I was curious if anyone knows how to set permissions (add/remove groups) to variable groups via the REST API. I know there is the security namespace, however it requires a resource guid and I am not sure how to get that for a specific variable group?
You want security namespace "Library" ( you need to convert it to proper namespace_id ) and with token "Library/$project_id/VariableGroup/$variable_group_id"
POST https://dev.azure.com/{organization}/_apis/accesscontrollists/{securityNamespaceId}?api-version=5.1
For ACL management REST API see https://learn.microsoft.com/en-us/rest/api/azure/devops/security/access%20control%20lists/set%20access%20control%20lists?view=azure-devops-rest-5.1
Example request:
"value": [
{
"inheritPermissions": true,
"token": "Library/$project_id/VariableGroup/$variable_group_id",
"acesDictionary": {
"Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-1": {
"descriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-1",
"allow": 31,
"deny": 0
}
}
}
]
Warning1 - At the moment the Microsoft doc on that topic is quite incomplete ( see, for example my comment on github issue asking for clarification of variables groups authentication mechanism ).
Warning2 - Be careful with ACL changing requests for ALL variable groups in project ( e.g. token=Library/$project_id/ ), because you might end up with removing permissions from all users on your Ado project and it's could be hard to change it back.
I am afraid it is not possible to set variable groups permission via api.
There is only group id we can get from variable group api below, no resource id in the response.
https://dev.azure.com/{organization}/{project}/_apis/distributedtask/variablegroups?api-version=5.1-preview.1
When i tried fetching the http request trace with F12 chrome. There is a value at the end of request url looks like the source id. And it is the project id combined with the variable group id. Donot know if this is resource guid you were looking for.
https://dev.azure.com//_apis/securityroles/scopes/distributedtask.variablegroup/roleassignments/resources/39e13f04-cb4e-4fa8-b2f1-0ee8f4fc82c5%241
I managed to reverse engineer who to do this. If anyone is curious on how it works feel free to talk a look at the powershell library for Azure DevOps I have put together -- https://github.com/ravensorb/Posh-AzureDevOps
Related
I am using the Microsoft Graph API to create Planner tasks, and I am wondering if there is a way to create a task including task details/description using a single HTTP request.
This old question from 2018 is asking about the same thing. The outcome in 2018 was that several separate requests were necessary ... first creating the task, then getting and updating its details object, which is a somewhat cumbersome process.
The original answerer has recently updated their answer to say that this behavior has changed and "you can set task details fields in the same request as creating the task". However, I'm confused as to whether this applies to the REST API itself, or to the Microsoft SDKs (which I am not currently using, as I don't need most of their functionality).
When I make a POST request to the /planner/tasks endpoint, and supply the details object in the body like such ...
{
"planId": "(... plan ID ...)",
"bucketId": "(... bucket ID ...)",
"title": "Title for new task",
"details": {
"description": "Some description for new task"
},
"assignments": {
(... assignment data ...)
}
}
... the task is created, but I don't see any description/notes. This applies both to the "v1.0" and "beta" APIs. (I tried the newer "notes" property on the beta API as well, with the same result.)
Based on the MS docs I could not find a conclusive answer either.
Should a request such as the one I listed work right now? If yes, in which API version? If no, what am I missing?
Thanks!
That request should work, but there is an issue with the returned response to the create operation not including the task details. If you read the task details after the creation (or reading task expanding the details), the description should be there.
I'm trying to use this documentation in order to build a plugin to auto accept an inbound call. What I also want is the ability to turn auto answer on/off by a certain worker attribute. Here's what I have so far in my init(flex, manager) method :
if(manager.workerClient.attributes.[attribute name].includes('[attribute name')) {
manager.workerClient.on('reservationCreated', reservation => {
if (reservation.task.attributes.autoAnswer === 'true') {
flex.Actions.invokeAction('AcceptTask', {sid: reservation.sid});
flex.Actions.invokeAction('SelectTask', {sid: reservation.sid});
}
});
}
I've read through the documentation on accessing worker attributes and think I'm fine with getting the attribute name. However, I'm unsure of the auto answer portion.
Twilio developer evangelist here.
Your code looks correct, I have a similar example that I've used before here.
After discussing with you in the comments, if you set the plugins url to an empty string or null, then Flex will make an API request to look for plugins that it should load at flex.twilio.com/plugins, which only comprises of plugins that you have deployed. You should either set the url to your local /plugins to load the local version. Or you should deploy your plugin so that it can be loaded from flex.twilio.com/plugins in your environment.
I am currently trying to grab the tags associated with the with a specific VM in a given environment. The problem is, I can't figure out what the resourceId parameter stands for.
According to the documentation, I should be able to grab all the machines associated with the environment. Although for the life of me, I can't figure out what the resourceId stands for. The call would look something like this:
GET https://dev.azure.com/{organization}/{project}/_apis/distributedtask/environments/{environmentId}/providers/virtualmachinegroups/{resourceId}/virtualmachines?api-version=6.0-preview.1
All of the other parameters I can understand, but not resourceId. I would appreciate any help.
The document "Virtualmachines - List" seems have some issues and need to be updated.
To list the Virtualmachines in an environment, you can try the following endpoint.
GET https://dev.azure.com/{organization}/{project}/_apis/pipelines/environments/{environmentId}/providers/virtualmachines?api-version=6.1-preview.1
I have tested this endpoint on my side, it can work fine.
[UPDATE]
The required scope should be "Environment (Read & manage)". I have tested the PAT that only contains this scope to execute the API, it can work fine and return the list of the Virtual machines in the specified environment. When creating a PAT, you also need to make sure the Organization scope has contained the organization which the API is running for.
And also make sure the PAT has not expired.
I also found out that you could query the following addresses, for the same result:
https://dev.azure.com/{organization}/{project}/_apis/pipelines/environments/{envid}?expands=resourceReferences
and
https://dev.azure.com/{organization}/{project}/_apis/distributedtask/environments/{envid}?expands=resourceReferences
This would result in the list of resources with their tags.
I am not completely sure if it the same thing as Bright's answer, since there is no reference to the type of the resource (virtual machine/kubernetes) in the call.
In my example architecture; I have an IN-Mobius and a ADN-AE-Thyme (nCube Thyme).
First of all; i created a AE which is called "ae_test_02", i can GET this resource via Postman.
After this step; i run ADN-AE-Thyme, thyme.js, and it created a container which is called "thyme_01", and also i can GET this resource via Postman.
Also in that step, thyme.js add containerInstances into the "thyme_01" container. Then, i can get that latest containerInstance with "/la" parameter via Postman
In this point, the problem has began. I create a group resource, while creating i tried couple solutions, always fail. I tried in "mid" attribute;
{ "m2m:grp": {
"rn": "grp_test_100520_08",
"mt": 3,
"mid": ["3-20200505012920476/la",
"Mobius/3-20200505012920476/la",
"Mobius/thyme_01/la",
"Mobius/ae_test_02/3-20200505012920476/la",
"Mobius/ae_test_02/thyme_01/la",
"ae_test_02/thyme_01/la",
"ae_test_02/3-20200505012920476/la"],
"mnm": 10
}
The problem is that, i tried these mid paths one by one, but never works. When i try to get latest containerInstances via Postman, i use this URL and the results is "resource does not exist (get_target_url)"
The containers and contentInstances in the IN-Mobius, and i requested to the IN-Mobius. By using these informations how should i implement group "mid" attribute; for the get containerInstances via group resources ?
First Edit.
Hi Andreas.
For the first issue, i can get resource correctly. In this point my aim is GET containerInstance in the container, which is a member (mid) in that .
Second; now I understand, there is not existing resource in resource, okay. As you mentined, i want to pass a request to all member (containers) of a resource. For this purpose, i will use https://localhost:7579/Mobius/grp_test_100520_08/fopt, but it gives an error "ERR_INVALID_ARG_TYPE". I know that, at least one mid structure is correct, but which one is the correct ?
For the smaller issue, i already know that resouce multiple times in the mid attribute, because i did not know which one is the correct adressing scheme ?
Also, while creating a resource, the resource should be in the ae resource (/Mobius/ae_test_02/grp_name) or in the Mobius (/Mobius/grp_name)
resources can be in directly in IN-Mobius or should in MN-Rosemary? Is fanOutPoint only using by external resource like MN or even IN, fopt using ?
Second Edit.
The "thyme" comes from nCube Thyme (https://github.com/IoTKETI/nCube-Thyme-Nodejs), it creates a container and then randomly create ContainerInstances.
The resource tree looks like;
Mobius >> ae_test_02 (AE resource) >> thyme_01 (Container It created from nCube Thyme https://github.com/IoTKETI/nCube-Thyme-Nodejs) >> ContainerInstances
I have also a resource in >> Mobius >> grp_test_100520_08 (GROUP resource which is uses)
I tried;
{ "m2m:grp": {
"mid": ["Mobius/ae_test_02/thyme_01"],
"mnm": 5
}
}
In this request, fopt.js gives an error "callback is not a function".
{ "m2m:grp": {
"mid": ["ae_test_02/thyme_01"],
"mnm": 5
}
}
In this request, fopt.js gives same "callback is not a function", but in different line.
I guess my fopt.js file is old, then i checked mobius github page and get that file, however it not solve this.
Also my resource look like this;
Also my fopt.js file is same as this;
https://github.com/IoTKETI/Mobius/blob/master/mobius/fopt.js
UPDATE 3.
The "cnm" attribute problem is this; while creating a resouce, CSE will automaticly assign "cnm" attribute according to member size. However, CSE will not this process in UPDATE (PUT) request. From this point, i will create resources, not UPDATE them.
As you mentioned, i send requests to the group's resource, but it gives the "callback is not a function" error. To solve this problem, i downloaded and installed the whole distribution. (https://github.com/IoTKETI/Mobius) After that, i will do same processes again for understand the fopt.js file behaviour. The result wasn't changed, it gives the same error.
I planning to explain whole situation and create an issue, in Mobius github page. I hope they will response soon.
I think there are two issues with your example.
The first issue is with the request to the <Group>. You need to distinguish between requests to the <Group> resource itself and requests to the members of the <Grou>.
There is no child resource <la> of the <Group> resource itself. This is why you receive an error message. If you want to pass a request to all members of a <Group> resource then you need to target the virtual child resource <fopt>. In your case the request should target URI https://localhost:7579/Mobius/grp_text_100520/fopt. Since you already have the <la> resources as members you won't need to add the /la part to the request. However, I would recommend to only add the <Container> resources to the group and use the target URI https://localhost:7579/Mobius/grp_text_100520/fopt/la to retrieve the latest <ContentInstances> of each container.
The second (smaller) issue is that from what I can get from your example code that you add the same resource multiple times to the group, but only with different addressing schemes. Please be aware that the CSE must removes duplicate resources when creating or updating the mid attribute.
Edit after question update
It is not very clear what your resource tree looks like. So, perhaps you should start with only one resource references and continue from there. Valid ID's in the mid attribute are either structured (basically the path of the rn attributes) or unstructured ID's (the ri's). The CSE should filter the incorrect ID, so you should get the correct set of ID's in the result body of the CREATE request.
btw, where does "thyme" come from? This is only in a label, which does not form an ID.
Regarding the <fanOutPoint> resource: Normally all request would be targeted to the <Group> resource, but requests to the virtual <fanOuPoint> resource are forwarded to al the members of the group. If a resource referenced in mid is accessible then the request is forwarded and the result is collected and is part of the result body of the original request.
You also need to be careful and regard the resource types: only send valid requests to the group's members.
Update 2
From the IDs in the mid attribute of the <Group> resource it looks like that the CSE validated the targets (though the cnm (current number of members) is obviously wrong, which seems to be an error of the CSE).
So, you should be able to send requests to the group's <fopt> resource as discussed above.
For the CSE runtime error you should perhaps contact the Mobius developers. But my guess is that you perhaps should download and install the whole distribution, not only a single file.
for anyone in the future; who is dealing with this problem.
The problem is simply is that; in the app.js there is 4 function call (fopt.check). While calling the function in the app.js file, there are 5 parameter exists, on the other hand, while getting these arguments in the function it takes only 4 arguments. For this reason, body_obj always becomes "undefined" then it will never reach the "Container" or "ContainerInstance" source. Lately, KETI was sent a new commit to the Mobius Github page (https://github.com/IoTKETI/Mobius/commit/950182b725d5ffc0552119c5c705062958db285f) to solve this problem. It solves this problem unless you are using use_secure == 'disable'. If you try to use use_secure == 'enable' you should add an if statement to check use_secure and add import HTTPS module.
Also, while creating resource, defining the "mid" attribute is not very clear. Just for now, if you want to reach (latest) source; you should add "/la" for all members of the group. This is recommended by KETI on Github page issue 5.
(https://github.com/IoTKETI/Mobius/issues/5#issuecomment-625076540)
And lastly, thank you Andreas Kraft; your help was very useful.
GET mailFolders/archivemsgfolderroot
I use distinguish name to get this in-place mailbox folder
and the response is:
...
"displayName": "Top of Information Store",
...
However, this is not the custom name I modified on office365.
Is it possible to get that custom name?
I also try to get distinguish folder in EWS managed API
<t:DistinguishedFolderId Id="archivemsgfolderroot" />
It returns the same name
...
<t:DisplayName>Top of Information Store</t:DisplayName>
...
--
Add two image ref.
how I add it
how it looks like at outlook
thanks for help
I see that a user can set a property, "ArchiveName", to give their archive mailbox a custom name. In powershell, this would be using a Set-Mailbox cmdlet.
https://learn.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps
That doc states that it applies to Outlook and OWA and, after a quick look, I can't see a way to get that property other than using Get-Mailbox which is not ideal. So as best I can tell it's not exposed through EWS or REST and thus probably isn't available through Microsoft Graph.
I would encourage you to file a suggestion: https://officespdev.uservoice.com/forums/224641-feature-requests-and-feedback/category/101632-microsoft-graph-o365-rest-apis
You can try the following endpoint
https://graph.microsoft.com/v1.0/me/mailFolders/archivemsgfolderroot/childFolders/AAMkADQ5OWMzMGEwLTg4ZjktNDk1Ny05NzFmLWRhZjg4ODU0YzUwYwAuAAAAAACtqDzk9UzLSpZsdesjndr1AQBNzq1HG8BvRYqBQbPeZSPaAAGdwZCCAAA=
(Replace the id to yours):https://graph.microsoft.com/v1.0/me/mailFolders/archivemsgfolderroot/childFolders/id