Add privileges in Roles

(Prathamesh Wagh) #1

I want to select/add privileges in Roles/CustomRoles in Octopus using Powershell. My team is utilizing so much time clicking the checkboxes beside the privileges. I need to achieve that using Powershell script. I have to update/create custom roles for each Octopus server.
Can you please help me with the cmdlets or the powershell command for this activity?

(Kenneth Bates) #3

Hi Prathamesh,

Thanks for getting in touch! This is certainly possible, however we don’t have any specific examples of adding individual permissions to a user role via the API. The closest I think we have in our sample script repository is to add an environment scope to a team.

You can see the permissions granted to an existing team at OctoURL/api/userroles/userroles-ID which shows the GrantedPermissions array consisting of each individual permission. When adding a permission to a user role via the web portal, a POST is done adding to this array. (You can reference the API calls Octopus makes when performing actions in the web portal by viewing the network tab in your dev tools.)

I hope this helps get you going! Let me know how you go, or if you have any further questions or concerns moving forward. :slight_smile:

Best regards,

Kenny

1 Like
(Prathamesh Wagh) #4

Thank you @Kenneth_Bates. The sample script helped me to create the PS script for privilege add/edit operation.

(Kenneth Bates) #5

Hi Prathamesh,

Thanks for following up and letting me know! That’s great to hear that helped you write the PS script. If you’re feeling inclined to do so, feel free to add this to our sample script repo for others looking to do the same thing!

Don’t hesitate to reach out if you have any further questions or concerns in the future. :slight_smile:

Best regards,

Kenny

(Prathamesh Wagh) #6

Sure, here it is!
GitHub Octopus Deploy

(Kenneth Bates) #7

Hi Prathamesh,

Thanks so much for sharing! I’m sure it’ll help someone in the future. :slight_smile:

Let me know if you have any questions or concerns down the track.

Best regards,

Kenny

(Stan) #8

Hi Prathamesh,

recently we migrated to latest octopus server (2019.3.3 on prem) and upgraded our PS script to use Octopus.Client 6.1.3.0 from 4.42.5.0

since upgrade we have issue to maintain teams environments

during environment assignment script, we getting following error:

You cannot call a method on a null-valued expression.
At line:2 char:1

  • $devTeam.EnvironmentIds.Add(“Environments-3”)
  •   + CategoryInfo          : InvalidOperation: (:) [], ParentContainsErrorRecordException
      + FullyQualifiedErrorId : InvokeMethodOnNull
    
    

the script looks like:

$devTeam = $repository.Teams.Get(“Teams-21”)
$devTeam.EnvironmentIds.Add(“Environments-3”)
$repository.Teams.Modify($devTeam)

after some investigation we found that “TeamResource” under the “Octopus.Client.Model” was changed and doesn’t contain any more “EnvironmentIds” property (and more other)

it broke all our automation for auto create/delete environments

any ideas/suggestions?

Thanks in advance,

Stan

(Prathamesh Wagh) #9

Hi Stan,

Please try this and let me know if it works.

$Environment = Get-OctopusEnvironment -EnvironmentName “Enter Environment name here”

Write-Output $Environment

$team = Get-OctopusTeam -TeamName “Enter team name here”

Write-Output $team #Before adding environment

$team.Environments.Add($environmentId)

Write-Output $team #After adding environment

(Stan) #10

Hi Prathamesh,

Thank you for reply!!!

after installing Octoposh and executing flowing command

Get-OctopusTeam (on any team name)

i getting error:

Get-OctopusTeam : Object reference not set to an instance of an object.
At line:1 char:1

  • Get-OctopusTeam
  •   + CategoryInfo          : NotSpecified: (:) [Get-OctopusTeam], NullReferenceException
      + FullyQualifiedErrorId : System.NullReferenceException,Octoposh.Cmdlets.GetOctopusTeam
    
    

What can be cause for this error?
The Get-OctopusEnvironment cmdlet works fine

PS:
in general, we are using Octopus.Client

Add-Type -Path “$ScriptDirectory\Octopus.Client.dll”
$endpoint = New-Object Octopus.Client.OctopusServerEndpoint $octopusURI,$apikey
$repository = New-Object Octopus.Client.OctopusRepository $endpoint

that we have compatibility issue with it.

Looking forward to hearing from you and thanks in advance,

Stan

(Prathamesh Wagh) #12

Get-OctopusTeam : Object reference not set to an instance of an object. - This error means you do not have access to the Octopus. Try not to use API key of administrator user. Create your user and give privileges to your user and use your API key.

(Stan) #13

Thanks for reply Prathamesh!
Still no luck…
looks like bug - i can get every resource (machine, environment, role etc.) but no the team…

the new user (and service account) both in sys admins team with sys admin role and space manager role

any ideas?

thanks in advance,

Stan

(system) closed #14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.