogin, user_type: client.enterprise.userTypes.ALL, fields: 'id,login'});
const user = users.entries[0];
// Make sure we actually found a user make the calls on behalf
if(user) {
console.log(`Found user: ${user.login} and id: ${user.id}`);
// Set the AS-USER header
client.asUser(user.id);
// Check if there is a period in the item name. If so, then we know its a file versus a folder shared link.
let sharedLinkUpdateResponse;
if(itemName.indexOf('.') > -1) {
// Check to see if we want to remove the shared link entirely. If not, we're going to update it
if(REMOVE_SHARED_LINK) {
// Remove the shared link
sharedLinkUpdateResponse = await client.files.update(itemID, {
shared_link: null
});
}
// Update the shared link instead of removing it entirely
else {
// Check to see if we want to change the Shared Link Access from Open to Company
if(SHARED_LINK_UPDATE_STRATEGY === 'change_access') {
// Update the shared link access
sharedLinkUpdateResponse = await client.files.update(itemID, {
shared_link: {
access: 'company'
}
});
}
// Check to see if we want to update the Shared Link Exp Date
else if(SHARED_LINK_UPDATE_STRATEGY === 'new_exp_date') {
// Update the shared link exp date
sharedLinkUpdateResponse = await client.files.update(itemID, {
shared_link: {
unshared_at: moment().add(SHARED_LINK_NEW_EXP_DATE_DURATION_IN_DAYS, 'days').toISOString() }
});
}
}
}
else {
// Check to see if we want to remove the shared link entirely. If not, we're going to update it
if(REMOVE_SHARED_LINK) {
// Remove the shared link
sharedLinkUpdateResponse = await client.folders.update(itemID, {
shared_link: null
});
}
// Update the shared link instead of removing it entirely
else {
// Check to see if we want to change the Shared Link Access from Open to Company
if(SHARED_LINK_UPDATE_STRATEGY === 'change_access') {
// Update the shared link access
sharedLinkUpdateResponse = await client.folders.update(itemID, {
shared_link: {
access: 'company'
}
});
}
// Check to see if we want to update the Shared Link Exp Date
else if(SHARED_LINK_UPDATE_STRATEGY === 'new_exp_date') {
// Update the shared link exp date
sharedLinkUpdateResponse = await client.folders.update(itemID, {
shared_link: {
unshared_at: moment().add(SHARED_LINK_NEW_EXP_DATE_DURATION_IN_DAYS, 'days').toISOString() }
});
}
}
}
// console.log('Successfully updated shared link: ', JSON.stringify(sharedLinkUpdateResponse, null, 2));
console.log(`Successfully remediated open shared link with no exp with itemID: ${itemID}, itemName: ${itemName}, and owner: ${ownerLogin}`);
// Switch back to the application service account
client.asSelf();
}
}
}
catch (e) {
console.error('Failed to remediate shared link: ', e.message);
}
}
getSharedLinks();