Home > database >  Azure DevOps user access filtering
Azure DevOps user access filtering

Time:11-25

We have a requirement in my project where we need to find out the repository access for users in Azure DevOps using cli.

We were able to find out the top-level access for all the users, using this CLI command as provided in the official azure-cli documents.

Command-1

az devops user list --org {Organisation-Name} --query members[].[username,emailid,accesslevel] -o table

The above command returns the following output:

Username     EmailId             AccessLevel
------------------------------------------
John Doe     [email protected]    Basic
Rick Stein   [email protected]  Stakeholder
....

Next using the user's email-id extracted from the list above, we are able to find out the granular level of repository access for each individual user as follows:

Command #2:

az devops user show --org {Organisation Name} --user [email protected] --query "[Username:user.name,ProjectRepoName:repo.access]"

The corresponding output -

{
  "Username": "John Doe",
  "ProjectRepoName": [
     "Develop.Env1",
     "Test.Env3",
     "UAT.Env2"
  ]
}

This activity gives the required data on an individual user level. However, we want the data for all the users that are provided by the user list from command one as mentioned above.

Is there a way in which we can combine both the az devops user list & az devops user show commands in a single command via a script, that would traverse all the users in the user list and for each user, using the show command provide the details of the repo access, that can then be stored as a json/table output?

Note: one approach that we can think of is- to filter out the name/email from the list generated using command-1 and pass that list in the user section of the second command. However, the user section takes only one value at a time so not sure, how can this be achieved using CLI operations.

Any help or suggestions on this is highly appreciated. Thanks in advance.

CodePudding user response:

The resolution of this issue was by using the foreach loop logic and making use of the appropriate format for filtering the output for command one.

The snippet of the working code-

.......
$listOfMails = (az devops user list --org {Organisation-Name} --query members[].emailid -o table)

foreach($email in $listOfEmails)
{
    (az devops user show --org {Organisation Name} --user ($email) --query "[Username:user.name,ProjectRepoName:repo.access]")
}
...

This resulted in the successful extraction of data, as per requirement.

Page link:https//www.codepudding.com/database/203783.html

Prev:How to define a 128-bit variable, or larger, in Powershell?
Next:How to fix list comprehension 'bitwise_and' error and optimize for-loop?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding