Permission Report

Dejulia489 · Aug 17, 2020 · 759bdb5 · 759bdb5
1 parent 3f764f5
commit 759bdb5
Show file tree

Hide file tree

Showing 6 changed files with 783 additions and 19 deletions.
diff --git a/AzurePipelinesPS/AzurePipelinesPS.psd1 b/AzurePipelinesPS/AzurePipelinesPS.psd1
@@ -3,7 +3,7 @@
 #
 # Generated by: Dejulia489
 #
-# Generated on: 8/14/2020
+# Generated on: 8/17/2020
 #
 
 @{
@@ -88,7 +88,8 @@ FunctionsToExport = 'Add-APDeploymentGroup', 'Add-APGroupMembership', 'Add-APLog
                'Get-APInstalledExtensionList', 'Get-APNotificationSubscription', 
                'Get-APNotificationSubscriptionList', 
                'Get-APNotificationSubscriptionTemplateList', 'Get-APOperation', 
-               'Get-APPackage', 'Get-APPackageList', 'Get-APPersonalAccessTokenList', 
+               'Get-APPackage', 'Get-APPackageList', 'Get-APPermissionReport', 
+               'Get-APPermissionReportList', 'Get-APPersonalAccessTokenList', 
                'Get-APPolicyConfiguration', 'Get-APPolicyConfigurationList', 
                'Get-APPolicyEvaluation', 'Get-APPolicyEvaluationList', 
                'Get-APPolicyRevision', 'Get-APPolicyRevisionList', 
@@ -107,21 +108,20 @@ FunctionsToExport = 'Add-APDeploymentGroup', 'Add-APGroupMembership', 'Add-APLog
                'Get-APTeamList', 'Get-APTeamListAll', 'Get-APTestPlan', 
                'Get-APTestPlanList', 'Get-APTestResult', 'Get-APTestResultList', 
                'Get-APTestRun', 'Get-APTestRunList', 'Get-APTestRunStatistics', 
-               'Get-APTestSuite', 'Get-APTestSuiteList', 'Get-APUser', 
-               'Get-APUserList', 'Get-APVariableGroup', 'Get-APVariableGroupList', 
-               'Get-APWidget', 'Get-APWidgetList', 'Install-APAgent', 
-               'Install-APPSModule', 'Invoke-APNugetPackageDownload', 
-               'Invoke-APPolicyEvaluation', 'Invoke-APRestMethod', 
-               'Invoke-APServiceEndpointProxyRequest', 'New-APBuild', 
-               'New-APDashboard', 'New-APEnvironment', 'New-APEnvironmentApproval', 
-               'New-APFeed', 'New-APGitBranch', 'New-APGroup', 
-               'New-APInstalledExtensionDocument', 
-               'New-APNotificationSubscription', 'New-APPolicyConfiguration', 
-               'New-APProject', 'New-APRelease', 'New-APRepository', 
-               'New-APServiceEndpoint', 'New-APSession', 'New-APTeam', 
-               'Publish-APBuildDefinition', 'Publish-APReleaseDefinition', 
-               'Register-APPSRepository', 'Remove-APBuild', 
-               'Remove-APBuildDefinition', 'Remove-APDashboard', 
+               'Get-APTestSuiteList', 'Get-APUser', 'Get-APUserList', 
+               'Get-APVariableGroup', 'Get-APVariableGroupList', 'Get-APWidget', 
+               'Get-APWidgetList', 'Install-APAgent', 'Install-APPSModule', 
+               'Invoke-APNugetPackageDownload', 'Invoke-APPolicyEvaluation', 
+               'Invoke-APRestMethod', 'Invoke-APServiceEndpointProxyRequest', 
+               'New-APBuild', 'New-APDashboard', 'New-APEnvironment', 
+               'New-APEnvironmentApproval', 'New-APFeed', 'New-APGitBranch', 
+               'New-APGroup', 'New-APInstalledExtensionDocument', 
+               'New-APNotificationSubscription', 'New-APPermissionReport', 
+               'New-APPolicyConfiguration', 'New-APProject', 'New-APRelease', 
+               'New-APRepository', 'New-APServiceEndpoint', 'New-APSession', 
+               'New-APTeam', 'Publish-APBuildDefinition', 
+               'Publish-APReleaseDefinition', 'Register-APPSRepository', 
+               'Remove-APBuild', 'Remove-APBuildDefinition', 'Remove-APDashboard', 
                'Remove-APDeploymentGroup', 'Remove-APEnvironment', 'Remove-APFeed', 
                'Remove-APGitFile', 'Remove-APGroupMembership', 
                'Remove-APInstalledExtensionDocument', 
@@ -130,8 +130,8 @@ FunctionsToExport = 'Add-APDeploymentGroup', 'Add-APGroupMembership', 'Add-APLog
                'Remove-APPolicyConfiguration', 'Remove-APProject', 
                'Remove-APRelease', 'Remove-APReleaseDefinition', 
                'Remove-APServiceEndpoint', 'Remove-APSession', 'Remove-APTarget', 
-               'Remove-APTeam', 'Remove-APVariableGroup', 'Save-APSession', 
-               'Set-APAccessControlEntries', 'Set-APBuildNumber', 
+               'Remove-APTeam', 'Remove-APVariableGroup', 'Save-APPermissionReport', 
+               'Save-APSession', 'Set-APAccessControlEntries', 'Set-APBuildNumber', 
                'Set-APReleaseName', 'Set-APTaskResult', 'Set-APVariable', 
                'Update-APApproval', 'Update-APBuild', 'Update-APBuildDefinition', 
                'Update-APDeploymentGroup', 'Update-APInstalledExtension', 

diff --git a/AzurePipelinesPS/Private/Get-APApiEndpoint.ps1 b/AzurePipelinesPS/Private/Get-APApiEndpoint.ps1
@@ -384,6 +384,18 @@ function Get-APApiEndpoint
             {
                 Return '_apis/serviceendpoint/endpoints/{0}'
             }
+            'permissions'
+            {
+                Return '_apis/permissionsreport'
+            }
+            'permissions-reportId'
+            {
+                Return '_apis/permissionsreport/{0}'
+            }
+            'permissions-download'
+            {
+                Return '_apis/permissionsreport/{0}/download'
+            }
             'pipelines-configurations'
             {
                 Return '_apis/pipelines/checks/configurations'

diff --git a/AzurePipelinesPS/Public/Get-APPermissionReport.ps1 b/AzurePipelinesPS/Public/Get-APPermissionReport.ps1
@@ -0,0 +1,181 @@
+function Get-APPermissionReport
+{
+    <#
+    .SYNOPSIS
+
+    Returns a an Azure Pipeline permission report.
+
+    .DESCRIPTION
+
+    Returns a an Azure Pipeline permission report based on report id. 
+    The report id can be returned by Get-APPermissionReportList.
+
+    .PARAMETER Instance
+    
+    The Team Services account or TFS server.
+    
+    .PARAMETER Collection
+    
+    For Azure DevOps the value for collection should be the name of your orginization. 
+    For both Team Services and TFS The value should be DefaultCollection unless another collection has been created.
+
+    .PARAMETER ApiVersion
+    
+    Version of the api to use.
+
+    .PARAMETER PersonalAccessToken
+    
+    Personal access token used to authenticate that has been converted to a secure string. 
+    It is recomended to uses an Azure Pipelines PS session to pass the personal access token parameter among funcitons, See New-APSession.
+    https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=vsts
+    
+    .PARAMETER Credential
+
+    Specifies a user account that has permission to send the request.
+
+    .PARAMETER Proxy
+    
+    Use a proxy server for the request, rather than connecting directly to the Internet resource. Enter the URI of a network proxy server.
+
+    .PARAMETER ProxyCredential
+    
+    Specifie a user account that has permission to use the proxy server that is specified by the -Proxy parameter. The default is the current user.
+
+    .PARAMETER Session
+
+    Azure DevOps PS session, created by New-APSession.
+    
+    .PARAMETER ReportId
+
+    Id (guid) of the report to get. 
+
+    .INPUTS
+    
+    None, does not support pipeline.
+
+    .OUTPUTS
+
+    PSObject, Azure Pipelines permission report(s)
+
+    .EXAMPLE
+
+    Returns AP permission report for 'myCollection' with the id of '7'.
+
+    Get-APPermissionReportList -Instance 'https://dev.azure.com' -Collection 'myCollection' -ReportId '7'
+
+    .LINK
+
+    https://docs.microsoft.com/en-us/rest/api/azure/devops/permissionsreport/permissions%20report/get?view=azure-devops-rest-6.0&viewFallbackFrom=azure-devops-rest-6.1
+    #>
+    [CmdletBinding(DefaultParameterSetName = 'ByPersonalAccessToken')]
+    Param
+    (
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByPersonalAccessToken')]
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByCredential')]
+        [uri]
+        $Instance,
+
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByPersonalAccessToken')]
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByCredential')]
+        [string]
+        $Collection,
+
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByPersonalAccessToken')]
+        [Parameter(Mandatory,
+            ParameterSetName = 'ByCredential')]
+        [string]
+        $ApiVersion,
+
+        [Parameter(ParameterSetName = 'ByPersonalAccessToken')]
+        [Security.SecureString]
+        $PersonalAccessToken,
+
+        [Parameter(ParameterSetName = 'ByCredential')]
+        [pscredential]
+        $Credential,
+
+        [Parameter(ParameterSetName = 'ByPersonalAccessToken')]
+        [Parameter(ParameterSetName = 'ByCredential')]
+        [string]
+        $Proxy,
+
+        [Parameter(ParameterSetName = 'ByPersonalAccessToken')]
+        [Parameter(ParameterSetName = 'ByCredential')]
+        [pscredential]
+        $ProxyCredential,
+
+        [Parameter(Mandatory,
+            ParameterSetName = 'BySession')]
+        [object]
+        $Session, 
+
+        [Parameter(Mandatory)]
+        [string]
+        $ReportId
+    )
+
+    begin
+    {
+        If ($PSCmdlet.ParameterSetName -eq 'BySession')
+        {
+            $currentSession = $Session | Get-APSession
+            If ($currentSession)
+            {
+                $Instance = $currentSession.Instance
+                $Collection = $currentSession.Collection
+                $PersonalAccessToken = $currentSession.PersonalAccessToken
+                $Credential = $currentSession.Credential
+                $Proxy = $currentSession.Proxy
+                $ProxyCredential = $currentSession.ProxyCredential
+                If ($currentSession.Version)
+                {
+                    $ApiVersion = (Get-APApiVersion -Version $currentSession.Version)
+                }
+                else
+                {
+                    $ApiVersion = $currentSession.ApiVersion
+                }
+            }
+        }
+    }
+
+    process
+    {
+        $apiEndpoint = (Get-APApiEndpoint -ApiType 'permissions-reportId') -f $ReportId
+        $queryParameters = Set-APQueryParameters -InputObject $PSBoundParameters
+        $setAPUriSplat = @{
+            Collection  = $Collection
+            Instance    = $Instance
+            ApiVersion  = $ApiVersion
+            ApiEndpoint = $apiEndpoint
+            Query       = $queryParameters
+        }
+        [uri] $uri = Set-APUri @setAPUriSplat
+        $invokeAPRestMethodSplat = @{
+            Method              = 'GET'
+            Uri                 = $uri
+            Credential          = $Credential
+            PersonalAccessToken = $PersonalAccessToken
+            Proxy               = $Proxy
+            ProxyCredential     = $ProxyCredential
+        }
+        $results = Invoke-APRestMethod @invokeAPRestMethodSplat 
+        If ($results.value)
+        {
+            return $results.value
+        }
+        else
+        {
+            return $results
+        }
+    }
+
+    end
+    {
+    }
+}