Azure DevOps 通过 Rest Api 访问控制列表设置权限
Azure DevOps set permissions via Rest Api Access Control List
我正在尝试使用具有项目权限命名空间的 ACL 来设置权限。在请求 bodyInfo 中,我将“16”传递给允许,这样我将允许该组的 Administer Build (16) 权限,但没有任何反应。
$securityNamespaceId = "52d39943-cb85-4d7f-8fa8-c6baac873819"
$groupDesc = "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-3474010476-3658975049-2966243200-2961816057-1-3769221364-1224424009-2749800435-4143997070"
$projectId = "12313142-eec0-4c3d-b9b5-44d0c3973b3e"
$token = "`$PROJECT:vstfs:///Classification/TeamProject/$($projectId)"
$allowMask = 16
$denyMask = 0
$bodyInfo = @"
{
"token": "$Token",
"merge": false,
"accessControlEntries": [
{
"descriptor": "$groupDesc",
"allow": $AllowMask,
"deny": $DenyMask,
"extendedinfo": {}
}
]
}
"@
$uri = "https://dev.azure.com/{organization}/_apis/accesscontrolentries/52d39943-cb85-4d7f-8fa8-c6baac873819?api-version=5.0"
$result = (Invoke-RestMethod -Method Post -Uri $uri -Body $bodyInfo -Headers $headers -ContentType "application/json")
计数值
1 {@{descriptor=Microsoft.TeamFoundation.Identity;S-1-9-1551374245-3474010476-3658975049-2966243200-2961816057-1-3769221364-1224424009-2749800435-4143997070; allow=16; deny=0}}
bit name displayName namespaceId
--- ---- ----------- -----------
1 GENERIC_READ View project-level information 52d39943-cb85-4d7f-8fa8-c6baac873819
2 GENERIC_WRITE Edit project-level information 52d39943-cb85-4d7f-8fa8-c6baac873819
4 DELETE Delete team project 52d39943-cb85-4d7f-8fa8-c6baac873819
8 PUBLISH_TEST_RESULTS Create test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
16 ADMINISTER_BUILD Administer a build 52d39943-cb85-4d7f-8fa8-c6baac873819
32 START_BUILD Start a build 52d39943-cb85-4d7f-8fa8-c6baac873819
64 EDIT_BUILD_STATUS Edit build quality 52d39943-cb85-4d7f-8fa8-c6baac873819
128 UPDATE_BUILD Write to build operational store 52d39943-cb85-4d7f-8fa8-c6baac873819
256 DELETE_TEST_RESULTS Delete test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
512 VIEW_TEST_RESULTS View test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
2048 MANAGE_TEST_ENVIRONMENTS Manage test environments 52d39943-cb85-4d7f-8fa8-c6baac873819
4096 MANAGE_TEST_CONFIGURATIONS Manage test configurations 52d39943-cb85-4d7f-8fa8-c6baac873819
8192 WORK_ITEM_DELETE Delete and restore work items 52d39943-cb85-4d7f-8fa8-c6baac873819
16384 WORK_ITEM_MOVE Move work items out of this project 52d39943-cb85-4d7f-8fa8-c6baac873819
32768 WORK_ITEM_PERMANENTLY_DELETE Permanently delete work items 52d39943-cb85-4d7f-8fa8-c6baac873819
65536 RENAME Rename team project 52d39943-cb85-4d7f-8fa8-c6baac873819
131072 MANAGE_PROPERTIES Manage project properties 52d39943-cb85-4d7f-8fa8-c6baac873819
262144 MANAGE_SYSTEM_PROPERTIES Manage system project properties 52d39943-cb85-4d7f-8fa8-c6baac873819
524288 BYPASS_PROPERTY_CACHE Bypass project property cache 52d39943-cb85-4d7f-8fa8-c6baac873819
1048576 BYPASS_RULES Bypass rules on work item updates 52d39943-cb85-4d7f-8fa8-c6baac873819
2097152 SUPPRESS_NOTIFICATIONS Suppress notifications for work item updates 52d39943-cb85-4d7f-8fa8-c6baac873819
4194304 UPDATE_VISIBILITY Update project visibility 52d39943-cb85-4d7f-8fa8-c6baac873819
8388608 CHANGE_PROCESS Change process of team project. 52d39943-cb85-4d7f-8fa8-c6baac873819
16777216 AGILETOOLS_BACKLOG Agile backlog management. 52d39943-cb85-4d7f-8fa8-c6baac873819
在您的脚本中,您想使用 project-level 令牌来修改构建安全中的管理构建权限。
我在postman上测试了一下,发现使用project-level token修改build security权限,响应状态为200,但是在UI中,权限实际上没有changed.You可以试试使用 build-level 令牌更改构建安全权限。
希望这对您有所帮助。
我正在尝试使用具有项目权限命名空间的 ACL 来设置权限。在请求 bodyInfo 中,我将“16”传递给允许,这样我将允许该组的 Administer Build (16) 权限,但没有任何反应。
$securityNamespaceId = "52d39943-cb85-4d7f-8fa8-c6baac873819"
$groupDesc = "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-3474010476-3658975049-2966243200-2961816057-1-3769221364-1224424009-2749800435-4143997070"
$projectId = "12313142-eec0-4c3d-b9b5-44d0c3973b3e"
$token = "`$PROJECT:vstfs:///Classification/TeamProject/$($projectId)"
$allowMask = 16
$denyMask = 0
$bodyInfo = @"
{
"token": "$Token",
"merge": false,
"accessControlEntries": [
{
"descriptor": "$groupDesc",
"allow": $AllowMask,
"deny": $DenyMask,
"extendedinfo": {}
}
]
}
"@
$uri = "https://dev.azure.com/{organization}/_apis/accesscontrolentries/52d39943-cb85-4d7f-8fa8-c6baac873819?api-version=5.0"
$result = (Invoke-RestMethod -Method Post -Uri $uri -Body $bodyInfo -Headers $headers -ContentType "application/json")
计数值
1 {@{descriptor=Microsoft.TeamFoundation.Identity;S-1-9-1551374245-3474010476-3658975049-2966243200-2961816057-1-3769221364-1224424009-2749800435-4143997070; allow=16; deny=0}}
bit name displayName namespaceId
--- ---- ----------- -----------
1 GENERIC_READ View project-level information 52d39943-cb85-4d7f-8fa8-c6baac873819
2 GENERIC_WRITE Edit project-level information 52d39943-cb85-4d7f-8fa8-c6baac873819
4 DELETE Delete team project 52d39943-cb85-4d7f-8fa8-c6baac873819
8 PUBLISH_TEST_RESULTS Create test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
16 ADMINISTER_BUILD Administer a build 52d39943-cb85-4d7f-8fa8-c6baac873819
32 START_BUILD Start a build 52d39943-cb85-4d7f-8fa8-c6baac873819
64 EDIT_BUILD_STATUS Edit build quality 52d39943-cb85-4d7f-8fa8-c6baac873819
128 UPDATE_BUILD Write to build operational store 52d39943-cb85-4d7f-8fa8-c6baac873819
256 DELETE_TEST_RESULTS Delete test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
512 VIEW_TEST_RESULTS View test runs 52d39943-cb85-4d7f-8fa8-c6baac873819
2048 MANAGE_TEST_ENVIRONMENTS Manage test environments 52d39943-cb85-4d7f-8fa8-c6baac873819
4096 MANAGE_TEST_CONFIGURATIONS Manage test configurations 52d39943-cb85-4d7f-8fa8-c6baac873819
8192 WORK_ITEM_DELETE Delete and restore work items 52d39943-cb85-4d7f-8fa8-c6baac873819
16384 WORK_ITEM_MOVE Move work items out of this project 52d39943-cb85-4d7f-8fa8-c6baac873819
32768 WORK_ITEM_PERMANENTLY_DELETE Permanently delete work items 52d39943-cb85-4d7f-8fa8-c6baac873819
65536 RENAME Rename team project 52d39943-cb85-4d7f-8fa8-c6baac873819
131072 MANAGE_PROPERTIES Manage project properties 52d39943-cb85-4d7f-8fa8-c6baac873819
262144 MANAGE_SYSTEM_PROPERTIES Manage system project properties 52d39943-cb85-4d7f-8fa8-c6baac873819
524288 BYPASS_PROPERTY_CACHE Bypass project property cache 52d39943-cb85-4d7f-8fa8-c6baac873819
1048576 BYPASS_RULES Bypass rules on work item updates 52d39943-cb85-4d7f-8fa8-c6baac873819
2097152 SUPPRESS_NOTIFICATIONS Suppress notifications for work item updates 52d39943-cb85-4d7f-8fa8-c6baac873819
4194304 UPDATE_VISIBILITY Update project visibility 52d39943-cb85-4d7f-8fa8-c6baac873819
8388608 CHANGE_PROCESS Change process of team project. 52d39943-cb85-4d7f-8fa8-c6baac873819
16777216 AGILETOOLS_BACKLOG Agile backlog management. 52d39943-cb85-4d7f-8fa8-c6baac873819
在您的脚本中,您想使用 project-level 令牌来修改构建安全中的管理构建权限。 我在postman上测试了一下,发现使用project-level token修改build security权限,响应状态为200,但是在UI中,权限实际上没有changed.You可以试试使用 build-level 令牌更改构建安全权限。
希望这对您有所帮助。