堆栈内存溢出
  简体   繁体   English

Azure devops,如何找到所有有权删除存储库的用户和组?

[英]Azure devops, how to I find all users and groups who have permission to delete a repository?

 原文  2019-11-20 22:13:24       azure/ azure-devops

问题描述

Well one way could be to go to the project setting and then click repository and then一种方法可能是 go 到项目设置,然后单击存储库,然后

  • check all the groups it has,检查它拥有的所有组,
  • Read into each group and identify the ones have access to delete repository阅读每个组并确定有权删除存储库的组
  • Then go into that that group and find members然后 go 进入那个组并找到成员
  • if member is user: store/list/write-down (may be in excel)如果成员是用户:存储/列表/写下(可能在 excel 中)
  • else if member is group, go recursively inside it to find all users it may have否则,如果成员是组,则 go 在其中递归查找它可能拥有的所有用户

But that's quite a manual process.但这是一个相当手动的过程。 I am looking for a azure CLI or rest api on which I can query and it gives me back the results.我正在寻找可以查询的 azure CLI 或 rest api 并返回结果。 Something like SQL: find all users on repository=xyz where permission=delete像 SQL 之类的东西:在存储库 = xyz 上找到所有用户,其中权限 = 删除

The intent is to create a periodic audit process.目的是创建一个定期审计过程。

1 个解决方案

解决方案1
 1  2019-11-21 08:09:42

But that's quite a manual process.但这是一个相当手动的过程。 I am looking for a azure CLI or rest api on which I can query and it gives me back the results.我正在寻找可以查询的 azure CLI 或 rest api 并返回结果。

I am afraid we could not achieve it by rest api at this moment.恐怕我们目前无法通过 rest api 实现它。

That because there is no such REST API to set version control permissions (including git repo).那是因为没有 REST API 来设置版本控制权限(包括 git repo)。 There is a user voice about it on our main forum for product suggestions:在我们的产品建议主论坛上有一个用户的声音:

Set version control permissions by REST API 通过 REST API 设置版本控制权限

You could vote and add your comments for this feedback.您可以对此反馈进行投票并添加您的评论。 When there are enough communities vote and add comments for this feedback, the product team member will take this feedback seriously.当有足够多的社区对此反馈进行投票并添加评论时,产品团队成员将认真对待此反馈。

Even if we have that API, there is still a long way to go to complete it.即使我们有API,距离go还有很长的路要走。 First, we need to traverse all the eligible groups and users according to the condition Delete repository=Allow , then filter the groups from the result of the traversal, and call the API according to the filtered group ID to get the users in the group.首先,我们需要根据条件Delete repository=Allow遍历所有符合条件的组和用户,然后从遍历结果中过滤组,根据过滤后的组 ID 调用 API 获取组中的用户。 Last, we still have to merge those duplicate user names.最后,我们仍然需要合并那些重复的用户名。 So, this should be a long way to do it.所以,这应该是一个很长的路要走。

Hope this helps.希望这可以帮助。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何限制项目参与者删除 Azure Devops 中的变量组/变量 - How to restrict Project Contributers to delete Variable Groups/Variables in Azure Devops 获取与某个构建定义关联的所有安全组和用户 [Azure-Devops] - Get all security groups and users associated with a certain build definition[Azure-Devops] 如何保护Azure DevOps存储库 - How to secure Azure DevOps repository 如何从 Azure DevOps Feed 中删除 nuget 的所有版本? - How do I delete all versions of a nuget from a Azure DevOps Feed? 自动更改安全组的 Azure DevOps 存储库的权限 - Automation of changing permission of Azure DevOps repository for a security group 如何删除除一个之外的所有 Azure 资源组 - How to delete all Azure resource groups except one 如何在 Azure DevOps 中导入任务组 - How to import task groups in Azure DevOps 如何导出多个 Azure DevOps 变量组? - How to export multiple Azure DevOps Variable Groups? 如何查找一个用户拥有的所有 Azure AAD 组? - How do I find all Azure AAD groups owned by one user? Azure Devops Agent没有创建服务端点的权限(如何分配权限) - Azure Devops Agent doesnt have permission to create a Service Endpoint (how do you allocate permissions)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM