-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakeRepoWithCustomPerms.ps1
69 lines (51 loc) · 3.31 KB
/
MakeRepoWithCustomPerms.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#Azure DevOps Make Git Repo and Apply Custom Repo Permisions VIA TFSecurity
#Update This if your path is different
Set-Alias TFSSecurity "C:\Program Files\Azure DevOps Server 2019\Tools\TFSSecurity.exe"
#Update These
$instance ="XXX.com"
$Client ="Google"
$Project="BigMoneyProject"
#Update Per your repo naming convention
$RepoName="Web"+"_$Project.com"
#make GitRepo
$Call = "https://$instance/$Client/$project/_apis/git/repositories?api-version=5.0"
#JSON Payload
$json = ConvertTo-Json @{
"name" = "$RepoName"
}
#Make Repo
Invoke-RestMethod -Uri $Call -Method POST -Body $json -ContentType application/json -UseDefaultCredentials
#Define Custom Perms per group here is an example with two groups Toggle (ALLOW | DENY) for each perm
#https://docs.microsoft.com/en-us/azure/devops/server/command-line/tfssecurity-cmd?view=azure-devops#git-repository
#Use this link as reference
$URL = "/collection:https://$instance/$Client"
$Group = "n:[$Project]\Source_Control_Contributors"
TFSSecurity /a+ 'Git Repositories' repositories GenericContribute $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories PullRequestContribute $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateBranch $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateRepository $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateTag $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories DeleteRepository $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories EditPolicies $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories PolicyExempt $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ForcePush $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ManageNote $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ManagePermissions $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories GenericRead $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories RemoveOthersLocks $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories RenameRepository $Group Allow $URL
$Group = "n:[$Project]\Work_Item_Administrators"
TFSSecurity /a+ 'Git Repositories' repositories GenericContribute $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories PullRequestContribute $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateBranch $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateRepository $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories CreateTag $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories DeleteRepository $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories EditPolicies $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories PolicyExempt $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ForcePush $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ManageNote $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories ManagePermissions $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories GenericRead $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories RemoveOthersLocks $Group Allow $URL
TFSSecurity /a+ 'Git Repositories' repositories RenameRepository $Group Allow $URL