現在、API を使用して TFS からプロジェクトのリストを返しています。
var tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri("some URI"));
var store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));
var projects = store.Projects
これはうまくいきます。ただし、すべてのユーザーの TFS チーム プロジェクトの完全なリストが返されます。特定のユーザーがアクセスできるプロジェクトのみが返されるように、リストを返すかフィルター処理する方法はありますか?
これはTFS 2010を使用しています。
In TFS 2010, I believe you can do this by impersonating the user you are interested in when making your calls.
The TFS 2010 API allows (properly authorized) applications to "impersonate" any valid user you want and take action as that user. This is "authorization" impersonation -- you are not authenticating as another user, so there's no password entry, but you are taking action "on behalf of" another user. There's a specific permission you need to have to do this, so your application would need to be actually run as a user with the "Make requests on behalf of other users" permission.
Once that's done, the code is pretty simple. You extract the identity you want from your TPC then create a second "impersonated" one under a different context, and use that second context for your actual work:
var tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri("some URI"));
var identityService = tfs.GetService<IIdentityManagementService>();
var identity = identity = identityService.ReadIdentity(
IdentitySearchFactor.AccountName,
"someuser",
MembershipQuery.None,
ReadIdentityOptions.None);
var userTfs = new TfsTeamProjectCollection(tfs.Uri, identity.Descriptor);
Any action you take on userTfs will be done as if the specified username did it; this allows you to query for projects, queue builds, etc. on behalf of other users.
追加using System.netすると、クレデンシャル キャッシュを使用して、コレクションを取得するときに現在のユーザーのデフォルトのクレデンシャルを TFS に渡すことができます。
using (var tfs = new TfsTeamProjectCollection(tfsUri, CredentialCache.DefaultCredentials))
{
var store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));
var projects = store.Projects
}