TFS API - 如何獲得團隊的管理員？

Question

我正在嘗試以編程方式檢索團隊的管理員用戶 。

例如，在圖片中的設置中，如何讓'Billy'成為團隊'QC Manager'的管理員？

我已經擁有通過IIdentityManagementService的ListApplicationGroups獲取團隊中所有用戶的代碼，使用FirstOrDefault獲取組...然后通過ReadIdentities獲取其用戶。

Answer 1

我在Team Web Access程序集中做了一些討論，這似乎只在服務器端可用（沒有Rest或Client Object Model選項可用）。 代碼如下所示：

TeamFoundationIdentity identity;
string token = service.GetSecurableToken(requestContext, teamIdentity.Descriptor, out identity);
AccessControlList list = requestContext.GetService<SecurityService>().QueryAccessControlLists(requestContext, FrameworkSecurity.IdentitiesNamespaceId, token, null, false, false).FirstOrDefault<AccessControlList>();
List<IdentityDescriptor> list2 = new List<IdentityDescriptor>();
if (list != null)
{
    foreach (AccessControlEntry entry in list.AccessControlEntries)
    {
        if ((entry.Allow & 8) == 8)
        {
            list2.Add(entry.Descriptor);
        }
    }
}
return service.ReadIdentities(requestContext, list2.ToArray());

GetSecurableToken的位置如下：

internal static string CreateSecurityToken(TeamFoundationIdentity group)
{
    return (group.GetAttribute(IdentityAttributeTags.LocalScopeId, string.Empty) + FrameworkSecurity.IdentitySecurityPathSeparator + group.TeamFoundationId.ToString());
}

從這里你應該能夠拼湊代碼來讀取和寫入這些列表。 要自己四處尋找，請查找Microsoft.TeamFoundation.Server.Core.dll ，類Microsoft.TeamFoundation.Server.Core.TeamFoundationTeamService 。

如果你能夠將它改寫成有用的東西我會很感激並且可能會把它粘在TfsTeamTools上，此刻我沒有太多時間來接受它。

Answer 2

發現此帖子TFS11 API：管理團隊管理員 ; 我復制代碼以便於參考，請參閱原始帖子以獲取完整信息。

static void Main(string[] args)
{
    // Connect to the TFS server and get the team project URI.
    var collection = GetServer("server_uri");
    var projectUri = GetProjectUri(collection, "project_name");

    // Retrieve the default team.
    TfsTeamService teamService = collection.GetService<TfsTeamService>();
    TeamFoundationTeam defaultTeam = teamService.GetDefaultTeam(projectUri, null);

    // Get security namespace for the project collection.
    ISecurityService securityService = collection.GetService<ISecurityService>();
    SecurityNamespace securityNamespace = securityService.GetSecurityNamespace(FrameworkSecurity.IdentitiesNamespaceId);

    // Use reflection to retrieve a security token for the team.
    MethodInfo mi = typeof(IdentityHelper).GetMethod("CreateSecurityToken", BindingFlags.Static | BindingFlags.NonPublic);           
    string token = mi.Invoke(null, new object[] { defaultTeam.Identity }) as string;

    // Retrieve an ACL object for all the team members.
    var allMembers = defaultTeam.GetMembers(collection, MembershipQuery.Expanded).Where(m => !m.IsContainer);
    AccessControlList acl = securityNamespace.QueryAccessControlList(token, allMembers.Select(m => m.Descriptor), true);

    // Retrieve the team administrator SIDs by querying the ACL entries.
    var entries = acl.AccessControlEntries;
    var admins = entries.Where(e => (e.Allow & 15) == 15).Select(e => e.Descriptor.Identifier);

    // Finally, retrieve the actual TeamFoundationIdentity objects from the SIDs.
    var adminIdentities = allMembers.Where(m => admins.Contains(m.Descriptor.Identifier));       
}