private async static Task HasPermission(SecurityHttpClient securityHttpClient, string project, string token, Guid securityNamespace, int requestedPermission) { bool hasPermission = false; try { hasPermission = await securityHttpClient.HasPermissionAsync( securityNamespace, token, requestedPermission, false); } catch (Exception e) { throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {token} in namespace {securityNamespace}", e); } if (hasPermission) { Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {token} project"); } else { throw new ValidationException($"You do not have the necessary security permissions for {token}, work item permission: {requestedPermission} is required."); } }
public async static Task CheckConnection(WorkItemClientConnection client, string project, int requestedPermission) { Logger.LogInformation($"Checking security permissions for {client.Connection.AuthorizedIdentity.DisplayName} in {project}"); bool hasPermission = false; SecurityHttpClient securityHttpClient = null; WorkItemClassificationNode result = null; try { securityHttpClient = client.Connection.GetClient <SecurityHttpClient>(); result = await WorkItemTrackingHelpers.GetClassificationNode(client.WorkItemTrackingHttpClient, project, TreeStructureGroup.Areas); } catch (Exception e) when(e.InnerException is VssUnauthorizedException) { throw new ValidationException(client.Connection.Uri.ToString(), (VssUnauthorizedException)e.InnerException); } catch (Exception e) { throw new ValidationException("An unexpected error occurred while reading the classification nodes to validate project permissions", e); } //construct the token by appending the id string token = $"vstfs:///Classification/Node/{result.Identifier}"; //WORK_ITEM guid is hardcoded below //securityNameSpaceId for WORK_ITEM is 83e28ad4-2d72-4ceb-97b0-c7726d5502c3 try { hasPermission = await securityHttpClient.HasPermissionAsync( new Guid("83e28ad4-2d72-4ceb-97b0-c7726d5502c3"), token, requestedPermission, false); } catch (Exception e) { throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {project}", e); } if (hasPermission) { Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {project} project"); } else { throw new ValidationException($"You do not have the necessary security permissions for {project}, work item {(requestedPermission == WritePermission ? "write" : "read")} permissions are required."); } }
private async static Task CheckPermission(WorkItemClientConnection client, string project, Guid securityNamespace, int requestedPermission) { Logger.LogInformation($"Checking security permissions for {client.Connection.AuthorizedIdentity.DisplayName} in {project}"); bool hasPermission = false; SecurityHttpClient securityHttpClient = null; WorkItemClassificationNode result = null; try { securityHttpClient = client.Connection.GetClient <SecurityHttpClient>(); result = await WorkItemTrackingHelpers.GetClassificationNode(client.WorkItemTrackingHttpClient, project, TreeStructureGroup.Areas); } catch (Exception e) when(e.InnerException is VssUnauthorizedException) { throw new ValidationException(client.Connection.Uri.ToString(), (VssUnauthorizedException)e.InnerException); } catch (Exception e) { throw new ValidationException("An unexpected error occurred while reading the classification nodes to validate project permissions", e); } //construct the token by appending the id string token = $"vstfs:///Classification/Node/{result.Identifier}"; try { hasPermission = await securityHttpClient.HasPermissionAsync( securityNamespace, token, requestedPermission, false); } catch (Exception e) { throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {project} in namespace {securityNamespace}", e); } if (hasPermission) { Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {project} project"); } else { throw new ValidationException($"You do not have the necessary security permissions for {project}, work item permission: {requestedPermission} is required."); } }