public void Handler_SearchTestsSuccess()
{
Dictionary <string, string> parameters = new Dictionary <string, string>();
// Create Objects To Search
UserPrincipal up1 = Utility.CreateUser(workspaceName);
UserPrincipal up2 = Utility.CreateUser(workspaceName);
UserPrincipal up3 = Utility.CreateUser(workspaceName);
UserPrincipal up4 = Utility.CreateUser(workspaceName);
GroupPrincipal gp1 = Utility.CreateGroup(workspaceName);
GroupPrincipal gp2 = Utility.CreateGroup(workspaceName);
// Search For Users
Console.WriteLine($"Searching For All Users In : [{workspaceName}]");
parameters.Clear();
parameters.Add("searchbase", workspaceName);
parameters.Add("filter", "(objectClass=User)");
parameters.Add("attributes", @"[ ""objectGUID"", ""objectSid"" ]");
ActiveDirectoryHandlerResults result = Utility.CallPlan("Search", parameters);
Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(4));
// Search For Groups
Console.WriteLine($"Searching For All Groups In : [{workspaceName}]");
parameters.Clear();
parameters.Add("searchbase", workspaceName);
parameters.Add("filter", "(objectClass=Group)");
parameters.Add("attributes", @"[ ""objectGUID"", ""objectSid"" ]");
result = Utility.CallPlan("Search", parameters);
Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(2));
// Check Group Membership (GetAllGroups)
DirectoryServices.AddGroupToGroup(gp1.DistinguishedName, gp2.DistinguishedName);
DirectoryServices.AddUserToGroup(up1.DistinguishedName, gp1.DistinguishedName);
Console.WriteLine($"Searching For All Groups For User : [{up1.DistinguishedName}]");
parameters.Clear();
parameters.Add("distinguishedname", up1.DistinguishedName);
result = Utility.CallPlan("GetAllGroups", parameters);
Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(3));
// Delete Search Objects
Utility.DeleteUser(up1.DistinguishedName);
Utility.DeleteUser(up2.DistinguishedName);
Utility.DeleteUser(up3.DistinguishedName);
Utility.DeleteUser(up4.DistinguishedName);
Utility.DeleteGroup(gp1.DistinguishedName);
Utility.DeleteGroup(gp2.DistinguishedName);
}
public void Core_AddUserToNonExistantGroup()
{
// Get Group That Does Not Exist
String groupName = $"testgroup_{Utility.GenerateToken( 8 )}";
String groupDistinguishedName = $"OU={groupName},{workspaceName}";
UserPrincipal up = Utility.CreateUser(workspaceName);
Console.WriteLine($"Adding User [{up.DistinguishedName}] To Group [{groupDistinguishedName}] Which Should Not Exist.");
AdException ex = Assert.Throws <AdException>(() => DirectoryServices.AddUserToGroup(up.DistinguishedName, groupDistinguishedName));
Console.WriteLine($"Exception Message : {ex.Message}");
Assert.That(ex.Message, Contains.Substring("cannot be found"));
Utility.DeleteUser(up.DistinguishedName);
}
public void Core_GroupManagementTestSuccess()
{
// Add User To Group
UserPrincipal user = Utility.CreateUser(workspaceName);
UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
int beforeCount = upo.Groups.Count;
Console.WriteLine($"Adding User [{user.Name}] To Group [{group.Name}].");
DirectoryServices.AddUserToGroup(user.DistinguishedName, group.DistinguishedName);
upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
int afterCount = upo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount + 1));
// Remove User From Group
beforeCount = afterCount;
Console.WriteLine($"Removing User [{user.Name}] From Group [{group.Name}].");
DirectoryServices.RemoveUserFromGroup(user.DistinguishedName, group.DistinguishedName);
upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
afterCount = upo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount - 1));
// Delete User
Utility.DeleteUser(user.DistinguishedName);
// Add Group To Group
GroupPrincipal newGroup = Utility.CreateGroup(workspaceName);
GroupPrincipalObject gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
beforeCount = gpo.Groups.Count;
Console.WriteLine($"Adding Group [{newGroup.Name}] To Group [{group.Name}].");
DirectoryServices.AddGroupToGroup(newGroup.DistinguishedName, group.DistinguishedName);
gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
afterCount = gpo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount + 1));
// Remove Group From Group
beforeCount = afterCount;
Console.WriteLine($"Removing Group [{newGroup.Name}] From Group [{group.Name}].");
DirectoryServices.RemoveGroupFromGroup(newGroup.DistinguishedName, group.DistinguishedName);
gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
afterCount = gpo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount - 1));
// Delete Groups
Utility.DeleteGroup(newGroup.DistinguishedName);
}
private void ProcessAddRequests(GroupMembershipRequest parms, bool isDryRun)
{
string message;
int addSectionCount = 0;
int addGroupCount = 0;
int addUserCount = 0;
if (parms?.AddSection != null)
{
foreach (AddSection addSection in parms.AddSection)
{
addSectionCount++;
foreach (string group in addSection.Groups)
{
addGroupCount++;
foreach (string user in addSection.Users)
{
addUserCount++;
message = $"Executing add request [{addSectionCount}/{addGroupCount}/{addUserCount}]"
+ (isDryRun ? " in dry run mode..." : "...");
UpdateProgress(message);
OnLogMessage(_context, $"Domain: {addSection.Domain}, Group: {group}, User: {user}");
try
{
if (!IsValidDomain(addSection.Domain))
{
throw new Exception("Domain specified is not valid.");
}
DirectoryServices.AddUserToGroup(user, group, isDryRun, addSection.Domain);
Result r = new Result()
{
Domain = addSection.Domain,
User = user,
Group = group,
Action = "add",
ExitCode = 0,
Note = isDryRun ? "Dry run has been completed." : "User has been successfully added to the group."
};
_response.Results.Add(r);
message = $"Processed add request [{addSectionCount}/{addGroupCount}/{addUserCount}].";
UpdateProgress(message);
}
catch (Exception ex)
{
Result r = new Result()
{
Domain = addSection.Domain,
User = user,
Group = group,
Action = "add",
ExitCode = -1,
Note = ex.Message
};
_response.Results.Add(r);
_encounteredFailure = true;
message = $"Encountered error while processing add request [{addSectionCount}/{addGroupCount}/{addUserCount}].";
UpdateProgress(message);
}
}
addUserCount = 0;
}
addGroupCount = 0;
}
}
else
{
message = "No add section is found from the incoming request.";
UpdateProgress(message);
}
}
private void AddToGroup(ActiveDirectoryObjectResult result, AdObject obj, bool returnObject = true)
{
ActiveDirectoryStatus status = new ActiveDirectoryStatus()
{
Action = ActionType.AddToGroup,
Status = AdStatusType.Success,
Message = "Success",
};
try
{
switch (obj.Type)
{
case AdObjectType.User:
AdUser user = (AdUser)obj;
if (user.Groups != null)
{
foreach (string userGroup in user.Groups)
{
try
{
roleManager.CanPerformActionOrException(requestUser, ActionType.AddToGroup, userGroup);
DirectoryServices.AddUserToGroup(user.Identity, userGroup, isDryRun);
String userMessage = $"{obj.Type} [{user.Identity}] Added To Group [{userGroup}].";
OnLogMessage("ProcessGroupAdd", userMessage);
status.Message = userMessage;
result.Statuses.Add(new ActiveDirectoryStatus(status));
}
catch (AdException ldeUserEx)
{
ProcessActiveDirectoryException(result, ldeUserEx, status.Action);
}
}
}
break;
case AdObjectType.Group:
AdGroup group = (AdGroup)obj;
if (group.Groups != null)
{
foreach (string groupGroup in group.Groups)
{
try
{
roleManager.CanPerformActionOrException(requestUser, ActionType.AddToGroup, groupGroup);
DirectoryServices.AddGroupToGroup(group.Identity, groupGroup, isDryRun);
String groupMessage = $"{obj.Type} [{group.Identity}] Added To Group [{groupGroup}].";
OnLogMessage("ProcessGroupAdd", groupMessage);
status.Message = groupMessage;
result.Statuses.Add(new ActiveDirectoryStatus(status));
}
catch (AdException ldeGroupEx)
{
ProcessActiveDirectoryException(result, ldeGroupEx, status.Action);
}
}
}
break;
default:
throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported);
}
if (returnObject)
{
GetObject(result, obj, true, false);
}
}
catch (AdException ex)
{
ProcessActiveDirectoryException(result, ex, status.Action);
}
catch (Exception e)
{
OnLogMessage("ProcessGroupAdd", e.Message);
OnLogMessage("ProcessGroupAdd", e.StackTrace);
AdException le = new AdException(e);
ProcessActiveDirectoryException(result, le, status.Action);
}
}
