/// <summary> /// Gets the list of project users in a TFS project /// </summary> /// <param name="projectCollection">TFS PROJECT COLLECTION</param> /// <param name="projectName">TFS PROJECT NAME</param> /// <returns></returns> public static List <TeamFoundationIdentity> ListContributors(TfsTeamProjectCollection tfsTeamProjectCollection, string projectName) { List <TeamFoundationIdentity> tfsUsers = new List <TeamFoundationIdentity>(); IIdentityManagementService ims = (IIdentityManagementService)tfsTeamProjectCollection.GetService(typeof(IIdentityManagementService)); // get the tfs project ReadOnlyCollection <CatalogNode> projectNodes = tfsTeamProjectCollection.CatalogNode.QueryChildren(new[] { CatalogResourceTypes.TeamProject }, false, CatalogQueryOptions.None); CatalogNode projectCatalogNode = projectNodes.FirstOrDefault(c => c.Resource.DisplayName == projectName); if (projectCatalogNode != null && ims != null) { TeamFoundationIdentity[] groups = ims.ListApplicationGroups(projectName, ReadIdentityOptions.None); foreach (TeamFoundationIdentity group in groups) { TeamFoundationIdentity sids = ims.ReadIdentity(IdentitySearchFactor.DisplayName, group.DisplayName, MembershipQuery.Expanded, ReadIdentityOptions.IncludeReadFromSource); if (sids != null) { tfsUsers.AddRange(ims.ReadIdentities(sids.Members, MembershipQuery.Expanded, ReadIdentityOptions.None)); } } } //Remove any duplicates (by user-id) return(tfsUsers.GroupBy(u => u.UniqueName).Select(u => u.First()).ToList()); }
public IEnumerable <GroupModel> GetGroups(Guid collectionId, int projectId) { using (var server = GetServer()) { TfsTeamProjectCollection collection = server.GetTeamProjectCollection(collectionId); WorkItemStore wiStore = collection.GetService <WorkItemStore>(); Project project = wiStore.Projects.GetById(projectId); IIdentityManagementService identityManagement = collection.GetService <IIdentityManagementService>(); TeamFoundationIdentity[] identities = identityManagement.ListApplicationGroups(project.Uri.ToString(), ReadIdentityOptions.None); return(Map(identities)); } }
public static void ScanUsers(TfsTeamProjectCollection tfsTeamProjectCollection, ProjectInfo projectInfo) { IIdentityManagementService identityManagementService = tfsTeamProjectCollection.GetService <IIdentityManagementService>(); TeamFoundationIdentity[] projectSecurityGroups = identityManagementService.ListApplicationGroups( projectInfo.Uri, ReadIdentityOptions.None); // Get projectValidUsersIdentity Identifier TeamFoundationIdentity projectValidUsersIdentity = projectSecurityGroups .FirstOrDefault(psg => psg.GetProperty("SpecialType").ToString().Equals("EveryoneApplicationGroup")); if (projectValidUsersIdentity == null) { return; } // Expand projectValidUsersIdentity from Identifier to get the list of Members projectValidUsersIdentity = identityManagementService.ReadIdentity( IdentitySearchFactor.Identifier, projectValidUsersIdentity.Descriptor.Identifier, MembershipQuery.Expanded, // Number of Members: Direct gives 20, Expanded gives 111, ExpandedDown gives 111, ExpandedUp gives 0. ReadIdentityOptions.None); // Expand projectValidUsersIdentity with Members into collection of identities TeamFoundationIdentity[] projectUsersIdentities = identityManagementService.ReadIdentities(projectValidUsersIdentity.Members, MembershipQuery.Direct, ReadIdentityOptions.None); // First build map from Identifier (which is part of the Descriptor) to Identity object. foreach (TeamFoundationIdentity userIdentity in projectUsersIdentities) { TeamFoundationIdentity currentIdentity = userIdentity; if (!currentIdentity.BelongsToProject(projectInfo.Uri)) { continue; } TeamProjectScanner.IdToIdentity[currentIdentity.Descriptor.Identifier] = currentIdentity; TeamProjectScanner.DisplayNameToIdentity[currentIdentity.DisplayName] = currentIdentity; //Debug.WriteLine("{0}: Members = {1}, MemberOf = {2}", currentIdentity.DisplayName(), currentIdentity.Members.Length, currentIdentity.MemberOf.Length); } }
public static void FeedIdentityData(ICollection <ApplicationGroupDefinition> applicationGroupCollection, ICollection <User> userCollection, IIdentityManagementService ims, string projectUri) { //Get the project application groups TeamFoundationIdentity[] lightApplicationGroups = ims.ListApplicationGroups(projectUri, ReadIdentityOptions.IncludeReadFromSource); //Read the project application groups identities with an expended membership query to populate the Members properties TeamFoundationIdentity[] fullApplicationGroups = ims.ReadIdentities(lightApplicationGroups.Select(x => x.Descriptor).ToArray(), MembershipQuery.Expanded, ReadIdentityOptions.None); foreach (TeamFoundationIdentity applicationGroup in fullApplicationGroups) { ApplicationGroupDefinition applicationGroupDefinition = new ApplicationGroupDefinition() { Name = applicationGroup.DisplayName }; TeamFoundationIdentity[] applicationGroupMembers = ims.ReadIdentities(applicationGroup.Members, MembershipQuery.None, ReadIdentityOptions.None); foreach (TeamFoundationIdentity applicationGroupMember in applicationGroupMembers) { if (!applicationGroupMember.IsContainer) { User user = userCollection.SingleOrDefault(x => x.Name == applicationGroupMember.DisplayName); if (user == null) { user = new User() { Name = applicationGroupMember.DisplayName, IsActive = applicationGroupMember.IsActive, Mail = applicationGroupMember.GetAttribute("Mail", string.Empty), Domain = applicationGroupMember.GetAttribute("Domain", string.Empty), Account = applicationGroupMember.GetAttribute("Account", string.Empty), DN = applicationGroupMember.GetAttribute("DN", string.Empty), SID = applicationGroupMember.Descriptor.Identifier }; userCollection.Add(user); } user.ApplicationGroups.Add(applicationGroupDefinition.Name); applicationGroupDefinition.UserCollection.Add(user); } } applicationGroupCollection.Add(applicationGroupDefinition); } }
/// <summary> /// Create TFS Group if not exists /// </summary> /// <param name="groupName"></param> /// <returns></returns> public TeamFoundationIdentity CreateGroup(string groupName) { // Check if group already exists TeamFoundationIdentity group = _identityManagementService .ListApplicationGroups(_projectInfo.Uri, ReadIdentityOptions.IncludeReadFromSource) .FirstOrDefault(g => string.Equals(g.DisplayName, groupName, StringComparison.OrdinalIgnoreCase)); if (group == null) { // Prepare group name var groupNameToCreate = groupName.Replace($"[{_teamProjectName}]\\", ""); // Group doesn't exist, create one var groupDescriptor = _identityManagementService.CreateApplicationGroup(_projectInfo.Uri, groupNameToCreate, null); group = _identityManagementService.ReadIdentity(groupDescriptor, MembershipQuery.None, ReadIdentityOptions.IncludeReadFromSource); Console.WriteLine($"Group created: '{groupName}'"); } else { Console.WriteLine($"Group already exists: '{groupName}'"); } return(group); }
private TeamFoundationIdentity[] allTfsUsers(TfsConnection tfs) { try { IIdentityManagementService ims = tfs.GetService <IIdentityManagementService>(); TeamFoundationIdentity[] projectGroups = ims.ListApplicationGroups(tfsProject.Project, ReadIdentityOptions.None); Dictionary <IdentityDescriptor, object> descSet = new Dictionary <IdentityDescriptor, object>(IdentityDescriptorComparer.Instance); foreach (TeamFoundationIdentity projectGroup in projectGroups) { descSet[projectGroup.Descriptor] = projectGroup.Descriptor; } projectGroups = ims.ReadIdentities(descSet.Keys.ToArray(), MembershipQuery.Expanded, ReadIdentityOptions.None); foreach (TeamFoundationIdentity projectGroup in projectGroups) { foreach (IdentityDescriptor mem in projectGroup.Members) { descSet[mem] = mem; } } TeamFoundationIdentity[] identities = new TeamFoundationIdentity[0]; int batchSizeLimit = 100000; var descriptors = descSet.Keys.ToArray(); if (descriptors.Length > batchSizeLimit) { int batchNum = 0; int remainder = descriptors.Length; IdentityDescriptor[] batchDescriptors = new IdentityDescriptor[batchSizeLimit]; while (remainder > 0) { int startAt = batchNum * batchSizeLimit; int length = batchSizeLimit; if (length > remainder) { length = remainder; batchDescriptors = new IdentityDescriptor[length]; } Array.Copy(descriptors, startAt, batchDescriptors, 0, length); identities = ims.ReadIdentities(batchDescriptors, MembershipQuery.Direct, ReadIdentityOptions.None); remainder -= length; } } else { identities = ims.ReadIdentities(descriptors, MembershipQuery.Direct, ReadIdentityOptions.None); } return(identities.Where(_ => !_.IsContainer && _.Descriptor.IdentityType != "Microsoft.TeamFoundation.UnauthenticatedIdentity").ToArray()); } catch { /* Do nothing */ } return(tfs != null? new TeamFoundationIdentity[] { tfs.AuthorizedIdentity } : new TeamFoundationIdentity[0]); }
/// <summary> /// Removes a user account from TFS Security groups. /// </summary> /// <param name="usersList">List of users and corresponding projects.</param> /// <returns>ReturnCode</returns> public ReturnCode RemoveUsers(List <User2GroupsMap> usersList) { if (tpCollection == null) { FileHelper.Log("Collection not initialized."); return(ReturnCode.Failure); } int errorCount = 0; int iteration = 0; try { if (usersList == null || usersList.Capacity <= 0) { FileHelper.Log("Users 2 Groups mapping is not available."); return(ReturnCode.Failure); } // For each User to Groups mapping foreach (User2GroupsMap u2gmap in usersList) { iteration++; // Find the user identity UserPrincipal user = GetUserIdentity(u2gmap.UserName); if (user != null && user.Sid != null) { FileHelper.Log("User found..." + user.Name); // Remove user at Project level if (u2gmap.TeamProjectNames.Count > 0) { foreach (string teamProjectName in u2gmap.TeamProjectNames) { ProjectInfo prjInfo = GetProject(teamProjectName); if (prjInfo != null) { iteration++; FileHelper.Log("Removing user from team project " + prjInfo.Name); TeamFoundationIdentity[] applicationGroups = idMgmtSvc.ListApplicationGroups(prjInfo.Uri, ReadIdentityOptions.None); foreach (TeamFoundationIdentity grpIdentity in applicationGroups) { iteration++; bool result = RemoveMemberFromGroup(grpIdentity.Descriptor, new IdentityDescriptor(RES_WindowsIdentity, user.Sid.Value)); if (!result) { errorCount++; } } } else { errorCount++; } } FileHelper.Log("Operation completed."); } else { FileHelper.Log("Removing user from all team projects..."); // Remove user from all groups, at collection level - // use "Project Collection Valid Users" as the one source. TeamFoundationIdentity tfiGrp = GetProjCollectionValidUsersGroup(); bool result = RemoveUserFromAllGroupsInCollection(tfiGrp, new IdentityDescriptor(RES_WindowsIdentity, user.Sid.Value)); if (!result) { errorCount++; } FileHelper.Log("Operation completed."); } } else { errorCount++; FileHelper.Log("User not found..." + u2gmap.UserName); } } } catch (Exception ex) { FileHelper.Log(ex.Message); FileHelper.Log(ex.StackTrace); return(ReturnCode.Failure); } return(GetReturnCode(iteration, errorCount)); }
public IEnumerable <TeamFoundationIdentity> GetRootGroups() { return(_identityService.ListApplicationGroups(null, ReadIdentityOptions.None)); }