Finding user in TFS Project programmatically

Question

We have more than one collection under one TFS server and each collection have more than one project. I want to be able to check if entered username is part of any project level group on TFS server. So far I am able to connect to TFS, and get all project names under the collection. I need help in finding the group name and then querying those groups to check if user is part of that group or not.

Here is the code I tried -

static void Main(string[] args)
    {
        NetworkCredential netCred = new NetworkCredential(@"username", @"pwd");
        TfsConfigurationServer configServ = new TfsConfigurationServer(new Uri("https://my-tfs.schwab.com/tfs"), netCred);

        var tfsAllCols = new List<KeyValuePair<Guid, string>>();
        try
        {
            configServ.Authenticate();
            Console.WriteLine("Autheticated in server with ad creds...");

            ReadOnlyCollection<CatalogNode> colNodes = configServ.CatalogNode.QueryChildren(
                new[] { CatalogResourceTypes.ProjectCollection },
                false,
                CatalogQueryOptions.None);
            foreach (CatalogNode node in colNodes)
            {
                var colId = new Guid(node.Resource.Properties["InstanceId"]);
                TfsTeamProjectCollection teamProjectCollection =
                    configServ.GetTeamProjectCollection(colId);

                tfsAllCols.Add(new KeyValuePair<Guid, string>(colId, teamProjectCollection.Name));

            }

    //hardcoding the colname for testing
            TfsTeamProjectCollection tpc = new TfsTeamProjectCollection(new Uri("https://ruby-tfs.schwab.com/tfs/colname/"), netCred);

            tpc.EnsureAuthenticated();

            // Get the catalog of team project collections
            ReadOnlyCollection<CatalogNode> projNodes = tpc.CatalogNode.QueryChildren(
            new[] { CatalogResourceTypes.TeamProject },
            false, CatalogQueryOptions.None);

        }
        catch (Exception ex)
        {

            throw ex;
        }

        Console.ReadLine();
    }

Tip: [Best practices for catching and re-throwing .NET exceptions](https://stackoverflow.com/questions/22623/best-practices-for-catching-and-re-throwing-net-exceptions) . Furthermore, are you getting errors? — Abbas, Dec 05 '17 at 10:28

Cece Dong - MSFT · Accepted Answer · 2017-12-07T09:14:13.663

0

Instead of hard coding, you could use TFSSecurity command-line tool to retrieve the groups and members in team project:

Use /g to list the groups in a team project, in a team project collection, or across Team Foundation Server:

tfssecurity /g [scope] [/collection:CollectionURL] [/server:ServerURL]

Use /imx to display information about the identities that compose the expanded membership of a specified group:

> tfssecurity /imx Identity [/collection:CollectionURL][/server:ServerURL]

If you insist hard coding, you could follow the blog below to query TFS for groups and memberships:

https://blogs.msdn.microsoft.com/vasu_sankaran/2010/10/11/querying-tfs-for-groups-and-memberships/

Update:

edited Dec 07 '17 at 09:14

answered Dec 06 '17 at 03:43

Cece Dong - MSFT

29,631
1
24
39

I would need to hard code it only. Thanks for the ref url I will go through this. – arpymastro Dec 06 '17 at 07:21
You could also consider invoke TFSSecurity command-line tool in your code. – Cece Dong - MSFT Dec 06 '17 at 08:06
BTW I tried the code in the ref url. It shows only groups(ROLE.* groups) but it does not shows the member names of those group – arpymastro Dec 07 '17 at 05:05
@arpymastro Are you able to get the members of groups? – Cece Dong - MSFT Dec 11 '17 at 08:18

Eddie Chen - MSFT · Answer 2 · 2017-12-13T08:41:59.170

If you want to check the user's groups, you can call ims.ReadIdentity() method directly. Here is the simple code for your reference:

using System;
using System.Collections.Generic;
using Microsoft.TeamFoundation.Client;
using Microsoft.TeamFoundation.Framework.Client;
using Microsoft.TeamFoundation.Framework.Common;
using Microsoft.VisualStudio.Services.Client;
using Microsoft.VisualStudio.Services.Common;

namespace ConsoleApplication3

{

    class Program

    {
        static void Main(string[] args)

        {

            TfsConfigurationServer tcs = new TfsConfigurationServer(new Uri("http://xxxx:8080/tfs/"));

            IIdentityManagementService ims = tcs.GetService<IIdentityManagementService>();

            TeamFoundationIdentity tfi = ims.ReadIdentity(IdentitySearchFactor.AccountName, "domain\\username", MembershipQuery.Direct, ReadIdentityOptions.None);
            Console.WriteLine("Listing Groups for:" + tfi.DisplayName);
            Console.WriteLine("Total " + tfi.MemberOf.Length + " groups.");
            IdentityDescriptor[] group = tfi.MemberOf;
            foreach (IdentityDescriptor id in group)
            {
                TeamFoundationIdentity detail = ims.ReadIdentity(IdentitySearchFactor.Identifier, id.Identifier, MembershipQuery.None, ReadIdentityOptions.None);
                Console.WriteLine(detail.DisplayName);
            }
            Console.ReadLine();

        }
    }
}

If this does not meet your requirement, you can also use this method to get the members of each project group.

Finding user in TFS Project programmatically

2 Answers2