private void PerformSearch() { this.TextBoxSearch.Foreground = Brushes.Black; if (!string.IsNullOrWhiteSpace(this.TextBoxSearch.Text)) { ITeamFoundationContext context = this.ParentSection.GetContext(); IIdentityManagementService ims = context.TeamProjectCollection.GetService <IIdentityManagementService>(); // First try search by AccountName TeamFoundationIdentity userIdentity = ims.ReadIdentity(IdentitySearchFactor.AccountName, this.TextBoxSearch.Text, MembershipQuery.None, ReadIdentityOptions.ExtendedProperties); if (userIdentity == null) { // Next we try search by DisplayName userIdentity = ims.ReadIdentity(IdentitySearchFactor.DisplayName, this.TextBoxSearch.Text, MembershipQuery.None, ReadIdentityOptions.ExtendedProperties); if (userIdentity == null) { this.TextBoxSearch.Foreground = Brushes.DarkRed; return; } } this.ParentSection.UserAccountName = this.TextBoxSearch.Text; this.ParentSection.UserDisplayName = userIdentity.DisplayName; } else { this.ParentSection.UserAccountName = "@Me"; this.ParentSection.UserDisplayName = string.Empty; } this.ParentSection.Refresh(); }
public static void GetAllProjectAdmins(TeamFoundationIdentity identity, IIdentityManagementService ims, ref List <TeamFoundationIdentity> ids) { if (identity.IsContainer) { TeamFoundationIdentity[] groupMembers; try { groupMembers = ims.ReadIdentities(identity.Members, MembershipQuery.Expanded, ReadIdentityOptions.None); foreach (TeamFoundationIdentity tfi in groupMembers) { GetAllProjectAdmins(tfi, ims, ref ids); } } catch (Exception e) { groupMembers = ims.ReadIdentities(identity.Members, MembershipQuery.None, ReadIdentityOptions.None); ids.AddRange(groupMembers); } } else { ids.Add(identity); } }
private static bool GetSettings(string filePath) { if (!File.Exists(filePath)) { WriteLog(LogLevel.Error, string.Format("The file provided cannot be found ({0})", filePath)); return(false); } _config = new PermissionCopyConfiguration(); try { // Read configuration file and transfor to PermissionCopyConfiguration object XmlSerializer x = new XmlSerializer(_config.GetType()); using (StreamReader sr = new StreamReader(filePath)) { _config = (PermissionCopyConfiguration)x.Deserialize(sr); _tfs = new TfsTeamProjectCollection(new Uri(_config.vstsUri)); _ims = (IIdentityManagementService)_tfs.GetService <IIdentityManagementService>(); _wistore = new WorkItemStore(_tfs, WorkItemStoreFlags.BypassRules); _es = (IEventService)_tfs.GetService <IEventService>(); _excludedGroups = _config.excludedGroups; _securityServiceGroup = _config.vstsSecurityServiceGroup; _userMappings = _config.userMappings; } } catch (Exception ex) { WriteLog(LogLevel.Error, string.Format("An error occurred reading the configuration file. Please verify the format. The error is:\n{0}", ex.ToString())); return(false); } _ics = (ICommonStructureService4)_tfs.GetService <ICommonStructureService4>(); _teamProjects = _ics.ListAllProjects().ToList(); return(true); }
private static void BatchUpMembershipThatExceedsSizeLimit(TeamFoundationIdentity membershipGroup, int batchSizeLimit, IIdentityManagementService ims, List <TeamFoundationIdentity> membershipGroups, Dictionary <IdentityDescriptor, TeamFoundationIdentity> allIdentities) { var batchNum = 0; var remainder = membershipGroup.Members.Length; var descriptors = new IdentityDescriptor[batchSizeLimit]; while (remainder > 0) { var startAt = batchNum * batchSizeLimit; var length = batchSizeLimit; if (length > remainder) { length = remainder; descriptors = new IdentityDescriptor[length]; } Array.Copy(membershipGroup.Members, startAt, descriptors, 0, length); var memberIdentities = ims.ReadIdentities(descriptors, MembershipQuery.Direct, ReadIdentityOptions.None); AddCollectionUsersAndGroupsToLists(memberIdentities, membershipGroups, allIdentities); remainder -= length; } }
private static void BatchUpMembershipThatExceedsSizeLimit(TeamFoundationIdentity membershipGroup, int batchSizeLimit, IIdentityManagementService ims, List<TeamFoundationIdentity> membershipGroups, Dictionary<IdentityDescriptor, TeamFoundationIdentity> allIdentities) { var batchNum = 0; var remainder = membershipGroup.Members.Length; var descriptors = new IdentityDescriptor[batchSizeLimit]; while (remainder > 0) { var startAt = batchNum*batchSizeLimit; var length = batchSizeLimit; if (length > remainder) { length = remainder; descriptors = new IdentityDescriptor[length]; } Array.Copy(membershipGroup.Members, startAt, descriptors, 0, length); var memberIdentities = ims.ReadIdentities(descriptors, MembershipQuery.Direct, ReadIdentityOptions.None); AddCollectionUsersAndGroupsToLists(memberIdentities, membershipGroups, allIdentities); remainder -= length; } }
/// <summary> /// Gets the list of project users in a TFS project /// </summary> /// <param name="projectCollection">TFS PROJECT COLLECTION</param> /// <param name="projectName">TFS PROJECT NAME</param> /// <returns></returns> public static List <TeamFoundationIdentity> ListContributors(TfsTeamProjectCollection tfsTeamProjectCollection, string projectName) { List <TeamFoundationIdentity> tfsUsers = new List <TeamFoundationIdentity>(); IIdentityManagementService ims = (IIdentityManagementService)tfsTeamProjectCollection.GetService(typeof(IIdentityManagementService)); // get the tfs project ReadOnlyCollection <CatalogNode> projectNodes = tfsTeamProjectCollection.CatalogNode.QueryChildren(new[] { CatalogResourceTypes.TeamProject }, false, CatalogQueryOptions.None); CatalogNode projectCatalogNode = projectNodes.FirstOrDefault(c => c.Resource.DisplayName == projectName); if (projectCatalogNode != null && ims != null) { TeamFoundationIdentity[] groups = ims.ListApplicationGroups(projectName, ReadIdentityOptions.None); foreach (TeamFoundationIdentity group in groups) { TeamFoundationIdentity sids = ims.ReadIdentity(IdentitySearchFactor.DisplayName, group.DisplayName, MembershipQuery.Expanded, ReadIdentityOptions.IncludeReadFromSource); if (sids != null) { tfsUsers.AddRange(ims.ReadIdentities(sids.Members, MembershipQuery.Expanded, ReadIdentityOptions.None)); } } } //Remove any duplicates (by user-id) return(tfsUsers.GroupBy(u => u.UniqueName).Select(u => u.First()).ToList()); }
static void Main(string[] args) { TfsConfigurationServer tcs = new TfsConfigurationServer(new Uri("http://server:8080/tfs")); IIdentityManagementService ims = tcs.GetService <IIdentityManagementService>(); TeamFoundationIdentity tfi = ims.ReadIdentity(IdentitySearchFactor.AccountName, "Project Collection Valid Users", MembershipQuery.Expanded, ReadIdentityOptions.None); TeamFoundationIdentity[] ids = ims.ReadIdentities(tfi.Members, MembershipQuery.None, ReadIdentityOptions.None); using (StreamWriter file = new StreamWriter("userlist.txt")) foreach (TeamFoundationIdentity id in ids) { if (id.Descriptor.IdentityType == "System.Security.Principal.WindowsIdentity") { Console.WriteLine(id.DisplayName); } //{ Console.WriteLine(id.UniqueName); } file.WriteLine("[{0}]", id.DisplayName); } var count = ids.Count(x => ids.Contains(x)); Console.WriteLine(count); Console.ReadLine(); }
public static void Connect() { var tfs = new TfsTeamProjectCollection(new Uri(Settings.Default.Serverurl)); _store = tfs.GetService <WorkItemStore>(); _identityManagementService = tfs.GetService <IIdentityManagementService>(); }
public SecurityManager(string teamProjectCollectionUrl) { _teamProjectCollectionUrl = teamProjectCollectionUrl; _tfsTeamProjectCollection = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri(_teamProjectCollectionUrl)); _tfsTeamProjectCollection.EnsureAuthenticated(); _identityManagementService = _tfsTeamProjectCollection.GetService <IIdentityManagementService>(); }
public static IEnumerable <TeamFoundationIdentity> ReadTFSUsers(TfsTeamProjectCollection tfsTeamProjectCollection, ILogger logger) { try { logger.Information("Querying Team Foundation Identities from TFS."); IIdentityManagementService identityService = tfsTeamProjectCollection.GetService <IIdentityManagementService>(); TeamFoundationIdentity teamFoundationIdentity = identityService.ReadIdentity(IdentitySearchFactor.AccountName, "Project Collection Valid Users", MembershipQuery.Expanded, ReadIdentityOptions.ExtendedProperties); TeamFoundationIdentity[][] teamFoundationIdentities = identityService .ReadIdentities( IdentitySearchFactor.Identifier, teamFoundationIdentity .Members .Select(id => id.Identifier) .ToArray(), MembershipQuery.None, ReadIdentityOptions.ExtendedProperties); return(teamFoundationIdentities .SelectMany(tfi => tfi) .Where(tfi => !tfi.IsContainer)); } catch (Exception e) { logger.Error(e.Message); return(null); } }
public static void Main(string[] args) { LogArguments(args); Uri projectCollectionUri = new Uri(args.ElementAt(0)); Guid projectCollectionId = Guid.Parse(args.ElementAt(1)); Guid requestedByUserId = Guid.Parse(args.ElementAt(2)); string artifactsFolder = Path.GetFullPath(args.ElementAt(3)); string emailSubject = args.ElementAt(4); string emailBody = args.ElementAt(5); Console.WriteLine("Project collection URI: " + projectCollectionUri); Console.WriteLine("Project collection id: " + projectCollectionId); Console.WriteLine("User identifier: " + requestedByUserId); Console.WriteLine("Artifacts folder: " + artifactsFolder); Console.WriteLine("Email subject: " + emailSubject); Console.WriteLine("Email body: " + emailBody); string tfsUriFromCollectionUri = projectCollectionUri.AbsoluteUri.Replace(projectCollectionUri.Segments.Last(), string.Empty); TfsConfigurationServer configurationServer = TfsConfigurationServerFactory.GetConfigurationServer(new Uri(tfsUriFromCollectionUri)); TfsTeamProjectCollection teamProjectCollection = configurationServer.GetTeamProjectCollection(projectCollectionId); IIdentityManagementService identityServiceManager = teamProjectCollection.GetService <IIdentityManagementService>(); TeamFoundationIdentity[] tfsIdentities = identityServiceManager.ReadIdentities(new Guid[1] { requestedByUserId }, MembershipQuery.Direct); SendArtifacs(tfsIdentities, emailSubject, emailBody, artifactsFolder); }
/// <summary> /// Initializes a new instance of the <see cref="IdentityAliasValueConverter"/> class. /// </summary> /// <param name="identityManagementService">An instance of <see cref="IIdentityManagementService"/> to perform lookups.</param> /// <param name="tenantId">In a hosted VSTS instance, the tenantId to scope identity searches.</param> /// <param name="domains">A set of domains used to create <see cref="IIdentityDescriptor"/>s for search.</param> /// <example> /// var ims = ...; /// var mapper = new IdentityAliasMapper(ims, "CD4C5751-F4E6-41D5-A4C9-EFFD66BC8E9C", "contoso.com"); /// </example> public IdentityAliasValueConverter( [NotNull] IIdentityManagementService identityManagementService, [NotNull] string tenantId, [NotNull][ItemNotNull] params string[] domains) { Contract.Requires(!string.IsNullOrEmpty(tenantId)); Contract.Requires(identityManagementService != null); Contract.Requires(domains != null); Contract.Requires(domains.Length > 0); Contract.Requires(domains.All(item => item != null)); if (domains == null) { throw new ArgumentNullException(nameof(domains)); } if (string.IsNullOrEmpty(tenantId)) { throw new ArgumentException("Value cannot be null or empty.", nameof(tenantId)); } if (domains.Length == 0) { throw new ArgumentException("Value cannot be an empty collection.", nameof(domains)); } _identityManagementService = identityManagementService ?? throw new ArgumentNullException(nameof(identityManagementService)); _tenantId = tenantId; _domains = domains; }
private static TeamFoundationIdentity GetAllValidUsers(IIdentityManagementService ims) { var validUsersGroupMembers = ims.ReadIdentity(GroupWellKnownDescriptors.EveryoneGroup, MembershipQuery.Direct, ReadIdentityOptions.None); return(validUsersGroupMembers); }
public ActionResult IdentityOverview() { IIdentityManagementService serverIdentityManagementService = configurationServer.GetService <IIdentityManagementService>(); IdentityOverviewModel iom = new IdentityOverviewModel(); IdentityServiceManagementHelper.FeedIdentityData(iom.ApplicationGroupCollection, iom.UserCollection, serverIdentityManagementService, null); return(PartialView(iom)); }
public TFSClientLogic(TfsVariable tfsVar) : base(tfsVar) { idService = TeamColl.GetService(typeof(IIdentityManagementService)) as IIdentityManagementService; tfsId = IdentityService.ReadIdentity(IdentitySearchFactor.DisplayName, initSetting.BuildRequestedUser, MembershipQuery.None, ReadIdentityOptions.None); }
public static TfsTeamProjectCollection CreateImpersonatedCollection(Uri collectionToUse, string userToImpersonate) { NetworkCredential defaultNetworkCredentials = CredentialCache.DefaultNetworkCredentials; TfsTeamProjectCollection tfsTeamProjectCollection = new TfsTeamProjectCollection(collectionToUse, defaultNetworkCredentials); IIdentityManagementService service = tfsTeamProjectCollection.GetService <IIdentityManagementService>(); TeamFoundationIdentity teamFoundationIdentity = service.ReadIdentity(IdentitySearchFactor.AccountName, userToImpersonate, MembershipQuery.None, ReadIdentityOptions.None); return(new TfsTeamProjectCollection(collectionToUse, new TfsClientCredentials(), teamFoundationIdentity.Descriptor)); }
public TfsUtil(string url) { var tfs = new TfsTeamProjectCollection(new Uri(url), new VssCredentials()); _managementService = tfs.GetService <IIdentityManagementService>(); _vcServer = tfs.GetService <VersionControlServer>(); _emaillookup = new Dictionary <string, string>(); }
public TeamWrapper(Uri collectionUri, string teamProjectName) { this.teamProjectCollection = new TfsTeamProjectCollection(collectionUri); this.teamService = this.teamProjectCollection.GetService <TfsTeamService>(); this.identityManagementService = this.teamProjectCollection.GetService <IIdentityManagementService>(); ICommonStructureService4 cssService = this.teamProjectCollection.GetService <ICommonStructureService4>(); this.projectInfo = cssService.GetProjectFromName(teamProjectName); }
public IdentityManagementController(IIdentityManagementService identityManagementService) { if (identityManagementService == null) { throw new ArgumentNullException("identityManagementService"); } this.identityManagementService = identityManagementService; mapperFactory = new MapperFactory(); }
public IdentityManagementController(IIdentityManagementService identityManagementService) { if (identityManagementService == null) { throw new ArgumentNullException("identityManagementService"); } this.identityManagementService = identityManagementService; mapperFactory = new MapperFactory(); }
public GroupManager(string teamProjectCollectionUrl, string teamProjectName) { _teamProjectCollectionUrl = teamProjectCollectionUrl; _teamProjectName = teamProjectName; _tfsTeamProjectCollection = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri(_teamProjectCollectionUrl)); _tfsTeamProjectCollection.EnsureAuthenticated(); _commonStructureService4 = _tfsTeamProjectCollection.GetService <ICommonStructureService4>(); _projectInfo = _commonStructureService4.GetProjectFromName(_teamProjectName); _identityManagementService = _tfsTeamProjectCollection.GetService <IIdentityManagementService>(); }
public IEnumerable <GroupModel> GetGroups(Guid collectionId, int projectId) { using (var server = GetServer()) { TfsTeamProjectCollection collection = server.GetTeamProjectCollection(collectionId); WorkItemStore wiStore = collection.GetService <WorkItemStore>(); Project project = wiStore.Projects.GetById(projectId); IIdentityManagementService identityManagement = collection.GetService <IIdentityManagementService>(); TeamFoundationIdentity[] identities = identityManagement.ListApplicationGroups(project.Uri.ToString(), ReadIdentityOptions.None); return(Map(identities)); } }
public TestPlanMigration(TfsTeamProjectCollection sourceTfs, TfsTeamProjectCollection destinationTfs, string sourceProject, string destinationProject, Hashtable workItemMap, ProgressBar progressBar) { this.sourceproj = GetProject(sourceTfs, sourceProject); this.destinationproj = GetProject(destinationTfs, destinationProject); this.workItemMap = workItemMap; this.progressBar = progressBar; projectName = sourceProject; store = (WorkItemStore)destinationTfs.GetService(typeof(WorkItemStore)); workItemTypes = store.Projects[destinationProject].WorkItemTypes; ims = (IIdentityManagementService)sourceTfs.GetService(typeof(IIdentityManagementService)); UserID = ims.ReadIdentity(IdentitySearchFactor.MailAddress, "*****@*****.**", MembershipQuery.Direct, ReadIdentityOptions.None); }
public ActionResult IdentityOverview(string id) { IdentityOverviewModel iom = new IdentityOverviewModel(); if (!string.IsNullOrWhiteSpace(id)) { TfsTeamProjectCollection tpc = configurationServer.GetTeamProjectCollection(new Guid(id)); IIdentityManagementService ims = tpc.GetService <IIdentityManagementService>(); IdentityServiceManagementHelper.FeedIdentityData(iom.ApplicationGroupCollection, iom.UserCollection, ims, null); } return(PartialView(iom)); }
public TestPlandsAndSuitesMigrationContext(MigrationEngine me, TestPlansAndSuitesMigrationConfig config) : base(me, config) { this.engine = me; sourceWitStore = new WorkItemStoreContext(me.Source, WorkItemStoreFlags.None); sourceTestStore = new TestManagementContext(me.Source, config.TestPlanQueryBit); targetWitStore = new WorkItemStoreContext(me.Target, WorkItemStoreFlags.BypassRules); targetTestStore = new TestManagementContext(me.Target); sourceTestConfigs = sourceTestStore.Project.TestConfigurations.Query("Select * From TestConfiguration"); targetTestConfigs = targetTestStore.Project.TestConfigurations.Query("Select * From TestConfiguration"); sourceIdentityManagementService = me.Source.Collection.GetService <IIdentityManagementService>(); targetIdentityManagementService = me.Target.Collection.GetService <IIdentityManagementService>(); this.config = config; }
private static void PerformUserAction(ApplicationTask task, IIdentityManagementService ims, string userName, Action <TeamFoundationIdentity> action) { // Look up the user by account name. var userIdentity = ims.ReadIdentity(IdentitySearchFactor.AccountName, userName, MembershipQuery.None, ReadIdentityOptions.IncludeReadFromSource); if (userIdentity == null) { task.SetWarning("The requested user was not found: \"{0}\". Please make sure to use the account name, not the display name (which can be ambiguous).".FormatCurrent(userName)); } else { action(userIdentity); } }
public TfsUtility( [NotNull] VersionControlServer versionControlServer, [NotNull] ICmdUtility cmdUtility, [NotNull] IIdentityManagementService identityManagementService, [NotNull] IMessageHub messageHub, [NotNull] ILog logger) { _versionControlServer = versionControlServer ?? throw new ArgumentNullException(nameof(versionControlServer)); _messageHub = messageHub ?? throw new ArgumentNullException(nameof(messageHub)); _logger = logger ?? throw new ArgumentNullException(nameof(logger)); _cmdUtility = cmdUtility; _identityManagementService = identityManagementService; _users = GetAllUsers(); }
/// <summary> /// Gets the users. /// </summary> /// <returns></returns> public List <TeamFoundationIdentity> GetUsers() { TfsTeamProjectCollection projectCollection = this.GetTeamProjectCollection(); ICommonStructureService css = (ICommonStructureService)projectCollection.GetService(typeof(ICommonStructureService)); IGroupSecurityService gss = projectCollection.GetService <IGroupSecurityService>(); IIdentityManagementService ims = projectCollection.GetService <IIdentityManagementService>(); // get the tfs project var projectList = css.ListAllProjects(); var project = projectList.FirstOrDefault(o => o.Name.Equals(this.TfsServer.ActiveProjectContext.ProjectName, StringComparison.InvariantCultureIgnoreCase)); // project doesn't exist if (project == null) { return(null); } // get the tfs group var groupList = gss.ListApplicationGroups(project.Uri); List <Identity> groups; if (ConfigurationManager.CurrentConfiguration.UserGroups != null && ConfigurationManager.CurrentConfiguration.UserGroups.Count > 0) { groups = groupList.Where(o => ConfigurationManager.CurrentConfiguration.UserGroups.Contains(o.AccountName)).ToList(); // you can also use DisplayName } else { groups = groupList.ToList(); } List <TeamFoundationIdentity> contributors = new List <TeamFoundationIdentity>(); foreach (Identity group in groups) { Identity sids = gss.ReadIdentity(SearchFactor.Sid, group.Sid, QueryMembership.Expanded); // there are no users if (sids.Members.Length == 0) { continue; } // convert to a list contributors.AddRange(ims.ReadIdentities(IdentitySearchFactor.Identifier, sids.Members, MembershipQuery.Direct, ReadIdentityOptions.None).SelectMany(x => x).Where(x => x.IsContainer == false)); } return(contributors.GroupBy(x => x.DisplayName).Select(g => g.First()).OrderBy(x => x.DisplayName).ToList()); }
private static void DisplayGroupTree(IIdentityManagementService ims, TeamFoundationIdentity node, int level) { DisplayNode(node, level); if (!node.IsContainer) return; TeamFoundationIdentity[] nodeMembers = ims.ReadIdentities(node.Members, MembershipQuery.Direct, ReadIdentityOptions.None); int newLevel = level + 1; foreach (TeamFoundationIdentity member in nodeMembers) DisplayGroupTree(ims, member, newLevel); }
public IdentityDescriptor GetIdentityToImpersonate(Uri projectCollectionUrl) { var configurationServer = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(projectCollectionUrl); // TODO: Find a way to read the identity from the server object model instead. IIdentityManagementService identityManagementService = configurationServer.GetService <IIdentityManagementService>(); Microsoft.TeamFoundation.Framework.Client.TeamFoundationIdentity identity = identityManagementService.ReadIdentities( new[] { new Guid(this.Notification.ChangerTeamFoundationId) }, MembershipQuery.None).FirstOrDefault(); return(identity?.Descriptor); }
// For call to create TR we need Ericsson user id (also domain?) - seems like we have what we want here. // TDOD: Try and make sure we are getting the correct attribute. // See http://stackoverflow.com/questions/19911368/using-the-tfs-2012-api-how-do-i-get-the-email-address-of-a-user static public String GetSignumForChangeNotification( Microsoft.TeamFoundation.WorkItemTracking.Client.WorkItem workItem, WorkItemChangedEvent notification) { TfsTeamProjectCollection tpc = workItem.Store.TeamProjectCollection; String userId = notification.ChangerTeamFoundationId; IIdentityManagementService mgmntService = tpc.GetService <IIdentityManagementService>(); Guid[] ids = new Guid[1]; ids[0] = new Guid(notification.ChangerTeamFoundationId); TeamFoundationIdentity[] members = mgmntService.ReadIdentities(ids, MembershipQuery.Direct); return(GetUserFromSignum(members[0].UniqueName)); }
private void InitializeProxies(IServiceProvider server) { m_identityManagement = server.GetService(typeof(IIdentityManagementService)) as IIdentityManagementService; m_securityService = server.GetService(typeof(ISecurityService)) as ISecurityService; m_authorizationService = server.GetService(typeof(IAuthorizationService)) as IAuthorizationService; /* * obsoleting the usage of m_userIdCache to by-pass the TFS user idenitity scalability issue * * IGroupSecurityService gss = server.GetService(typeof(IGroupSecurityService)) as IGroupSecurityService; * if (null != gss) * { * m_userIdCache = new TFSUserIdCache(gss); * } * */ }
private IdentityDescriptor GetIdentityToImpersonate(TeamFoundationRequestContext requestContext, WorkItemChangedEvent workItemChangedEvent) { Uri server = this.GetCollectionUriFromContext(requestContext); var configurationServer = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(server); // TODO: Find a way to read the identity from the server object model instead. IIdentityManagementService identityManagementService = configurationServer.GetService <IIdentityManagementService>(); TeamFoundationIdentity identity = identityManagementService.ReadIdentities( new Guid[] { new Guid(workItemChangedEvent.ChangerTeamFoundationId) }, MembershipQuery.None).FirstOrDefault(); return(identity?.Descriptor); }
public CloudFrontDeployer(ElasticBeanstalkDeploymentConfigurationProvider configProvider, IElasticBeanstalkService elasticBeanstalkService, IS3Service s3Service, ISmokeTestService smokeTestService, IIdentityManagementService iamService, ICloudFrontService cloudFrontService, ISslUploaderService sslUploaderService, IConfigurationOptionSettingsProvider configurationOptionSettingsProvider, IRoute53Service route53Service, ILoggerProvider loggerProvider) { this.configurationOptionSettingsProvider = configurationOptionSettingsProvider; this.smokeTestService = smokeTestService; this.elasticBeanstalkService = elasticBeanstalkService; this.s3Service = s3Service; this.configProvider = configProvider; this.iamService = iamService; this.cloudFrontService = cloudFrontService; this.sslUploaderService = sslUploaderService; this.route53Service = route53Service; this.loggerProvider = loggerProvider; }
private static void AddExpandedMembershipOfValidUsersGroup(IIdentityManagementService ims, List<TeamFoundationIdentity> membershipGroups, Dictionary<IdentityDescriptor, TeamFoundationIdentity> allIdentities) { // Get expanded membership of the Valid Users group, which is all identities in this host var validUsersGroupMembers = ims.ReadIdentity(GroupWellKnownDescriptors.EveryoneGroup, MembershipQuery.Expanded, ReadIdentityOptions.None); // If total membership exceeds batch size limit for Read, break it up const int batchSizeLimit = 100000; if (validUsersGroupMembers.Members.Length > batchSizeLimit) { BatchUpMembershipThatExceedsSizeLimit(validUsersGroupMembers, batchSizeLimit, ims, membershipGroups, allIdentities); } else { var memberIdentities = ims.ReadIdentities(validUsersGroupMembers.Members, MembershipQuery.Direct, ReadIdentityOptions.None); AddCollectionUsersAndGroupsToLists(memberIdentities, membershipGroups, allIdentities); } }
/// <summary> /// Extract iteration permissions for a specific identity /// </summary> /// <param name="server">Server security service</param> /// <param name="teamProject">Team project</param> /// <param name="userIdentity">User identity</param> /// <param name="identityManagementService">The identityManagementService</param> /// <param name="groups">List of groups</param> /// <returns>Security namespace</returns> private static List<IterationPermission> ExtractIterationPermissions(ISecurityService server, Project teamProject, TeamFoundationIdentity userIdentity, IIdentityManagementService identityManagementService, List<string> groups) { var result = new List<IterationPermission>(); var lstIterations = Helpers.FlattenTree(teamProject.IterationRootNodes); // root Area Node var iterationPermissionRoot = new IterationPermission { IterationName = teamProject.Name, IterationPermissions = new List<Permission>() }; iterationPermissionRoot.IterationPermissions.AddRange(ExtractGenericSecurityNamespacePermissions(server, PermissionScope.WorkItemIterations, userIdentity, lstIterations.First().ParentNode.Uri.AbsoluteUri, identityManagementService, groups)); if (iterationPermissionRoot.IterationPermissions.Count > 0) { result.Add(iterationPermissionRoot); } Console.WriteLine("== Extract WorkItems Iteration Permissions =="); foreach (Node iteration in lstIterations) { var iterationPermission = new IterationPermission { IterationName = iteration.Path, IterationPermissions = new List<Permission>() }; iterationPermission.IterationPermissions.AddRange(ExtractGenericSecurityNamespacePermissions(server, PermissionScope.WorkItemIterations, userIdentity, iteration.Uri.AbsoluteUri, identityManagementService, groups)); if (iterationPermission.IterationPermissions.Count > 0) { result.Add(iterationPermission); } } return result; }
/// <summary> /// Run the extraction algorithm for a specific user /// </summary> /// <param name="ims">Identity management service</param> /// <param name="userName">user name</param> /// <param name="options">command line parameters</param> /// <param name="fileName">File name</param> /// <param name="tfs">team project collection</param> /// <returns>true if successful</returns> private static bool ExtractPermissionForUserName(IIdentityManagementService ims, string userName, Options options, string fileName, TfsTeamProjectCollection tfs) { TeamFoundationIdentity userIdentity = ims.ReadIdentity( IdentitySearchFactor.AccountName, userName, MembershipQuery.None, ReadIdentityOptions.IncludeReadFromSource); if (userIdentity == null) { Console.WriteLine("User {0} can't connect to the Collection {1}. Please verifiy!", userName, options.Collection); Console.ReadLine(); return false; } // get workItem store var workItemStore = tfs.GetService<WorkItemStore>(); ////Initiate Report // Initiate a new object of Permission Report var permissionsReport = new PermissionsReport { Date = DateTime.Now, TfsCollectionUrl = options.Collection, UserName = userName, TeamProjects = new List<TfsTeamProject>() }; try { // retrieve list of Team Projects in the given collection ProjectCollection workItemsProjects = workItemStore.Projects; foreach (Project teamProject in workItemsProjects) { if (options.Projects != null) { if (!options.Projects.Contains(teamProject.Name)) { Console.WriteLine(" ...skipping Team Project: {0}", teamProject.Name); continue; } } // Create project security token string projectSecurityToken = "$PROJECT:" + teamProject.Uri.AbsoluteUri; // Project Permissions var server = tfs.GetService<ISecurityService>(); var vcs = tfs.GetService<VersionControlServer>(); TeamFoundation.Git.Client.GitRepositoryService gitRepostoryService = tfs.GetService<TeamFoundation.Git.Client.GitRepositoryService>(); Console.WriteLine("==== Extracting Permissions for {0} Team Project ====", teamProject.Name); var groups = GetUserGroups(tfs, teamProject.Uri.AbsoluteUri, userIdentity); var projectLevelPermissions = ExtractGenericSecurityNamespacePermissions(server, PermissionScope.TeamProject, userIdentity, projectSecurityToken, ims, groups); // Version Control Permissions var versionControlPermissions = ExtractVersionControlPermissions(server, groups, userIdentity, teamProject.Name, ims, vcs); var gitVersionControlPermissions = ExtractGitVersionControlPermissions(server, groups, userIdentity, teamProject.Name, ims, vcs, gitRepostoryService); // Build Permissions var buildPermissions = ExtractBuildPermissions(server, projectSecurityToken, userIdentity); // WorkItems Area Permissions var areasPermissions = ExtractAreasPermissions(server, teamProject, userIdentity, ims, groups); // WorkItems Iteration Permissions var iterationPermissions = ExtractIterationPermissions(server, teamProject, userIdentity, ims, groups); // Workspace Permissions // var workspacePermission = ExtractGenericSecurityNamespacePermissions(server, PermissionScope.Workspaces, userIdentity, projectSecurityToken, ims, groups); // Set TFS report Data // Create Team Project node in XML file var tfsTeamProject = new TfsTeamProject { Name = teamProject.Name, AreaPermissions = areasPermissions, BuildPermissions = buildPermissions, IterationPermissions = iterationPermissions, ProjectLevelPermissions = new ProjectLevelPermissions { ProjectLevelPermissionsList = projectLevelPermissions }, GitVersionControlPermissions = new VersionControlPermissions { VersionControlPermissionsList = gitVersionControlPermissions }, VersionControlPermissions = new VersionControlPermissions { VersionControlPermissionsList = versionControlPermissions } }; tfsTeamProject.VersionControlPermissions.VersionControlPermissionsList.AddRange(versionControlPermissions); permissionsReport.TeamProjects.Add(tfsTeamProject); } // Generate output file FileInfo fi = new FileInfo(fileName); if (!Directory.Exists(fi.DirectoryName)) { Console.Write("Creating Output Directory {0}", fi.DirectoryName); Directory.CreateDirectory(fi.DirectoryName); } var fs = new FileStream(fileName, FileMode.Create); var streamWriter = new StreamWriter(fs, Encoding.UTF8); using (streamWriter) { var xmlSerializer = new XmlSerializer(typeof(PermissionsReport)); xmlSerializer.Serialize(streamWriter, permissionsReport); streamWriter.Flush(); } if (options.Html) { var tranformationFileName = Path.Combine(Path.GetDirectoryName(fileName), "ALMRanger.xsl"); File.WriteAllText(tranformationFileName, Resources.ALMRangers_SampleXslt); var htmlOuput = Path.ChangeExtension(fileName, ".html"); var logoFile = Path.Combine(Path.GetDirectoryName(fileName), "ALMRangers_Logo.png"); Resources.ALMRangers_Logo.Save(logoFile); XmlTransformationManager.TransformXmlUsingXsl(fileName, tranformationFileName, htmlOuput); } return true; } catch (TeamFoundationServiceException ex) { Console.WriteLine(ex.Message); return false; } }
/// <summary> /// Extracts area permission for a specific identity /// </summary> /// <param name="server">Server security service</param> /// <param name="teamProject">Team project</param> /// <param name="userIdentity">User identity</param> /// <param name="identityManagementService">The identityManagementService</param> /// <param name="groups">List of groups</param> /// <returns>The list of the permissions</returns> private static List<AreaPermission> ExtractAreasPermissions(ISecurityService server, Project teamProject, TeamFoundationIdentity userIdentity, IIdentityManagementService identityManagementService, List<string> groups) { var result = new List<AreaPermission>(); Console.WriteLine("== Extract WorkItems Area Permissions =="); // root Area Node var areaPermissionRoot = new AreaPermission { AreaName = teamProject.Name, AreaPermissions = new List<Permission>() }; areaPermissionRoot.AreaPermissions.AddRange(ExtractGenericSecurityNamespacePermissions(server, PermissionScope.WorkItemAreas, userIdentity, teamProject.AreaRootNodeUri.AbsoluteUri, identityManagementService, groups)); if (areaPermissionRoot.AreaPermissions.Count > 0) { result.Add(areaPermissionRoot); } IEnumerable<Node> areaList = Helpers.FlattenTree(teamProject.AreaRootNodes); foreach (Node area in areaList) { var areaPermission = new AreaPermission { AreaName = area.Path, AreaPermissions = new List<Permission>() }; areaPermission.AreaPermissions.AddRange(ExtractGenericSecurityNamespacePermissions(server, PermissionScope.WorkItemAreas, userIdentity, area.Uri.AbsoluteUri, identityManagementService, groups)); if (areaPermission.AreaPermissions.Count > 0) { Console.WriteLine(" -- Adding Permissions for {0}", area.Path); result.Add(areaPermission); } } return result; }
private static TeamFoundationIdentity GetAllValidUsers(IIdentityManagementService ims) { var validUsersGroupMembers = ims.ReadIdentity(GroupWellKnownDescriptors.EveryoneGroup, MembershipQuery.Direct, ReadIdentityOptions.None); return validUsersGroupMembers; }
public TfsIdentityServiceProxy(IIdentityManagementService identityService) { this.identityService = identityService; this.users = new Dictionary<string, UserIdentity>(); this.RootGroupName = @"[WPF_Scrum]\Contributors"; }
/// <summary> /// Extracts the generic security namespace permissions. /// </summary> /// <param name="server">The server.</param> /// <param name="permissionScope">The permission scope.</param> /// <param name="userIdentity">The user identity.</param> /// <param name="securityToken">The security token.</param> /// <param name="identityManagementService">The identityManagementService.</param> /// <param name="groups">The groups.</param> /// <returns>List of Permissions</returns> private static List<Permission> ExtractGenericSecurityNamespacePermissions(ISecurityService server, PermissionScope permissionScope, TeamFoundationIdentity userIdentity, string securityToken, IIdentityManagementService identityManagementService, IEnumerable<string> groups) { SecurityNamespace genericSecurityNamespace = server.GetSecurityNamespace(Helpers.GetSecurityNamespaceId(permissionScope, server)); AccessControlList userAccessList = genericSecurityNamespace.QueryAccessControlList( securityToken, new List<IdentityDescriptor> { userIdentity.Descriptor }, true); var result = new List<Permission>(); result.AddRange(Helpers.AccessControlEntryToPermission(genericSecurityNamespace, userAccessList.AccessControlEntries, false, string.Empty)); // handle group inheritance foreach (string group in groups) { TeamFoundationIdentity groupIdentity = identityManagementService.ReadIdentity(IdentitySearchFactor.Identifier, group, MembershipQuery.None, ReadIdentityOptions.IncludeReadFromSource); AccessControlList groupAccessList = genericSecurityNamespace.QueryAccessControlList( securityToken, new List<IdentityDescriptor> { groupIdentity.Descriptor }, true); result.AddRange(Helpers.AccessControlEntryToPermission(genericSecurityNamespace, groupAccessList.AccessControlEntries, true, groupIdentity.DisplayName)); } var modifiedPermissions = Helpers.RemoveDuplicatePermissionsAndCombineGroups(result); return modifiedPermissions; }
void MainWindow_Loaded(object sender, RoutedEventArgs e) { this.teamProjectCollection = new TfsTeamProjectCollection(new Uri(TeamProjectCollectionPath)); this.teamProjectCollection.Authenticate(); this.teamProjectCollection.EnsureAuthenticated(); this.versionControl = this.teamProjectCollection.GetService<VersionControlServer>(); this.sourceControlProxy = new TfsProxy(this.versionControl); this.infoProvider = new TestChangeCalculator(this.sourceControlProxy); this.identityService = this.teamProjectCollection.GetService<IIdentityManagementService>(); //this.pickerFrom.SelectedValue = new DateTime(2012, 10, 19, 7, 0, 0); this.pickerFrom.SelectedValue = new DateTime(2012, 10, 18, 23, 0, 0); //this.pickerTo.SelectedValue = new DateTime(2012, 11, 28, 23, 0, 0); this.pickerTo.SelectedValue = DateTime.Now;// new DateTime(2012, 11, 10, 23, 0, 0); this.pathTextBox.Text = "$/WPF_Scrum/Development/Core/Data"; this.testsPerGroupView.IdentityService = new TfsIdentityServiceProxy(this.identityService); var iden = this.testsPerGroupView.IdentityService.GetUserIdentities(); iden = this.testsPerGroupView.IdentityService.GetUserIdentities(); //2.Read the group represnting the root node var rootIdentity = this.identityService.ReadIdentity(IdentitySearchFactor.AccountName, @"[WPF_Scrum]\Contributors", MembershipQuery.Direct, ReadIdentityOptions.None); //3.Recursively parse the members of the group DisplayGroupTree(this.identityService, rootIdentity, 0); }
/// <summary> /// Extracts version control permissions for a specific identity. /// </summary> /// <param name="server">TFS Security service</param> /// <param name="groups">Security groups</param> /// <param name="userIdentity">User Identity</param> /// <param name="projectSecurityToken">Project Security Token</param> /// <param name="ims">TFS Identity service</param> /// <param name="vcs">TFS VC Service</param> /// <returns>The list of the permissions</returns> private static List<Permission> ExtractVersionControlPermissions( ISecurityService server, IEnumerable<string> groups, TeamFoundationIdentity userIdentity, string projectSecurityToken, IIdentityManagementService ims, VersionControlServer vcs) { Console.WriteLine("== Extract Version Control Permissions =="); var teamProject = vcs.TryGetTeamProject(projectSecurityToken); if (teamProject == null) { return new List<Permission>(); } return ExtractGenericSecurityNamespacePermissions(server, PermissionScope.SourceControl, userIdentity, teamProject.ServerItem, ims, groups); }
public void Setup() { identityManagementService = Substitute.For<IIdentityManagementService>(); sut = new IdentityManagementController(identityManagementService); }
/// <summary> /// Sample method on how to extracts the git version control permissions. /// </summary> /// <param name="server">The server.</param> /// <param name="groups">The groups.</param> /// <param name="userIdentity">The user identity.</param> /// <param name="projectSecurityToken">The project security token.</param> /// <param name="identityManagementService">The identityManagementService.</param> /// <param name="vcs">The VCS.</param> /// <param name="gitService">The git service.</param> /// <returns>List of Permissions</returns> private static List<Permission> ExtractGitVersionControlPermissions(ISecurityService server, IEnumerable<string> groups, TeamFoundationIdentity userIdentity, string projectSecurityToken, IIdentityManagementService identityManagementService, VersionControlServer vcs, TeamFoundation.Git.Client.GitRepositoryService gitService) { Console.WriteLine("== Extract Git Version Control Permissions =="); SecurityNamespace gitVersionControlSecurityNamespace = server.GetSecurityNamespace(Helpers.GetSecurityNamespaceId(PermissionScope.GitSourceControl, server)); var gitProjectRepoService = gitService.QueryRepositories(projectSecurityToken); // This sample handle only the default repository, you can iterate through all repositories same way var defaultGitRepo = gitProjectRepoService.SingleOrDefault(gr => gr.Name.Equals(projectSecurityToken)); vcs.TryGetTeamProject(projectSecurityToken); if (defaultGitRepo == null) { return new List<Permission>(); } // Repository Security Token is repoV2/TeamProjectId/RepositoryId var repoIdToken = string.Format("repoV2{0}{1}{2}{3}", gitVersionControlSecurityNamespace.Description.SeparatorValue, defaultGitRepo.ProjectReference.Id, gitVersionControlSecurityNamespace.Description.SeparatorValue, defaultGitRepo.Id); // vcs.GetTeamProject(projectSecurityToken); AccessControlList versionControlAccessList = gitVersionControlSecurityNamespace.QueryAccessControlList( repoIdToken, new List<IdentityDescriptor> { userIdentity.Descriptor }, true); var gitVersionControlPermissions = new List<Permission>(); foreach (AccessControlEntry ace in versionControlAccessList.AccessControlEntries) { if (0 != ace.Allow) { var allowedVersionControlPermissions = ((EnumrationsList.GitPermissions)ace.Allow).ToString(); gitVersionControlPermissions.AddRange( Helpers.GetActionDetailsByName(allowedVersionControlPermissions, "Allow", PermissionScope.GitSourceControl)); } if (0 != ace.Deny) { var denyVersionControlPermissions = ((EnumrationsList.GitPermissions)ace.Deny).ToString(); gitVersionControlPermissions.AddRange( Helpers.GetActionDetailsByName(denyVersionControlPermissions, "Deny", PermissionScope.GitSourceControl)); } } if (gitVersionControlPermissions.Count == 0) { foreach (AccessControlEntry ace in versionControlAccessList.AccessControlEntries) { if (0 != ace.ExtendedInfo.EffectiveAllow) { var allowedVersionControlPermissions = ((EnumrationsList.GitPermissions)ace.ExtendedInfo.EffectiveAllow).ToString(); gitVersionControlPermissions.AddRange( Helpers.GetActionDetailsByName(allowedVersionControlPermissions, "Allow", PermissionScope.GitSourceControl)); } if (0 != ace.ExtendedInfo.EffectiveDeny) { var denyVersionControlPermissions = ((EnumrationsList.GitPermissions)ace.ExtendedInfo.EffectiveDeny).ToString(); gitVersionControlPermissions.AddRange( Helpers.GetActionDetailsByName(denyVersionControlPermissions, "Deny", PermissionScope.GitSourceControl)); } } } foreach (string group in groups) { TeamFoundationIdentity groupIdentity = identityManagementService.ReadIdentity(IdentitySearchFactor.Identifier, group, MembershipQuery.None, ReadIdentityOptions.IncludeReadFromSource); AccessControlList groupAccessList = gitVersionControlSecurityNamespace.QueryAccessControlList( repoIdToken, new List<IdentityDescriptor> { groupIdentity.Descriptor }, true); foreach (AccessControlEntry ace in groupAccessList.AccessControlEntries) { if (0 != ace.Allow) { var allowedPermissions = ((EnumrationsList.GitPermissions)ace.Allow).ToString(); var permissionsList = Helpers.GetActionDetailsByName(allowedPermissions, "Inherited Allow", PermissionScope.GitSourceControl); Helpers.AppendGroupInheritanceInformation(permissionsList, groupIdentity.DisplayName); gitVersionControlPermissions.AddRange(permissionsList); } if (0 != ace.Deny) { var denyPermissions = ((EnumrationsList.GitPermissions)ace.Deny).ToString(); var permissionsList = Helpers.GetActionDetailsByName(denyPermissions, "Inherited Deny", PermissionScope.GitSourceControl); Helpers.AppendGroupInheritanceInformation(permissionsList, groupIdentity.DisplayName); gitVersionControlPermissions.AddRange(permissionsList); } } } var modifiedPermissions = Helpers.RemoveDuplicatePermissionsAndCombineGroups(gitVersionControlPermissions); return modifiedPermissions; }