zoukankan      html  css  js  c++  java
  • Azure DevOps 扩展之 Hub 插件的菜单权限控制配置

    这是 Hub 插件的描述配置代码片段:

    {
        "contributions": [
            {
                "id": "feature-hidden-fields-manager-hub",
                "type": "ms.vss-web.feature",
                "targets": [
                    "ms.vss-web.managed-features",
                    "ms.vss-web.managed-features-onprem"
                ],
                "description": "Enable Work Item Type Hidden Fields Manager Feature",
                "properties": {
                    "name": "Enable Work Item Type Hidden Fields Manager",
                    "userConfigurable": false,
                    "hostConfigurable": true,
                    "defaultState": false,
                    "hostScopes": [
                        null,
                        "collection"
                    ]
                }
            },
            {
                "id": "hidden-fields-manager-hub",
                "type": "ms.vss-web.hub",
                "targets": [
                    "ms.vss-web.collection-admin-hub-group"
                ],
                "includes": [
                    "ms.vss-tfs-web.tfs-page-data-service",
                    "ms.vss-features.host-navigation-service",
                    "ms.vss-features.extension-data-service",
                    "ms.vss-features.host-dialog-service"
                ],
                "properties": {
                    "iconProps": {
                        "iconName": "WorkItem",
                        "className": "admin-tab-icon"
                    },
                    "name": "Work Item Type Hidden Fields Manager",
                    "order": 101,
                    "uri": "dist/Hub/HiddenFieldManagerHub.html",
                    "supportsMobile": true
                },
                "constraints": [
                    {
                        "name": "Security",
                        "properties":{
                            "namespaceId": "3E65F728-F8BC-4ecd-8764-7E378B19BFA7",
                            "namespaceToken": "NAMESPACE",
                            "permission": 32,
                            "allowSystemContext": true,
                            "serviceInstanceType": "00000028-0000-8888-8000-000000000000"
                        }
                    },
                    {
                        "name": "Feature",
                        "properties": {
                            "featureId": "Allen.hidden-fields-manager.feature-hidden-fields-manager-hub"
                        }
                    }
                ]
            }
        ]
    }
    

    实现菜单按当前登录用户的权限显示与隐藏的主要配置是 constraints 下名为 Securityproperties 配置。

    例如:我需要使用该 Hub 插件的人,必须有 ProcessTemplates 进程模板 (3E65F728-F8BC-4ecd-8764-7E378B19BFA7) 管理权限,才能看到菜单(入口)。

    其中 namespaceId 的常量值,来自权限空间ID列表:https://docs.microsoft.com/en-us/azure/devops/organizations/security/namespace-reference?view=azure-devops

    Azure DevOps Serverdll 中反编译后找到的部分 SecurityNamespaceId

    namespaceId 常量值 参考代码:

    namespace Microsoft.TeamFoundation.Framework.Common
    {
    	public static class FrameworkSecurity
    	{
    		public static readonly Guid FrameworkNamespaceId = new Guid("1f4179b3-6bac-4d01-b421-71ea09171400");
    
    		public static readonly Guid EventSubscriptionNamespaceId = new Guid("58B176E7-3411-457a-89D0-C6D0CCB3C52B");
    
    		public static readonly Guid EventSubscriberNamespaceId = new Guid("2BF24A2B-70BA-43D3-AD97-3D9E1F75622F");
    
    		public static readonly Guid JobNamespaceId = new Guid("2a887f97-db68-4b7c-9ae3-5cebd7add999");
    
    		public static readonly Guid RegistryNamespaceId = new Guid("4ae0db5d-8437-4ee8-a18b-1f6fb38bd34c");
    
    		public static readonly Guid CollectionManagementNamespaceId = new Guid("f66fc5d6-60e1-443e-9d16-851364ce3b99");
    
    		public static readonly Guid CatalogNamespaceId = new Guid("6BACCF73-1500-476f-8B2B-94F4489A59AA");
    
    		public static readonly Guid IdentitiesNamespaceId = new Guid("5A27515B-CCD7-42c9-84F1-54C998F03866");
    
    		public static readonly Guid Identities2NamespaceId = new Guid("C2EFB788-4DD2-4301-B2EE-EC8ED6955B4E");
    
    		public static readonly Guid LocationNamespaceId = LocationSecurityConstants.NamespaceId;
    
    		public static readonly Guid StrongBoxNamespaceId = new Guid("4A9E8381-289A-4DFD-8460-69028EAA93B3");
    
    		public static readonly Guid DiagnosticNamespaceId = new Guid("A1178DF8-8630-4786-B2A0-3A580DDF63EA");
    
    		public static readonly Guid TaggingNamespaceId = new Guid("BB50F182-8E5E-40B8-BC21-E8752A1E7AE2");
    
    		public static readonly Guid TracingNamespaceId = new Guid("0F623D1C-A21B-4A66-B4AE-07DD445502FB");
    
    		public static readonly Guid ProcessTemplatesNamespaceId = new Guid("3E65F728-F8BC-4ecd-8764-7E378B19BFA7");
    
    		public static readonly Guid ProcessNamespaceId = new Guid("2DAB47F9-BD70-49ED-9BD5-8EB051E59C02");
    
    		public static readonly Guid MessageQueueNamespaceId = new Guid("F3E9DDE6-32CD-48BB-B62D-1D73BCAF42F1");
    
    		public static readonly string MessageQueueNamespaceRootToken = "Tfsmq";
    
    		public static readonly char MessageQueuePathSeparator = '/';
    
    		public static readonly string FrameworkNamespaceToken = "FrameworkGlobalSecurity";
    
    		public static readonly string JobNamespaceToken = "AllJobs";
    
    		public static readonly string CollectionManagementNamespaceToken = "AllCollections";
    
    		public static readonly char CollectionManagementPathSeparator = '/';
    
    		public static readonly char RegistryPathSeparator = '/';
    
    		public static readonly string RegistryNamespaceRootToken = FrameworkSecurity.RegistryPathSeparator.ToString();
    
    		public static readonly char IdentitySecurityPathSeparator = '\';
    
    		public static readonly string IdentitySecurityRootToken = "$";
    
    		public static readonly char LocationPathSeparator = LocationSecurityConstants.PathSeparator;
    
    		public static readonly string LocationNamespaceRootToken = LocationSecurityConstants.NamespaceRootToken;
    
    		public static readonly string ServiceDefinitionsToken = LocationSecurityConstants.ServiceDefinitionsToken;
    
    		public static readonly string AccessMappingsToken = LocationSecurityConstants.AccessMappingsToken;
    
    		public static readonly char StrongBoxSecurityPathSeparator = '/';
    
    		public static readonly string StrongBoxSecurityNamespaceRootToken = "StrongBox";
    
    		public static readonly string ProcessTemplateNamespaceToken = "NAMESPACE";
    
    		public static readonly char DiagnosticPathSeparator = '/';
    
    		public static readonly string DiagnosticNamespaceToken = "Diagnostic";
    
    		public static readonly Guid TeamProjectNamespaceId = TeamProjectSecurityConstants.NamespaceId;
    
    		public static readonly Guid TeamProjectCollectionNamespaceId = new Guid("3E65F728-F8BC-4ecd-8764-7E378B19BFA7");
    
    		public static readonly string TeamProjectCollectionNamespaceToken = "NAMESPACE";
    
    		public static readonly string TracingNamespaceToken = "Global";
    
    		public static readonly Guid ProxyNamespaceId = new Guid("CB4D56D2-E84B-457E-8845-81320A133FBB");
    
    		public static readonly string ProxyNamespaceToken = "Proxy";
    	}
    }
    

    permission 常量值 参考代码:

    namespace Microsoft.TeamFoundation.Framework.Common
    {
    	public static class FrameworkPermissions
    	{
    		public const int GenericRead = 1;
    
    		public const int GenericWrite = 2;
    
    		public const int Impersonate = 4;
    
    		public const int TriggerEvent = 16;
    
    		public const int AllPermissions = 23;
    	}
    }
    
  • 相关阅读:
    Cordova原理一
    View 的measure 和onMeasure
    Android Material Design 系列之 SnackBar详解
    android 透明状态栏方法及其适配键盘上推(二)
    android 透明状态栏方法及其适配键盘上推(一)
    Https握手协议以及证书认证
    App对接支付宝移动支付功能
    ViewPager 滑动一半的判断方法以及左滑右滑判断
    mvp架构解析
    解决IE8打开默认弹出开发者工具的问题
  • 原文地址:https://www.cnblogs.com/VAllen/p/menu-permission-control-configuration-of-hub-extensions-for-azure-devops.html
Copyright © 2011-2022 走看看