|
9 | 9 | Set-ADOPermission -Organization MyOrganization -Project MyProject -PersonalAccessToken $pat |
10 | 10 | .Link |
11 | 11 | https://docs.microsoft.com/en-us/rest/api/azure/devops/security/access%20control%20entries/set%20access%20control%20entries |
| 12 | + .Link |
| 13 | + https://docs.microsoft.com/en-us/azure/devops/organizations/security/namespace-reference |
12 | 14 | #> |
13 | 15 | [CmdletBinding(SupportsShouldProcess,ConfirmImpact='High')] |
14 | 16 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("Test-ForParameterSetAmbiguity", "", Justification="Ambiguity Desired.")] |
|
23 | 25 | # The Project ID. |
24 | 26 | # If this is provided without anything else, will get permissions for the projectID |
25 | 27 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='Project')] |
| 28 | + [Parameter(ValueFromPipelineByPropertyName,ParameterSetName='Analytics')] |
| 29 | + [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='AreaPath')] |
| 30 | + [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='Dashboard')] |
| 31 | + [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='IterationPath')] |
26 | 32 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='Tagging')] |
27 | 33 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='ManageTFVC')] |
28 | 34 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='BuildDefinition')] |
|
33 | 39 | [string] |
34 | 40 | $ProjectID, |
35 | 41 |
|
| 42 | + # If provided, will set permissions related to a given teamID. ( see Get-ADOTeam) |
| 43 | + [Parameter(ValueFromPipelineByPropertyName,ParameterSetName='Dashboard')] |
| 44 | + [string] |
| 45 | + $TeamID, |
| 46 | + |
| 47 | + # If provided, will set permissions related to an Area Path. ( see Get-ADOAreaPath ) |
| 48 | + [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='AreaPath')] |
| 49 | + [string] |
| 50 | + $AreaPath, |
| 51 | + |
| 52 | + # If provided, will set permissions related to an Iteration Path. ( see Get-ADOIterationPath ) |
| 53 | + [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='IterationPath')] |
| 54 | + [string] |
| 55 | + $IterationPath, |
| 56 | + |
36 | 57 | # The Build Definition ID |
37 | 58 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='BuildDefinition')] |
38 | 59 | [string] |
|
41 | 62 | # The path to the build. |
42 | 63 | [Parameter(ValueFromPipelineByPropertyName,ParameterSetName='BuildDefinition')] |
43 | 64 | [string] |
44 | | - $Path ='/', |
| 65 | + $BuildPath ='/', |
45 | 66 |
|
46 | 67 | # If set, will set build and release permissions for a given project. |
47 | 68 | [Parameter(Mandatory,ValueFromPipelineByPropertyName,ParameterSetName='BuildPermission')] |
|
184 | 205 | $ProgressPreference = $oldProgressPref |
185 | 206 | if (-not $ProjectID) { return } |
186 | 207 | } |
| 208 | + $psBoundParameters['ParameterSet']='accesscontrolentries/{NamespaceId}' |
187 | 209 | switch -Regex ($psCmdlet.ParameterSetName) { |
188 | 210 | Project { |
189 | 211 | $null = $PSBoundParameters.Remove('ProjectID') |
190 | | - $q.Enqueue(@{ |
191 | | - ParameterSet='accesscontrolentries/{NamespaceId}' |
| 212 | + $q.Enqueue(@{ |
192 | 213 | NamespaceID = '52d39943-cb85-4d7f-8fa8-c6baac873819' |
193 | 214 | SecurityToken = "`$PROJECT:vstfs:///Classification/TeamProject/$ProjectID" |
194 | 215 | } + $PSBoundParameters) |
195 | 216 | } |
| 217 | + Analytics { |
| 218 | + $null = $PSBoundParameters.Remove('ProjectID') |
| 219 | + $q.Enqueue(@{ |
| 220 | + NamespaceID = if ($ProjectID) { '58450c49-b02d-465a-ab12-59ae512d6531' } else { 'd34d3680-dfe5-4cc6-a949-7d9c68f73cba'} |
| 221 | + SecurityToken = "`$/$(if ($ProjectID) { $ProjectID } else { 'Shared' })" |
| 222 | + } + $PSBoundParameters) |
| 223 | + } |
| 224 | + 'AreaPath|IterationPath' { |
| 225 | + $gotPath = |
| 226 | + if ($psCmdlet.ParameterSetName -eq 'AreaPath') { |
| 227 | + Get-ADOAreaPath -Organization $Organization -Project $ProjectID -AreaPath $AreaPath |
| 228 | + } else { |
| 229 | + Get-ADOIterationPath -Organization $Organization -Project $ProjectID -IterationPath $iterationPath |
| 230 | + } |
| 231 | + |
| 232 | + if (-not $gotPath) { |
| 233 | + continue |
| 234 | + } |
| 235 | + $PathIdList = @( |
| 236 | + $gotPath.Identifier |
| 237 | + $parentUri = $gotPath._links.parent.href |
| 238 | + while ($parentUri) { |
| 239 | + $parentPath = Invoke-ADORestAPI -Uri $parentUri |
| 240 | + $parentPath.identifier |
| 241 | + $parentUri = $parentPath._links.parent.href |
| 242 | + } |
| 243 | + ) |
| 244 | + |
| 245 | + [Array]::Reverse($PathIdList) |
| 246 | + |
| 247 | + $null = $PSBoundParameters.Remove('ProjectID') |
| 248 | + |
| 249 | + $q.Enqueue(@{ |
| 250 | + NamespaceID = |
| 251 | + if ($psCmdlet.ParameterSetName -eq 'AreaPath') { |
| 252 | + '83e28ad4-2d72-4ceb-97b0-c7726d5502c3' |
| 253 | + } else { |
| 254 | + 'bf7bfa03-b2b7-47db-8113-fa2e002cc5b1' |
| 255 | + } |
| 256 | + SecurityToken = @(foreach($PathId in $PathIdList) { |
| 257 | + "vstfs:///Classification/Node/$PathId" |
| 258 | + }) -join ':' |
| 259 | + } + $PSBoundParameters) |
| 260 | + } |
| 261 | + Dashboard { |
| 262 | + $null = $PSBoundParameters.Remove('ProjectID') |
| 263 | + $q.Enqueue(@{ |
| 264 | + NamespaceID = '8adf73b7-389a-4276-b638-fe1653f7efc7' |
| 265 | + SecurityToken = "$/$(if ($ProjectID) { $ProjectID })/$(if ($teamID) { $teamid } else { [guid]::Empty } )" |
| 266 | + } + $PSBoundParameters) |
| 267 | + } |
| 268 | + Plan { |
| 269 | + $q.Enqueue(@{ |
| 270 | + NamespaceID = 'bed337f8-e5f3-4fb9-80da-81e17d06e7a8' |
| 271 | + SecurityToken = "Plan" |
| 272 | + } + $PSBoundParameters) |
| 273 | + } |
196 | 274 | Tagging { |
197 | | - $q.Enqueue(@{ |
198 | | - ParameterSet='accesscontrolentries/{NamespaceId}' |
| 275 | + $q.Enqueue(@{ |
199 | 276 | NamespaceID = 'bb50f182-8e5e-40b8-bc21-e8752a1e7ae2' |
200 | 277 | SecurityToken = "/$ProjectID" |
201 | 278 | } + $PSBoundParameters) |
202 | 279 | } |
203 | 280 | ManageTFVC { |
204 | | - $q.Enqueue(@{ |
205 | | - ParameterSet='accesscontrolentries/{NamespaceId}' |
| 281 | + $q.Enqueue(@{ |
206 | 282 | NamespaceID = 'a39371cf-0841-4c16-bbd3-276e341bc052' |
207 | 283 | SecurityToken = "/$ProjectID" |
208 | 284 | } + $PSBoundParameters) |
209 | 285 | } |
| 286 | + 'BuildDefinition|BuildPermission' { |
| 287 | + |
| 288 | + $q.Enqueue(@{ |
| 289 | + NamespaceID = 'a39371cf-0841-4c16-bbd3-276e341bc052' |
| 290 | + SecurityToken = "$ProjectID$(($BuildPath -replace '\\','/').TrimEnd('/'))/$DefinitionID" |
| 291 | + } + $PSBoundParameters) |
| 292 | + $q.Enqueue(@{ |
| 293 | + NamespaceID = 'c788c23e-1b46-4162-8f5e-d7585343b5de' |
| 294 | + SecurityToken = "$ProjectID$(($BuildPath -replace '\\','/').TrimEnd('/'))/$DefinitionID" |
| 295 | + } + $PSBoundParameters) |
| 296 | + } |
210 | 297 | 'RepositoryID|AllRepositories|ProjectRepository' { |
211 | | - $q.Enqueue(@{ |
212 | | - ParameterSet='accesscontrolentries/{NamespaceId}' |
| 298 | + $q.Enqueue(@{ |
213 | 299 | NamespaceID = '2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87' |
214 | 300 | SecurityToken = "repo$( |
215 | 301 | if ($psCmdlet.ParameterSetName -eq 'AllRepositories') {'s'})V2$( |
|
0 commit comments