我正在尝试以编程方式检索团队的管理员用户。
例如,在图片中的设置中,如何让'Billy'成为团队'QC Manager'的管理员?
我已经拥有通过IIdentityManagementService的ListApplicationGroups获取团队中所有用户的代码,使用FirstOrDefault获取组...然后通过ReadIdentities获取其用户。
我在Team Web Access程序集中做了一些讨论,这似乎只在服务器端可用(没有Rest或Client Object Model选项可用)。代码如下所示:
TeamFoundationIdentity identity;
string token = service.GetSecurableToken(requestContext, teamIdentity.Descriptor, out identity);
AccessControlList list = requestContext.GetService<SecurityService>().QueryAccessControlLists(requestContext, FrameworkSecurity.IdentitiesNamespaceId, token, null, false, false).FirstOrDefault<AccessControlList>();
List<IdentityDescriptor> list2 = new List<IdentityDescriptor>();
if (list != null)
{
foreach (AccessControlEntry entry in list.AccessControlEntries)
{
if ((entry.Allow & 8) == 8)
{
list2.Add(entry.Descriptor);
}
}
}
return service.ReadIdentities(requestContext, list2.ToArray());
GetSecurableToken的位置如下:
internal static string CreateSecurityToken(TeamFoundationIdentity group)
{
return (group.GetAttribute(IdentityAttributeTags.LocalScopeId, string.Empty) + FrameworkSecurity.IdentitySecurityPathSeparator + group.TeamFoundationId.ToString());
}
从这里你应该能够拼凑代码来读取和写入这些列表。要去寻找自己,请寻找Microsoft.TeamFoundation.Server.Core.dll,类Microsoft.TeamFoundation.Server.Core.TeamFoundationTeamService具体。
如果你能够把它重写成有用的东西我会很感激并且可能会把它粘在TfsTeamTools上,此刻我没有太多时间来接受它。
发现此帖子TFS11 API: Managing Team Administrators;我复制代码以便于参考,请参阅原始帖子以获取完整信息。
static void Main(string[] args)
{
// Connect to the TFS server and get the team project URI.
var collection = GetServer("server_uri");
var projectUri = GetProjectUri(collection, "project_name");
// Retrieve the default team.
TfsTeamService teamService = collection.GetService<TfsTeamService>();
TeamFoundationTeam defaultTeam = teamService.GetDefaultTeam(projectUri, null);
// Get security namespace for the project collection.
ISecurityService securityService = collection.GetService<ISecurityService>();
SecurityNamespace securityNamespace = securityService.GetSecurityNamespace(FrameworkSecurity.IdentitiesNamespaceId);
// Use reflection to retrieve a security token for the team.
MethodInfo mi = typeof(IdentityHelper).GetMethod("CreateSecurityToken", BindingFlags.Static | BindingFlags.NonPublic);
string token = mi.Invoke(null, new object[] { defaultTeam.Identity }) as string;
// Retrieve an ACL object for all the team members.
var allMembers = defaultTeam.GetMembers(collection, MembershipQuery.Expanded).Where(m => !m.IsContainer);
AccessControlList acl = securityNamespace.QueryAccessControlList(token, allMembers.Select(m => m.Descriptor), true);
// Retrieve the team administrator SIDs by querying the ACL entries.
var entries = acl.AccessControlEntries;
var admins = entries.Where(e => (e.Allow & 15) == 15).Select(e => e.Descriptor.Identifier);
// Finally, retrieve the actual TeamFoundationIdentity objects from the SIDs.
var adminIdentities = allMembers.Where(m => admins.Contains(m.Descriptor.Identifier));
}