stackoom
  简体   繁体   中英

TFS API - how do I return only projects that an authenticated user has permissions to, instead of the whole list?

 原文  2013-02-27 22:51:29       c#/ tfs/ tfs-sdk

Question

I'm currently returning a list of projects from TFS using the api. 

var tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri("some URI"));
var store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));
var projects = store.Projects

This works fine. However, it returns our full list of TFS Team Projects for every user. Is there a way to return or filter the list such that only the projects a particular user has access to are returned?

This is using TFS 2010.

2 answers

solution1
 6  2013-02-27 23:06:58

In TFS 2010, I believe you can do this by impersonating the user you are interested in when making your calls.

The TFS 2010 API allows (properly authorized) applications to "impersonate" any valid user you want and take action as that user. This is "authorization" impersonation -- you are not authenticating as another user, so there's no password entry, but you are taking action "on behalf of" another user. There's a specific permission you need to have to do this, so your application would need to be actually run as a user with the "Make requests on behalf of other users" permission.

Once that's done, the code is pretty simple. You extract the identity you want from your TPC then create a second "impersonated" one under a different context, and use that second context for your actual work: 

var tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri("some URI"));
var identityService = tfs.GetService<IIdentityManagementService>();
var identity = identity = identityService.ReadIdentity(
        IdentitySearchFactor.AccountName,
        "someuser", 
        MembershipQuery.None, 
        ReadIdentityOptions.None);

var userTfs = new TfsTeamProjectCollection(tfs.Uri, identity.Descriptor);

Any action you take on userTfs will be done as if the specified username did it; this allows you to query for projects, queue builds, etc. on behalf of other users.

solution2
 1  2013-02-28 11:12:49

If you add using System.net then you can use the credential cache and pass the default credentials of the current user to TFS when getting the collection 

using (var tfs = new TfsTeamProjectCollection(tfsUri, CredentialCache.DefaultCredentials))
            {
                var store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));
                var projects = store.Projects                
            }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I get a list of connected TFS projects in Visual Studio? How to connect with TFS and get list of projects for a specific user How do I troubleshoot Web API projects? How do I pass a variable to every controller after a user is authenticated How to check if user is authenticated in Web API 2 Web API has no session - need to check if user is authenticated How do i modify the codes so that in the method getProductTransaction, I return a list of transactions instead of a single transaction how do i make it so that instead of names already being in the array that the user has to input names into the array? How do I move a TFS file with c# API? How do I grab user info from Microsoft Graph for authenticated user using Azure mobile app backend?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM