1. Demand
In the production of a small partner needs to gitlab all the items in the master permissions only to Administra users, the rest with the master permissions of the user down to developer permissions, and the right to be down the user name output as a report, not down the right before the project all members, to The " Project name User name permission " format is exported as a report.
2. Design Ideas
Three documents were mainly consulted:
① using the Gitlab API
②gitlab Documentation/group and Project members
③gitlab documentation/projects
-------------------------------------------------------------------------------------------
① the Gitlab API through the Get/put method in the Python requests module
② gets the item on the Gitlab through the Get method:
③ uses the Put method to invoke the following Gitlab interface to implement the function of modifying member permissions:
Curl--request put--header "PRIVATE-TOKEN:9KOXPG98EAHEJPVBS5TK" Https://gitlab.example.com/api/v3/groups/:id/ Members/:user_id?access_level=40
where Master's corresponding Access_level is 40,developer with a permission of 30,
change the Access_level from 40 to 30 to realize the right to drop。
3. Code implementation ① Modify member Permissions
"' Author: Division little secluded time:2016-11-30 ~ 2016-12-1 function: Traverse Gitlab project, in addition to the Administrator user in each project,
The remaining users with master permissions are changed to developer permissions. ' Import requests import JSON import csv #获取projectId urlid = ' Http://{your Git ip}/api/v3/projects?private_token={you R Private Token} ' ProjectID = Requests.get (urlid) iddata=json.loads (projectid.text) dict={} dict1={} # Establish two mapping relationships for project member names, IDs, and Access_level Getprojectmember (projectid): Urlmember = ' Http://{your Git ip}/api/v3/projects/ ' +str (ProjectID) + '/members?private_token={your Private token} ' Projectmember=requests.get (urlmember) membersData=j Son.loads (Projectmember.text) for J in membersdata:dict[j["name"]] = j["id"] dict1[j["name"]]=j["Acce
Ss_level "] #修改成员权限 and outputs the member name of the Change permission to the report Def Modifyuserlevel (ProjectID): Getprojectmember (ProjectID) for name in Dict1: If name!= ' Administrator ': if dict1[name] = = 40:urlput= ' Http://{your Git ip}/ap i/v3/projects/' +str (projectid) + '/members/' +str(Dict[name]) + ' Access_level=30?private_token={your Private token} ' Put=requests.put (urlput)
writer = Csv.writer (csvfile) data=[] Data.append (name) Writer.writerows (data) #主方法 csvfile = File (' {Path} ', ' WB ') for ProjectID in Iddata:modifyuserlevel (projectid["id"] ) Csvfile.close ()
② Generate canonical Format report
"' Author: Division small secluded time:2016-11-30 ~ 2016-12-1 function: writes the corresponding data on the Gitlab to the. csv file (except the administrator) in the format" Gitlab Project name User Rights " Import requests import JSON import csv #获取projectId urlid = ' Http://{your Git ip}/api/v3/projects?private_token={your Pri Vate token} ' ProjectID = Requests.get (urlid) iddata=json.loads (projectid.text) dict={} dict1={} #将项目成员名分别和id以及access_ Level establishes two mapping relationships Def getprojectmember (projectid): Urlmember = ' http://{your Git ip}/api/v3/projects/' +str (projectid) + '/m Embers?private_token={your Private Token} ' Projectmember=requests.get (urlmember) membersdata=json.loads (projectMem Ber.text) for J-in membersdata:dict[j["name"] = j["id"] dict1[j["name"]]=j["Access_level"] #未降权前的除A Dminstrator user's remaining items all users are exported to the report CSVFile = File (' {Path} ', ' WB ') for ProjectID in Iddata:getprojectmember (pr
ojectid["id"]) for name in Dict1:if name!= ' Administrator ': writer = csv.writer (csvfile) data=[] Data.Append ((projectid["name", Name, Dict1[name]) writer.writerows (data) csvfile.close ()
4. Problem description
The above code is only a logically established implementation, where the second part of the generation of canonical format can be implemented in the report, but the first part, may not have enough permissions, will appear 401,not Authorized words, but the logic is no problem.