private async static Task HasPermission(SecurityHttpClient securityHttpClient, string project, string token, Guid securityNamespace, int requestedPermission)
{
bool hasPermission = false;
try
{
hasPermission = await securityHttpClient.HasPermissionAsync(
securityNamespace,
token,
requestedPermission,
false);
}
catch (Exception e)
{
throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {token} in namespace {securityNamespace}", e);
}
if (hasPermission)
{
Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {token} project");
}
else
{
throw new ValidationException($"You do not have the necessary security permissions for {token}, work item permission: {requestedPermission} is required.");
}
}
public async static Task CheckConnection(WorkItemClientConnection client, string project, int requestedPermission)
{
Logger.LogInformation($"Checking security permissions for {client.Connection.AuthorizedIdentity.DisplayName} in {project}");
bool hasPermission = false;
SecurityHttpClient securityHttpClient = null;
WorkItemClassificationNode result = null;
try
{
securityHttpClient = client.Connection.GetClient <SecurityHttpClient>();
result = await WorkItemTrackingHelpers.GetClassificationNode(client.WorkItemTrackingHttpClient, project, TreeStructureGroup.Areas);
}
catch (Exception e) when(e.InnerException is VssUnauthorizedException)
{
throw new ValidationException(client.Connection.Uri.ToString(), (VssUnauthorizedException)e.InnerException);
}
catch (Exception e)
{
throw new ValidationException("An unexpected error occurred while reading the classification nodes to validate project permissions", e);
}
//construct the token by appending the id
string token = $"vstfs:///Classification/Node/{result.Identifier}";
//WORK_ITEM guid is hardcoded below
//securityNameSpaceId for WORK_ITEM is 83e28ad4-2d72-4ceb-97b0-c7726d5502c3
try
{
hasPermission = await securityHttpClient.HasPermissionAsync(
new Guid("83e28ad4-2d72-4ceb-97b0-c7726d5502c3"),
token,
requestedPermission,
false);
}
catch (Exception e)
{
throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {project}", e);
}
if (hasPermission)
{
Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {project} project");
}
else
{
throw new ValidationException($"You do not have the necessary security permissions for {project}, work item {(requestedPermission == WritePermission ? "write" : "read")} permissions are required.");
}
}
private async static Task CheckPermission(WorkItemClientConnection client, string project, Guid securityNamespace, int requestedPermission)
{
Logger.LogInformation($"Checking security permissions for {client.Connection.AuthorizedIdentity.DisplayName} in {project}");
bool hasPermission = false;
SecurityHttpClient securityHttpClient = null;
WorkItemClassificationNode result = null;
try
{
securityHttpClient = client.Connection.GetClient <SecurityHttpClient>();
result = await WorkItemTrackingHelpers.GetClassificationNode(client.WorkItemTrackingHttpClient, project, TreeStructureGroup.Areas);
}
catch (Exception e) when(e.InnerException is VssUnauthorizedException)
{
throw new ValidationException(client.Connection.Uri.ToString(), (VssUnauthorizedException)e.InnerException);
}
catch (Exception e)
{
throw new ValidationException("An unexpected error occurred while reading the classification nodes to validate project permissions", e);
}
//construct the token by appending the id
string token = $"vstfs:///Classification/Node/{result.Identifier}";
try
{
hasPermission = await securityHttpClient.HasPermissionAsync(
securityNamespace,
token,
requestedPermission,
false);
}
catch (Exception e)
{
throw new ValidationException($"An unexpected error occurred while trying to check permissions for project {project} in namespace {securityNamespace}", e);
}
if (hasPermission)
{
Logger.LogSuccess(LogDestination.All, $"Verified security permissions for {project} project");
}
else
{
throw new ValidationException($"You do not have the necessary security permissions for {project}, work item permission: {requestedPermission} is required.");
}
}