Last active
January 18, 2023 07:32
-
-
Save MoimHossain/16d6ca434203b3eb2906ea8bc366ba50 to your computer and use it in GitHub Desktop.
AzDO API to get user permission in a project
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@projectName = "Platform" | |
@projectId = 1853c648-0f7d-4f1e-80ab-fd1ecd333520 | |
@scopeDescriptor = scp.NjNlMTM4ODctZmZiNi00MTkxLTk3ZjYtODM0MmRiM2YzZjll | |
### Get scop descriptor for project | |
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Descriptors/{{projectId}} HTTP/1.1 | |
content-type: application/json; charset=utf-8; api-version=5.2-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
### Get specific user from system; which will return the subject descriptor | |
GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue=moim_hossain@hotmail.com&queryMembership=None&api-version=7.1-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
### Get all users for project (get specific user is efficient, as get all users can yield large result and required pagination which is not covered in this example) | |
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Users?scopeDescriptor={{scopeDescriptor}} HTTP/1.1 | |
content-type: application/json; charset=utf-8; api-version=5.2-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
@filterValue = %5BPlatform%5D%5CBuild%20Administrators | |
### Get specific group from system; which will return the subject descriptor. Note: filterValue is url encoded and it | |
### requires the group name to be in the format [ProjectName]\GroupName | |
GET https://{{graphHost}}/{{organization}}/_apis/identities?searchFilter=General&filterValue={{filterValue}}&queryMembership=None&api-version=7.1-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
### Get all groups for project (get specific group is efficient, as get all users can yield large result and required pagination which is not covered in this example) | |
GET https://{{graphHost}}/{{organization}}/_apis/Graph/Groups?scopeDescriptor={{scopeDescriptor}} HTTP/1.1 | |
content-type: application/json; charset=utf-8; api-version=5.2-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
### From above 2 requests we can get the subject descriptor for a user or group | |
### which we will use in the next request to get the permissions for a user or group | |
@userSubjectDescriptor = "svc.NDlmYmI5MzAtYjRjZS00ZTUyLWIzNDAtY2Q3Mjk0OGMyNzZkOkJ1aWxkOjhjNjFlMDc1LWYwNzUtNDIyOS1iY2NiLTIxZmVkNDVlYjkyZg" | |
@groupSubjectDescriptor = "aad.ZTBmZjNjMjYtM2ViZC03YjRmLWJmM2YtNjY1N2U3ODdiNDYz" | |
### Get permissions for single user | |
POST https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1 | |
Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
{ | |
"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"], | |
"dataProviderContext": { | |
"properties": { | |
"subjectDescriptor": {{userSubjectDescriptor}}, | |
"sourcePage": { | |
"routeId": "ms.vss-admin-web.project-admin-hub-route", | |
"routeValues": { | |
"project": {{projectId}}, | |
"adminPivot": "permissions", | |
"controller": "ContributedPage", | |
"action": "Execute" | |
} | |
} | |
} | |
} | |
} | |
### Get permissions for single group | |
POST https://{{host}}/{{organization}}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1 | |
Content-Type: application/json; charset=utf-8; api-version=5.0-preview.1 | |
Authorization: Basic {{base64EncodedPat}} | |
{ | |
"contributionIds": ["ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider"], | |
"dataProviderContext": { | |
"properties": { | |
"subjectDescriptor": {{groupSubjectDescriptor}}, | |
"sourcePage": { | |
"routeId": "ms.vss-admin-web.project-admin-hub-route", | |
"routeValues": { | |
"project": {{projectId}}, | |
"adminPivot": "permissions", | |
"controller": "ContributedPage", | |
"action": "Execute" | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment