MoimHossain/Permissions.http

## Permissions.http
@projectName = "Platform"
@projectId = 1853c648-0f7d-4f1e-80ab-fd1ecd333520
@scopeDescriptor = scp.NjNlMTM4ODctZmZiNi00MTkxLTk3ZjYtODM0MmRiM2YzZjll

### Get scop descriptor for project
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Descriptors/{{projectId}} HTTP/1.1
content-type: application/json; charset=utf-8; api-version=5.2-preview.1
Authorization: Basic {{base64EncodedPat}}


### Get specific user from system; which will return the subject descriptor
GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue=moim_hossain@hotmail.com&queryMembership=None&api-version=7.1-preview.1
Authorization: Basic {{base64EncodedPat}}


### Get all users for project (get specific user is efficient, as get all users can yield large result and required pagination which is not covered in this example)
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Users?scopeDescriptor={{scopeDescriptor}} HTTP/1.1
content-type: application/json; charset=utf-8; api-version=5.2-preview.1
Authorization: Basic {{base64EncodedPat}}


@filterValue = %5BPlatform%5D%5CBuild%20Administrators
### Get specific group from system; which will return the subject descriptor. Note: filterValue is url encoded and it
### requires the group name to be in the format [ProjectName]\GroupName
GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue={{filterValue}}&queryMembership=None&api-version=7.1-preview.1
Authorization: Basic {{base64EncodedPat}}


### Get all groups for project (get specific group is efficient, as get all users can yield large result and required pagination which is not covered in this example)
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Groups?scopeDescriptor={{scopeDescriptor}} HTTP/1.1
content-type: application/json; charset=utf-8; api-version=5.2-preview.1
Authorization: Basic {{base64EncodedPat}}


### From above 2 requests we can get the subject descriptor for a user or group
### which we will use in the next request to get the permissions for a user or group
@userSubjectDescriptor = "svc.NDlmYmI5MzAtYjRjZS00ZTUyLWIzNDAtY2Q3Mjk0OGMyNzZkOkJ1aWxkOjhjNjFlMDc1LWYwNzUtNDIyOS1iY2NiLTIxZmVkNDVlYjkyZg"
@groupSubjectDescriptor = "aad.ZTBmZjNjMjYtM2ViZC03YjRmLWJmM2YtNjY1N2U3ODdiNDYz"

### Get permissions for single user
POST  https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1
Authorization: Basic {{base64EncodedPat}}

{
	"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"],
	"dataProviderContext": {
		"properties": {
			"subjectDescriptor": {{userSubjectDescriptor}},
			"sourcePage": {
				"routeId": "ms.vss-admin-web.project-admin-hub-route",
				"routeValues": {
					"project": {{projectId}},
					"adminPivot": "permissions",
					"controller": "ContributedPage",
					"action": "Execute"
				}
			}
		}
	}
}

### Get permissions for single group
POST  https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1
Authorization: Basic {{base64EncodedPat}}

{
	"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"],
	"dataProviderContext": {
		"properties": {
			"subjectDescriptor": {{groupSubjectDescriptor}},
			"sourcePage": {
				"routeId": "ms.vss-admin-web.project-admin-hub-route",
				"routeValues": {
					"project": {{projectId}},
					"adminPivot": "permissions",
					"controller": "ContributedPage",
					"action": "Execute"
				}
			}
		}
	}
}
	@projectName = "Platform"
	@projectId = 1853c648-0f7d-4f1e-80ab-fd1ecd333520
	@scopeDescriptor = scp.NjNlMTM4ODctZmZiNi00MTkxLTk3ZjYtODM0MmRiM2YzZjll

	### Get scop descriptor for project
	GET https://{{graphHost}}/{{organization}}/_apis/Graph/Descriptors/{{projectId}} HTTP/1.1
	content-type: application/json; charset=utf-8; api-version=5.2-preview.1
	Authorization: Basic {{base64EncodedPat}}


	### Get specific user from system; which will return the subject descriptor
	GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue=moim_hossain@hotmail.com&queryMembership=None&api-version=7.1-preview.1
	Authorization: Basic {{base64EncodedPat}}


	### Get all users for project (get specific user is efficient, as get all users can yield large result and required pagination which is not covered in this example)
	GET https://{{graphHost}}/{{organization}}/_apis/Graph/Users?scopeDescriptor={{scopeDescriptor}} HTTP/1.1
	content-type: application/json; charset=utf-8; api-version=5.2-preview.1
	Authorization: Basic {{base64EncodedPat}}



	@filterValue = %5BPlatform%5D%5CBuild%20Administrators
	### Get specific group from system; which will return the subject descriptor. Note: filterValue is url encoded and it
	### requires the group name to be in the format [ProjectName]\GroupName
	GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue={{filterValue}}&queryMembership=None&api-version=7.1-preview.1
	Authorization: Basic {{base64EncodedPat}}



	### Get all groups for project (get specific group is efficient, as get all users can yield large result and required pagination which is not covered in this example)
	GET https://{{graphHost}}/{{organization}}/_apis/Graph/Groups?scopeDescriptor={{scopeDescriptor}} HTTP/1.1
	content-type: application/json; charset=utf-8; api-version=5.2-preview.1
	Authorization: Basic {{base64EncodedPat}}


	### From above 2 requests we can get the subject descriptor for a user or group
	### which we will use in the next request to get the permissions for a user or group
	@userSubjectDescriptor = "svc.NDlmYmI5MzAtYjRjZS00ZTUyLWIzNDAtY2Q3Mjk0OGMyNzZkOkJ1aWxkOjhjNjFlMDc1LWYwNzUtNDIyOS1iY2NiLTIxZmVkNDVlYjkyZg"
	@groupSubjectDescriptor = "aad.ZTBmZjNjMjYtM2ViZC03YjRmLWJmM2YtNjY1N2U3ODdiNDYz"

	### Get permissions for single user
	POST https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
	Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1
	Authorization: Basic {{base64EncodedPat}}

	{
	"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"],
	"dataProviderContext": {
	"properties": {
	"subjectDescriptor": {{userSubjectDescriptor}},
	"sourcePage": {
	"routeId": "ms.vss-admin-web.project-admin-hub-route",
	"routeValues": {
	"project": {{projectId}},
	"adminPivot": "permissions",
	"controller": "ContributedPage",
	"action": "Execute"
	}
	}
	}
	}
	}

	### Get permissions for single group
	POST https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
	Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1
	Authorization: Basic {{base64EncodedPat}}

	{
	"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"],
	"dataProviderContext": {
	"properties": {
	"subjectDescriptor": {{groupSubjectDescriptor}},
	"sourcePage": {
	"routeId": "ms.vss-admin-web.project-admin-hub-route",
	"routeValues": {
	"project": {{projectId}},
	"adminPivot": "permissions",
	"controller": "ContributedPage",
	"action": "Execute"
	}
	}
	}
	}
	}