Permissions calculator for Azure devops security model

Alexey Melezhik - Oct 23 '19 - - Dev Community

Brand new Sparrow6 plugin Ado-permissions-calculator enables user friendly API to deal with Azure devops security model calculations.

The plugins is very handy for people doing automation to manage Azure devops permissions for various kinds of objects ( Git, Pipelines, Libraries )

Install

s6 --install ado-permissions-calculator

Usage

Following are some typical use cases, follow the documentation to know more.

List namespaces

s6 --plg-run ado-permissions-calculator

18:09:53 10/23/2019 [task-cli] run plg ado-permissions-calculator
18:09:53 10/23/2019 [task-cli] run thing ado-permissions-calculator
18:10:00 10/23/2019 [ado-permissions-calculator] Analytics
18:10:00 10/23/2019 [ado-permissions-calculator] AnalyticsViews
18:10:00 10/23/2019 [ado-permissions-calculator] AuditLog
18:10:00 10/23/2019 [ado-permissions-calculator] PipelineCachePrivileges
18:10:00 10/23/2019 [ado-permissions-calculator] ReleaseManagement
18:10:00 10/23/2019 [ado-permissions-calculator] ReleaseManagement
18:10:00 10/23/2019 [ado-permissions-calculator] Identity
18:10:00 10/23/2019 [ado-permissions-calculator] WorkItemTrackingAdministration
18:10:00 10/23/2019 [ado-permissions-calculator] DistributedTask
18:10:00 10/23/2019 [ado-permissions-calculator] WorkItemQueryFolders
18:10:00 10/23/2019 [ado-permissions-calculator] Git Repositories

... output truncated ... 

18:10:01 10/23/2019 [ado-permissions-calculator] Social
18:10:01 10/23/2019 [ado-permissions-calculator] Security
18:10:01 10/23/2019 [ado-permissions-calculator] IdentityPicker
18:10:01 10/23/2019 [ado-permissions-calculator] ServicingOrchestration
18:10:01 10/23/2019 [ado-permissions-calculator] Build
18:10:01 10/23/2019 [ado-permissions-calculator] DashboardsPrivileges
18:10:01 10/23/2019 [ado-permissions-calculator] VersionControlItems
Enter fullscreen mode Exit fullscreen mode

List permissions for Library

s6 --plg-run ado-permissions-calculator@namespace=Library

18:10:30 10/23/2019 [task-cli] run thing ado-permissions-calculator
18:10:42 10/23/2019 [ado-permissions-calculator] Name         Permission Description     Permission Bit
18:10:42 10/23/2019 [ado-permissions-calculator] -----------  -------------------------  ----------------
18:10:42 10/23/2019 [ado-permissions-calculator] View         View library item          1
18:10:42 10/23/2019 [ado-permissions-calculator] Administer   Administer library item    2
18:10:42 10/23/2019 [ado-permissions-calculator] Create       Create library item        4
18:10:42 10/23/2019 [ado-permissions-calculator] ViewSecrets  View library item secrets  8
18:10:42 10/23/2019 [ado-permissions-calculator] Use          Use library item           16
18:10:42 10/23/2019 [ado-permissions-calculator] Owner        Owner library item         32
Enter fullscreen mode Exit fullscreen mode

Calculate all permissions for Library

s6 --plg-run ado-permissions-calculator@namespace=Library,actions=all

18:14:21 10/23/2019 [task-cli] run plg ado-permissions-calculator@namespace=Library,actions=all
18:14:21 10/23/2019 [task-cli] run thing ado-permissions-calculator
18:14:35 10/23/2019 [ado-permissions-calculator] Name         Permission Description     Permission Bit
18:14:35 10/23/2019 [ado-permissions-calculator] -----------  -------------------------  ----------------
18:14:35 10/23/2019 [ado-permissions-calculator] View         View library item          1
18:14:35 10/23/2019 [ado-permissions-calculator] Administer   Administer library item    2
18:14:35 10/23/2019 [ado-permissions-calculator] Create       Create library item        4
18:14:35 10/23/2019 [ado-permissions-calculator] ViewSecrets  View library item secrets  8
18:14:36 10/23/2019 [ado-permissions-calculator] Use          Use library item           16
18:14:36 10/23/2019 [ado-permissions-calculator] Owner        Owner library item         32
18:14:40 10/23/2019 [ado-permissions-calculator] ===
18:14:40 10/23/2019 [ado-permissions-calculator] actions: "all"
18:14:40 10/23/2019 [ado-permissions-calculator] sum: 63
Enter fullscreen mode Exit fullscreen mode

Calculate CreateTag, CreateBranch permissions for Git Repositories

s6 --plg-run ado-permissions-calculator@namespace=GitRepositories,actions=CreateTag:CreateBranch

18:13:35 10/23/2019 [task-cli] run plg ado-permissions-calculator@namespace=GitRepositories,actions=CreateTag:CreateBranch
18:13:35 10/23/2019 [task-cli] run thing ado-permissions-calculator
18:13:49 10/23/2019 [ado-permissions-calculator] Name                     Permission Description                                  Permission Bit
18:13:49 10/23/2019 [ado-permissions-calculator] -----------------------  ------------------------------------------------------  ----------------
18:13:49 10/23/2019 [ado-permissions-calculator] Administer               Administer                                              1
18:13:49 10/23/2019 [ado-permissions-calculator] GenericRead              Read                                                    2
18:13:49 10/23/2019 [ado-permissions-calculator] GenericContribute        Contribute                                              4
18:13:49 10/23/2019 [ado-permissions-calculator] ForcePush                Force push (rewrite history, delete branches and tags)  8
18:13:49 10/23/2019 [ado-permissions-calculator] CreateBranch             Create branch                                           16
18:13:49 10/23/2019 [ado-permissions-calculator] CreateTag                Create tag                                              32
18:13:49 10/23/2019 [ado-permissions-calculator] ManageNote               Manage notes                                            64
18:13:49 10/23/2019 [ado-permissions-calculator] PolicyExempt             Bypass policies when pushing                            128
18:13:49 10/23/2019 [ado-permissions-calculator] CreateRepository         Create repository                                       256
18:13:49 10/23/2019 [ado-permissions-calculator] DeleteRepository         Delete repository                                       512
18:13:50 10/23/2019 [ado-permissions-calculator] RenameRepository         Rename repository                                       1024
18:13:50 10/23/2019 [ado-permissions-calculator] EditPolicies             Edit policies                                           2048
18:13:50 10/23/2019 [ado-permissions-calculator] RemoveOthersLocks        Remove others' locks                                    4096
18:13:50 10/23/2019 [ado-permissions-calculator] ManagePermissions        Manage permissions                                      8192
18:13:50 10/23/2019 [ado-permissions-calculator] PullRequestContribute    Contribute to pull requests                             16384
18:13:50 10/23/2019 [ado-permissions-calculator] PullRequestBypassPolicy  Bypass policies when completing pull requests           32768
18:13:56 10/23/2019 [ado-permissions-calculator] ===
18:13:56 10/23/2019 [ado-permissions-calculator] actions: [
18:13:56 10/23/2019 [ado-permissions-calculator]     "CreateTag",
18:13:56 10/23/2019 [ado-permissions-calculator]     "CreateBranch"
18:13:57 10/23/2019 [ado-permissions-calculator] ]
18:13:57 10/23/2019 [ado-permissions-calculator] sum: 48
Enter fullscreen mode Exit fullscreen mode

Use pragramatic API

One can run the plugin using modern and shiny Raku programming language as well.


# Calculate View, Create permissions for Library
task-run "permissions sum", "ado-permissions-calculator", %(
    namespace => "Library",
    actions => qqw{View Create)
);
Enter fullscreen mode Exit fullscreen mode

Documentation

Ado-permissions-calculator

Thank you for reading.

Image
Check Out: How Wheelchair Self Propelled Is Gaining Ground, And What To Do About It
Image
20 Resources That'll Make You Better At Gas Boiler Engineer Near Me
Image
10 Signs To Watch For To Get A New Personal Injury Lawyer
Image
The Most Significant Issue With Gas Central Heating Engineer Near Me, And What You Can Do To Fix It
Image
واتراستاپ استخر و نحوه استفاده از ان
Image
Adding a Cat Flap to Your Bifold Doors
Image
The Best Way To Explain Asbestos Lawsuit Settlements To Your Boss
Image
Are Essay Writer Generators Reliable? A Deep Dive into AI Writing Tools

ai
Image
10 Wrong Answers To Common Asbestos Class Action Lawsuit Questions Do You Know The Correct Ones?
Image
Raspberry Pi 4B: Natively Build a 64 Bit Fully Preemptible Kernel (Real-Time) with Desktop

raspberrypi, preempt, rt, kernel
Image
JavaScript is the best in 2024
Image
10 Meetups About Car Keys Repair You Should Attend
Image
The Top 5 Reasons Why People Are Successful At The Car Keys Lost Industry
Image
15 Reasons You Shouldn't Overlook Repair Car Keys
Image
Arquitectura de Software: ¿Por Qué y Cómo Documentar Eficazmente?

arquitecturadesoftware, documentacióntécnica, buenasprácticas, desarrollodesoftware
Image
Watch Out: How Asbestos Lawyer Is Taking Over And What Can We Do About It
Image
New in EasyAdmin: Pretty URLs

easyadmin, symfony, php
Image
20 Resources To Make You Better At Repairing Bifold Doors
Image
Lost Keys Tools To Make Your Daily Life
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player