Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

How to manage GitLab users in a hierarchy of groups, sub-groups and projects

When in GitLab we have a complex structure of groups / sub-groups / projects it is quite tedious to manage the users and to know which projects certain users have access to. In this tutorial we will see how we can get the complete list throughout the hierarchy, in order to easily manage the users.

1. Introduction

GitLab is a powerful system to manage our software projects. Something that started as a simple repository manager Git today allows us not only to manage the repository, but the issues, the pipeline, boards, …

However despite all its wonders, user management is something that still leaves a little to be desired. Although it has a lot of power because we can add users as members of projects, or groups and sub-groups and there is a relationship of “inheritance” among all these elements, when we have a large organization where there are numerous sub-groups in the structure of hierarchical tree, it is quite complicated to know what projects a user has access to since there is no way to search the entire hierarchy and you have to go hand by hand, group by group, sub-group by sub-group and project by project.

In this tutorial we will see a simple program in Python to go through this structure listing all the members of each of the nodes (group, sub-group and project), so that we can then do simple text searches on this list .

2. Environment

The tutorial is written using the following environment:

  • Hardware: Notebook MacBook Pro 15 “(3.1 GHz Intel Core i7, 16GB 2133 Mhz LPDDR3, 500GB Flash Storage).
  • Operating System: macOS High Sierra 10.13.3
  • Python 2.7.14
  • GitLab API v4

3. The code

The complete code with instructions to install and run it can be found here

I also put it below so you can see how simple it is:

# -*- coding: utf-8 -*-

from __future__ import print_function

import sys

import requests

headers = {}
indent = 4

def encode(name):
return name.replace(‘/’, ‘%2F’)

def project_members(project_name, indent_level):
url = ‘https://gitlab.com/api/v4/projects/{}/members’.format(encode(project_name))
response = requests.get(url, headers=headers)

for member in response.json():
print(‘ ‘ * indent * indent_level, ‘member -‘, member[‘id’], ‘-‘, member[‘username’])

def group_members(group_name, indent_level):
url = ‘https://gitlab.com/api/v4/groups/{}/members’.format(encode(group_name))
response = requests.get(url, headers=headers)

for member in response.json():
print(‘ ‘ * indent * indent_level, ‘member -‘, member[‘id’], ‘-‘, member[‘username’])

def group_projects(group_name, indent_level):
url = ‘https://gitlab.com/api/v4/groups/{}/projects’.format(encode(group_name))
response = requests.get(url, headers=headers)

for project in response.json():
print(‘ ‘ * indent * indent_level, ‘project -‘, project[‘id’], ‘-‘, project[‘name’], ‘-‘, project[‘visibility’])
project_members(project[‘path_with_namespace’], indent_level + 1)

def navigate_subgroups(group_name, indent_level):
group_members(group_name, indent_level)
group_projects(group_name, indent_level)

url = ‘https://gitlab.com/api/v4/groups/{}/subgroups’.format(encode(group_name))
response = requests.get(url, headers=headers)

for subgroup in response.json():
print(‘ ‘ * indent * indent_level, ‘subgroup -‘, subgroup[‘id’], ‘-‘, subgroup[‘full_path’])
navigate_subgroups(subgroup[‘full_path’], indent_level + 1)

if __name__ == ‘__main__’:
token = sys.argv[1]
root_group = sys.argv[2]

headers[‘Private-Token’] = token

print(‘root group -‘, root_group)
navigate_subgroups(root_group, 1)

The code basically what is done is to call different endpoints of the GitLab API recursively to get information about sub-groups, projects and members of each.

4. How to use it

I used a Python virtual env to isolate the project and not alter your operating system. To create this virtual env and its dependencies, simply execute:

Now to execute our program we can do:

As we can see, we pass it as our first argument

(I’ll discuss how to get one later), and as a second argument, the name of the group from which we want to obtain the entire list of members.

For example for the following structure:

organization
John
Laura
sub-group
Sara
Marco
project-1
Pietro
Berta

we will obtain an output of the style:

5. GitLab personal-access-token

In order to access the GitLab API we need some credentials, and that is precisely the

, a chain that identifies us in a unique way so that GitLab knows that we are the ones making the calls to the API.

To obtain a token of this type we can do it from the configuration of our profile: https://gitlab.com/profile/personal_access_tokens .

6. Conclusions

Currently it is rare that an application does not provide an API to access its functionality, so in cases where the user interface falls short is convenient to explore a bit because, as in this case, with a few lines we can solve our problem .

7. About the author

Alejandro Pérez García ( @alejandropgarci )

Computer Engineer (specialty of Software Engineering) and Certified ScrumMaster

Founding partner of Autentia Real Business Solutions SL – “Development Support”

Founding partner of ThE Audience Megaphone System, SL – TEAMS – “All the potential of your influence groups at your reach”

The post How to manage GitLab users in a hierarchy of groups, sub-groups and projects appeared first on Target Veb.



This post first appeared on Targetveb, please read the originial post: here

Share the post

How to manage GitLab users in a hierarchy of groups, sub-groups and projects

×

Subscribe to Targetveb

Get updates delivered right to your inbox!

Thank you for your subscription

×