modules/Security/Get-AzDoSecurityGroupMemebers.psm1
<#
.SYNOPSIS This command provides retrieve Security Group Members from Azure DevOps .DESCRIPTION The command will retrieve Azure DevOps security group members (if they exists) .PARAMETER AzDoConnect A valid AzDoConnection object .PARAMETER ApiVersion Allows for specifying a specific version of the api to use (default is 5.0) .PARAMETER TeamName The name of the build definition to retrieve (use on this OR the id parameter) .EXAMPLE Get-AzDoSecurityGroupMembers -GroupName <group name> .EXAMPLE Get-AzDoSecurityGroupMembers -GroupId <group id> .NOTES .LINK https://github.com/ravensorb/Posh-AzureDevOps #> function Get-AzDoSecurityGroupMembers() { [CmdletBinding( DefaultParameterSetName="Id" )] param ( # Common Parameters [PoshAzDo.AzDoConnectObject][parameter(ValueFromPipelinebyPropertyName = $true, ValueFromPipeline = $true)]$AzDoConnection, [string]$ApiVersion = $global:AzDoApiVersion, # Module Parameters [string][parameter(ParameterSetName="Name", ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)][Alias("name")]$GroupName, [Guid][parameter(ParameterSetName="ID", ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)][Alias("id")]$GroupId = [Guid]::Empty ) BEGIN { if (-not $PSBoundParameters.ContainsKey('Verbose')) { $VerbosePreference = $PSCmdlet.GetVariableValue('VerbosePreference') } $errorPreference = 'Stop' if ( $PSBoundParameters.ContainsKey('ErrorAction')) { $errorPreference = $PSBoundParameters['ErrorAction'] } if (-Not (Test-Path variable:ApiVersion)) { $ApiVersion = "5.0-preview.1" } if (-Not $ApiVersion.Contains("preview")) { $ApiVersion = "5.0-preview.1" } if (-Not (Test-Path varaible:$AzDoConnection) -and $null -eq $AzDoConnection) { $AzDoConnection = Get-AzDoActiveConnection if ($null -eq $AzDoConnection) { Write-Error -ErrorAction $errorPreference -Message "AzDoConnection or ProjectUrl must be valid" } } Write-Verbose "Entering script $($MyInvocation.MyCommand.Name)" Write-Verbose "`tParameter Values" $PSBoundParameters.Keys | ForEach-Object { Write-Verbose "`t`t$_ = '$($PSBoundParameters[$_])'" } } PROCESS { $groups = Get-AzDoSecurityGroups -AzDoConnection $AzDoConnection if ($GroupId -ne [Guid]::Empty) { $group = $groups | ? { $_.id -eq $GroupId } } else { $group = $groups | ? { $_.displayName -eq $GroupName -or $_.principalName -eq $GroupName} } if ($null -eq $group) { Write-Error -ErrorAction $errorPreference -Message "Specified group not found" } $apiParams = @() $apiParams += "direction=Down" # GET https://vssps.dev.azure.com/fabrikam/_apis/graph/Memberships/{subjectDescriptor}?direction=Down&api-version=5.0-preview.1 $apiUrl = Get-AzDoApiUrl -RootPath $AzDoConnection.VsspUrl -ApiVersion $ApiVersion -BaseApiPath "/_apis/graph/Memberships/$($group.descriptor)" -QueryStringParams $apiParams $groupMembers = Invoke-RestMethod $apiUrl -Headers $AzDoConnection.HttpHeaders Write-Verbose "---------GROUP MEMBERS---------" Write-Verbose $groupMembers -ErrorAction SilentlyContinue Write-Verbose "---------GROUP MEMBERS---------" if ($null -ne $groupMembers.count) { foreach ($member in $groupMembers.value) { Write-Verbose "Group Member: $($member.memberDescriptor)" if ($member.memberDescriptor -clike "vssgp.*") { $g = $groups | ? { $_.displayName -eq $GroupName } Write-Verbose "`tGroup: $($g.displayName)" $g } elseif ($member.memberDescriptor -clike "aad.*") { $u = Get-AzDoUserDetails -UserDescriptor $($member.memberDescriptor) Write-Verbose "`tUser: $($u.displayName)" $u } else { Write-Verbose "Unknown Membership Descriptor: $($member.memberDescriptor)" } } } else { Write-Verbose "No group members found." return $null } } END { } } |