The Canarys User Validate is an Azure DevOps Extension crafted to validate users’ actions. Its primary objective is to ensure that work items can only be edited by the individuals assigned to them or those who created them, thus preventing unauthorized users from making updates and saving work items.
How It Works:
Within Azure DevOps, whenever a user attempts to open or modify a field within a work item, this extension scrutinizes the user’s credentials. It assesses whether the current user possesses the requisite permissions to make changes to the work item, determining this by checking if the user is either assigned to the work item or is its creator. Based on this assessment, the extension either grants or restricts the user’s ability to save the work item.
If the user lacks both assignment and creation privileges for the work item, the extension takes proactive measures. It disables the save button and displays a clear error message, informing the user that they lack authorization to edit the work item. This is illustrated in the figure.
Conversely, if the user is indeed assigned to or has created the work item, the extension promptly removes any existing errors and re-enables the save button.
In the GIF above, if a user attempts to open a work item that they neither created nor were assigned to, an error message appears, stating “You are not authorized to edit this work item.” Additionally, the save button is disabled. Conversely, if the user is authorized, the error message vanishes, and the save button becomes active.
The tool actively functions when work items are loaded, reset, updated, refreshed, or saved.
How to Set Up:
Step 1: Navigate to the Visual Marketplace.
Step 2: In the search bar, type “Canarys User Validate.”
Step 4: Click on the “Get it free” button.
Step 5: Select the organization where you want this extension to be installed.
Step 6: Click on the “Install” button.
The Canarys User Validate extension plays a crucial role in maintaining the integrity of work items within Azure DevOps. By enforcing stringent access controls, it ensures that only authorized individuals can modify and save work items, contributing to a more secure and organized project management process.