0

I want to set Edit Build Definition permission programmatically for a TFS Group with GUID xxx in a Team Project with GUID yyy, using SecurityNamespace.SetPermissions method.

Seeing the method signature, I see the security token parameter and I don't know the value that I must pass to the method.

Here, there is my method call: 

sn.SetPermissions(securityToken, groupIdentityDescriptor, action.Bit, 0, true);

Can you help me, please?

riQQ
  • 9,878
  • 7
  • 49
  • 66
polinello
  • 27
  • 1
  • 6

1 Answers1

0

The signature for SetPermissions method is:

public abstract AccessControlEntry SetPermissions(
    string token,
    IdentityDescriptor descriptor,
    int allow,
    int deny,
    bool merge
)

Take the following snippet as example:

securityNamespace.SetPermissions("/", identity.Descriptor ,RegistryServicePermissions.AllPermissions, 0, true);
  • token paremeter we will pass / which means we will be granting access to the entire registry. If you want to grant just access to a part of the tree, this is the place to do it
  • identityDescriptor we will pass the account/group for which we will be granting the parameter (more on this later)
  • allow parameter we pass the value the value RegistryServicePermissions.AllPermissions since we want to grant read/write access
  • deny parameter we will pass 0 since we don’t wan to deny anything
  • merge we will pass true, since we want this permissions to be merged with existing ones (just in case)

For more information, you could check the blog below:

https://pascoal.net/2011/11/13/using-team-foundation-server-registrypart-ii-the-api/

Also, here is a useful case for your reference: TFS API - How to get a Team's Adminstrator?.

Cece Dong - MSFT
  • 29,631
  • 1
  • 24
  • 39