/// <summary>
/// Checks to see if the user is in the cache. If so then
/// validates the date. User will be filtered out if the changed
/// by
/// </summary>
/// <param name="userToFilter">Reference to the user to check.</param>
/// <param name="jobConfig">The current job configuration.</param>
/// <returns></returns>
public ActiveDirectoryUser Execute(ActiveDirectoryUser userToFilter, JobElement jobConfig)
{
if (_cacheService == null)
{
_cacheService = CacheServiceFactory.CreateCacheService(Logger, jobConfig.Name);
}
var cacheKey = userToFilter.Attributes["distinguishedName"].ToString();
var currentUserHash = BuildUserCacheHashValue(userToFilter);
if (!_cacheService.ContainsKey(cacheKey))
{
// add the value to the cache
_cacheService.Add(cacheKey, currentUserHash);
// user is not in the cache...allow through
return(userToFilter);
}
// create a json version of the user and compare to the cached value
// if they are not the same then the user has been updated
var cachedUserHash = _cacheService.GetValue(cacheKey);
if (!currentUserHash.Equals(cachedUserHash, StringComparison.InvariantCulture))
{
// update the cache entry
_cacheService.Add(cacheKey, currentUserHash);
return(userToFilter);
}
return(null);
}
public void TestUserCacheFilter()
{
var logger = LogManager.CreateNullLogger();
var cacheSvcFactory = new CacheServiceFactory();
var cacheFilter = new UserCacheFilter(logger, cacheSvcFactory);
// create the test user
var testUser = new ActiveDirectoryUser();
testUser.Attributes[ActiveDirectoryService.AttributeWhenChanged] = DateTime.Now;
testUser.Attributes[ActiveDirectoryService.AttributeDistinguishedName] = "cn=Thomas";
var job = new JobElement
{
Name = "TestJob"
};
var cachedCheckedUser = cacheFilter.Execute(testUser, job);
Assert.IsNotNull(cachedCheckedUser);
// clean up the cache filter...this will cause the cache
// entries to be persisted to disk
((IDisposable)cacheFilter).Dispose();
// validate that the cache entry is present
// by trying to filter the user again
cacheFilter = new UserCacheFilter(logger, cacheSvcFactory);
cachedCheckedUser = cacheFilter.Execute(testUser, job);
Assert.IsNull(cachedCheckedUser);
}
/// <summary>
/// Opens the stream for writing.
/// </summary>
/// <param name="jobConfig">The current job configuration</param>
/// <param name="streamConfig">The current stream configuration</param>
public void Open(JobElement jobConfig, StreamElement streamConfig)
{
JobConfig = jobConfig;
var csvPath = streamConfig.Settings["path"];
CsvFile = new StreamWriter(new FileStream(csvPath, FileMode.Create, FileAccess.Write));
// write the header labels row
var first = true;
foreach (AttributeElement attrib in jobConfig.Attributes)
{
if (!first)
{
CsvFile.Write(",\"{0}\"", attrib.Name);
}
else
{
first = false;
CsvFile.Write("\"{0}\"", attrib.Name);
}
}
CsvFile.Flush();
}
/// <summary>
/// Builds the root entry used to anchor the search.
/// </summary>
/// <param name="jobConfig">The current job configuration.</param>
/// <returns>The configured directory entry</returns>
private DirectoryEntry BuildRootDirectoryEntry(JobElement jobConfig)
{
// anchor the search at the specified domain / ou
if (string.IsNullOrEmpty(jobConfig.Domain))
{
throw new ArgumentException(ResourceManager.GetString("ErrorMissingDomain", jobConfig.Name));
}
var baseAddress = GetBaseLdapAddress(jobConfig.Domain, jobConfig.Ou);
var userName = jobConfig.Username;
var password = jobConfig.Password;
DirectoryEntry entry;
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password))
{
entry = new DirectoryEntry(baseAddress, userName, password);
}
else
{
entry = new DirectoryEntry(baseAddress);
}
Logger.Info("Connecting to {0}", baseAddress);
return(entry);
}
public ActiveDirectorySyncJob(ILogger logger,
JobElement jobConfig,
IActiveDirectoryService activeDirectoryService,
IOutputStreamFactory outputStreamFactory) : base(logger, jobConfig)
{
ActiveDirectoryService = activeDirectoryService;
OutputStreamFactory = outputStreamFactory;
}
public bool GetItemElement(int itemLogicID, out JobElement itemElement)
{
itemElement = null;
if (!_mItemElementList.TryGetValue(itemLogicID, out itemElement))
{
return(false);
}
return(true);
}
public static string GetJobType(JobElement job)
{
foreach (JobTypeElement jt in InstanceConfig.CurrentInstance.JobTypeList)
{
if (jt.Name == job.Implementation.Name)
{
return(jt.Type);
}
}
return(null);
}
/// <summary>
/// This filter reads a value from the search result
/// </summary>
/// <param name="currentValue">The current result value</param>
/// <param name="result">The ldap result</param>
/// <param name="jobElement">The configuration job element</param>
/// <param name="attrib">The current attribute element</param>
/// <returns></returns>
public object Execute(object currentValue, SearchResult result, JobElement jobElement, AttributeElement attrib)
{
if (currentValue == null)
{
return(true);
}
var uacFlags = (int)currentValue;
return(!Convert.ToBoolean(uacFlags & 0x0002));
}
/// <summary>
/// This filter reads a value from the search result
/// </summary>
/// <param name="currentValue">The current result value</param>
/// <param name="result">The ldap result</param>
/// <param name="jobElement">The configuration job element</param>
/// <param name="attrib">The current attribute element</param>
/// <returns></returns>
public object Execute(object currentValue, SearchResult result, JobElement jobElement, AttributeElement attrib)
{
var propValues = result.Properties[attrib.Name];
if (propValues != null && propValues.Count > 0)
{
return(propValues[0]);
}
return(null);
}
public IOutputStream CreateOutputStream(JobElement jobConfig, StreamElement streamConfig)
{
var container = ContainerFactory.GetContainer();
// get a reference to the stream object
var stream = container.GetInstance <IOutputStream>(streamConfig.Name);
// open the stream for writting
stream.Open(jobConfig, streamConfig);
return(stream);
}
public static JobArgumentCollection GetJobArgumentCollection(JobElement job)
{
JobArgumentCollection c = new JobArgumentCollection();
// Add job name always
c.Add("Job", job.Name + '@' + InstanceConfig.CurrentInstance.SystemId);
foreach (ParameterElement p in job.Implementation)
{
c.Add(p.Name, p.Value);
}
return(c);
}
/// <summary>
/// Builds the active directory user based on the supplied result and job configuration.
/// </summary>
/// <param name="result">The LDAP search result.</param>
/// <param name="jobConfig">The current job configuration.</param>
/// <returns>Populated active directory user.</returns>
public ActiveDirectoryUser BuildActiveDirectoryUser(SearchResult result,
JobElement jobConfig,
Dictionary <string, IAttributeFilter> attribFilters)
{
var user = new ActiveDirectoryUser();
foreach (AttributeElement attrib in jobConfig.Attributes)
{
var attribName = string.IsNullOrEmpty(attrib.Alias) ? attrib.Name : attrib.Alias;
user.Attributes[attribName] = ProcessAttribute(result, jobConfig, attrib, attribFilters);
}
return(user);
}
public void TestActiveDirectorySyncJob()
{
var job = new JobElement();
job.Attributes.Add("sAMAccountName");
job.Attributes.Add("manager");
job.Attributes.Add("department");
job.Attributes.Add("givenName");
job.Attributes.Add("sn");
// job has to have at least one output stream
job.OutputStreams.Add("Logger");
var adUser = new ActiveDirectoryUser();
adUser.Attributes["sAMAccountName"] = "leetho0";
adUser.Attributes["manager"] = "Mike Gilbert";
adUser.Attributes["department"] = "development";
adUser.Attributes["givenName"] = "Thomas";
adUser.Attributes["sn"] = "Lee";
var activeDirectoryServiceMock = new Mock <IActiveDirectoryService>();
activeDirectoryServiceMock.Setup(service => service.GetActiveDirectoryUsers(job))
.Returns(new List <ActiveDirectoryUser> {
adUser
});
var container = ContainerFactory.GetContainer();
container.Configure(c => c.For <IActiveDirectoryService>().Use(() => activeDirectoryServiceMock.Object));
//container.Configure(c => c.For<ISftpService>().Use(() => sftpServiceMock.Object));
var waitEvent = new ManualResetEvent(false);
using (var activeDirectoryJob = container.With("jobConfig").EqualTo(job)
.GetInstance <ISyncJob>("ActiveDirectory"))
{
activeDirectoryJob.Callback = j => { waitEvent.Set(); };
activeDirectoryJob.Start();
var handles = new[] { waitEvent };
WaitHandle.WaitAll(handles);
// clean up the job
activeDirectoryJob.Stop();
}
}
/// <summary>
/// Opens the stream for writing
/// </summary>
/// <param name="jobConfig">The current job configuration</param>
/// <param name="streamConfig">The current stream configuration</param>
public void Open(JobElement jobConfig, StreamElement streamConfig)
{
JobConfig = jobConfig;
StreamConfig = streamConfig;
// build the time name based on
var safeJobName = GetSafeFileName(JobConfig.Name);
FileName = $"{Path.GetTempPath()}{safeJobName}";
// open a temp file to stream the user data
Logger.Debug("Writting users to file: \"{0}\"", FileName);
DataStream = new StreamWriter(FileName);
DataStream.WriteLine("{\n\"users\":[");
}
public void TestUserGroupFilterNoMatch()
{
var user = new ActiveDirectoryUser();
var groups = new Dictionary <string, string>();
user.Attributes["memberOf"] = groups;
var jobElement = new JobElement();
jobElement.Groups.Add("NotFound");
var filter = new UserGroupFilter();
var filteredUser = filter.Execute(user, jobElement);
Assert.IsNull(filteredUser);
}
public void TestUacFilterNullValue()
{
var filter = new UacAttributeFilter();
var job = new JobElement();
var attrib = new AttributeElement();
var searchResult = SearchResultFactory.Construct(new
{
userAccountControl = 0
});
var result = (bool)filter.Execute(null, searchResult, job, attrib);
Assert.IsTrue(result);
}
public void TestUacFilterIsInactive()
{
var filter = new UacAttributeFilter();
var job = new JobElement();
var attrib = new AttributeElement();
var searchResult = SearchResultFactory.Construct(new
{
userAccountControl = 0
});
const int currentValue = 0x0002;
var result = (bool)filter.Execute(currentValue, searchResult, job, attrib);
Assert.IsFalse(result);
}
public void TestFilterNoSetting()
{
var user = new ActiveDirectoryUser();
var groups = new Dictionary <string, string>
{
{ "TestGroup", "TestGroup" }
};
user.Attributes["memberOf"] = groups;
var jobElement = new JobElement();
//jobElement.FilterGroupPrefix = "";
var filter = new UserGroupFilter();
var filteredUser = filter.Execute(user, jobElement);
Assert.IsNotNull(filteredUser);
}
/// <summary>
/// This filter reads a value from the search result
/// </summary>
/// <param name="currentValue">The current result value</param>
/// <param name="result">The ldap result</param>
/// <param name="jobElement">The configuration job element</param>
/// <param name="attrib">The current attribute element</param>
/// <returns></returns>
public object Execute(object currentValue, SearchResult result, JobElement jobElement, AttributeElement attrib)
{
const string propName = "distinguishedName";
if (!result.Properties.Contains(propName))
{
return(null);
}
var propValues = result.Properties[propName];
if (propValues != null && propValues.Count > 0)
{
var dn = new DistinguishedName(propValues[0].ToString());
return(dn.DomainComponents.Count > 0 ? dn.DomainComponents[0] : null);
}
return(null);
}
public ActiveDirectoryUser Execute(ActiveDirectoryUser user, JobElement jobConfig)
{
if (jobConfig.Groups.Count == 0 ||
!user.Attributes.ContainsKey("memberOf") ||
!(user.Attributes["memberOf"] is SortedList <string, string>))
{
return(user);
}
// since the "allowedGroups" are present, the user is allowed if
// it has at least one group in the list
var groups = (SortedList <string, string>)user.Attributes["memberOf"];
if (groups.Count > 0)
{
return(user);
}
return(null);
}
public object Execute(object currentValue, SearchResult result, JobElement jobConfig, AttributeElement attrib)
{
// build the list of allowed groups...if populated
// then the group will only be included if it matches
// one of the allowed group names
var groups = new SortedList <string, string>();
var groupSet = new HashSet <string>();
foreach (GroupElement group in jobConfig.Groups)
{
groupSet.Add(group.Name);
}
// get the current member values
var props = result.Properties[attrib.Name];
if (props == null)
{
return(null);
}
foreach (string dn in props)
{
var group = new DistinguishedName(dn);
// check to see if the group is in the allowed list
// or if the list is empty then allow the group
var groupName = string.IsNullOrWhiteSpace(jobConfig.RemoveGroupPrefix) ?
group.CommonName :
group.CommonName.Replace(jobConfig.RemoveGroupPrefix, string.Empty);
if (groupSet.Count == 0 || groupSet.Contains(groupName))
{
groups[dn] = groupName;
}
}
return(groups);
}
public void TestGroupFilterWithPrefix()
{
var result = SearchResultFactory.Construct(new
{
sAMAccountName = "leetho0",
manager = "Mike Gilbert",
department = "development",
givenName = "Thomas",
sn = "Lee",
memberOf = new string[] {
"CN=Administrators,Ou=Groups,Ou=Epublish,DC=saig,DC=frd,DC=global",
"CN=C360-Users,Ou=Groups,Ou=Epublish,DC=saig,DC=frd,DC=global"
}
});
var job = new JobElement();
// list of allowed groups
job.Groups.Add("Users");
// prefix to remove
job.RemoveGroupPrefix = "C360-";
// attributes of the result that should be mapped
job.Attributes.Add("sAMAccountName");
job.Attributes.Add("manager");
job.Attributes.Add("department");
job.Attributes.Add("givenName");
job.Attributes.Add("sn");
var memberOf = job.Attributes.Add("memberOf");
var groupFilter = new GroupsAttributeFilter();
var val = groupFilter.Execute(null, result, job, memberOf);
Assert.True(val is Dictionary <string, string>);
var groups = (Dictionary <string, string>)val;
Assert.AreEqual("Users", groups["CN=C360-Users,Ou=Groups,Ou=Epublish,DC=saig,DC=frd,DC=global"]);
}
/// <summary>
/// Opens the stream for writing
/// </summary>
/// <param name="jobConfig">The current job configuration.</param>
/// <param name="streamConfig">The stream configuration.</param>
public void Open(JobElement jobConfig, StreamElement streamConfig)
{
JobConfig = jobConfig;
StreamConfig = streamConfig;
// get the login interval
int loginIntervalMinutes;
if (!int.TryParse(streamConfig.Settings["loginIntervalMinutes"], out loginIntervalMinutes))
{
loginIntervalMinutes = 20;
}
var loginInterval = loginIntervalMinutes * 60 * 1000;
// authenticate with the c360 api
var loginSettings = new LoginSettings
{
BaseAddress = StreamConfig.Settings["baseAddress"],
Organization = StreamConfig.Settings["organization"],
Username = StreamConfig.Settings["username"],
Password = StreamConfig.Settings["password"]
};
Login(loginSettings);
// setup a task to renew the token on a regular interval
// authenticate with the c360 api
_timer = new Timer(Login, loginSettings, loginInterval, loginInterval);
// load the cache services for cached content
EmployeeCache = CacheServiceFactory.CreateCacheService(Logger, "Employee", false);
JobTitleCache = CacheServiceFactory.CreateCacheService(Logger, "JobTitle", false);
DepartmentCache = CacheServiceFactory.CreateCacheService(Logger, "Department", false);
WorkflowCache = CacheServiceFactory.CreateCacheService(Logger, "Workflow", false);
EmployeeGroupCache = CacheServiceFactory.CreateCacheService(Logger, "EmployeeGroup", true);
EmployeeProfileCache = CacheServiceFactory.CreateCacheService(Logger, "EmployeeProfile", false);
DivisionCache = CacheServiceFactory.CreateCacheService(Logger, "Division", false);
}
/// <summary>
/// Processes and attribute and returns its value
/// to be stored in the ActiveDirectory user object
/// </summary>
/// <param name="result">The current result to process.</param>
/// <param name="jobConfig">The current job configuration.</param>
/// <param name="attrib">The attribute to process.</param>
/// <param name="attribFilters">The dictionary of filters</param>
/// <returns></returns>
public object ProcessAttribute(SearchResult result,
JobElement jobConfig,
AttributeElement attrib,
Dictionary <string, IAttributeFilter> attribFilters)
{
var filters = new List <IAttributeFilter>();
if (attrib.IncludeInQuery)
{
filters.Add(GetAttributeFilter(ContainerRegistry.PluginNameReadLdapFilter, attribFilters));
}
attrib.Filter.Split(',').ToList().ForEach(f =>
{
if (!string.IsNullOrWhiteSpace(f))
{
filters.Add(GetAttributeFilter(f.Trim(), attribFilters));
}
});
object currentValue = null;
foreach (var filter in filters)
{
try
{
currentValue = filter.Execute(currentValue, result, jobConfig, attrib);
}
catch (Exception ex)
{
Logger.Error(ex, "Error executing filter {0} for attribute {1}", filter.GetType().FullName,
attrib.Name);
throw;
}
}
return(currentValue);
}
protected SyncJob(ILogger logger, JobElement jobConfig)
{
Logger = logger;
JobConfig = jobConfig;
}
public TestSyncJob(ILogger logger, JobElement jobConfig) : base(logger, jobConfig)
{
}
/// <summary>
/// Opens the stream for writing.
/// </summary>
/// <param name="jobConfig">The current job configuration</param>
/// <param name="streamConfig">The current stream configuration</param>
public void Open(JobElement jobConfig, StreamElement streamConfig)
{
JobConfig = jobConfig;
StreamConfig = streamConfig;
}
private bool LoadItemElement(SecurityElement element, out JobElement itemElement)
{
itemElement = new JobElement();
string attribute = element.Attribute("Job_ID");
if (attribute != null)
{
itemElement.JobID = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Job_Name");
if (attribute != null)
{
itemElement.Job_Name = StrParser.ParseStr(attribute, "");
}
attribute = element.Attribute("Job_Place_ID");
if (attribute != null)
{
itemElement.Job_Place_ID = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Need_Act");
if (attribute != null)
{
itemElement.Need_Act = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Need_Sport");
if (attribute != null)
{
itemElement.Need_Sport = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Need_Knowledge");
if (attribute != null)
{
itemElement.Need_Knowledge = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Need_Deportment");
if (attribute != null)
{
itemElement.Need_Deportment = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Get_Fatigue");
if (attribute != null)
{
itemElement.Get_Fatigue = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Get_Money");
if (attribute != null)
{
itemElement.Get_Money = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Get_Fans");
if (attribute != null)
{
itemElement.Get_Fans = StrParser.ParseDecInt(attribute, -1);
}
attribute = element.Attribute("Weight");
if (attribute != null)
{
itemElement.Weight = StrParser.ParseDecInt(attribute, -1);
}
return(true);
}
/// <summary>
/// Gets the LDAP users based on the job configuration.
/// </summary>
/// <param name="jobConfig">Job configuration</param>
/// <returns>IEnumerable of ActiveDirectoryUser</returns>
public IEnumerable <ActiveDirectoryUser> GetActiveDirectoryUsers(JobElement jobConfig)
{
var attribFilters = new Dictionary <string, IAttributeFilter>();
var userFilters = new List <IUserFilter>
{
UserFilterFactory.CreateUserFilter(ContainerRegistry.PluginNameUserCacheFilter),
UserFilterFactory.CreateUserFilter(ContainerRegistry.PluginNameUserGroupFilter)
};
var entry = BuildRootDirectoryEntry(jobConfig);
// create the query string to find users that
// are not exchange rooms
Logger.Debug("Begining search for users: {0}", jobConfig.LdapQuery);
var search = new DirectorySearcher(entry, jobConfig.LdapQuery);
// once page size is set, all of the users that match the query will
// be return a page at a time. The DirectorySearcher handles the
// return trips to the server to fetch the next page.
search.PageSize = 1000;
// setting this value to true tell the seacher to return
// deleted entries
search.Tombstone = true;
var propertyNames = GetPropertyNamesForJob(jobConfig.Attributes);
search.PropertiesToLoad.AddRange(propertyNames);
using (var results = search.FindAll())
{
foreach (SearchResult result in results)
{
var user = BuildActiveDirectoryUser(result, jobConfig, attribFilters);
string userName = null;
if (Logger.IsDebugEnabled)
{
userName =
$"{user.Attributes["givenName"]} {user.Attributes["sn"]} ({user.Attributes["sAMAccountName"]})";
}
foreach (var filter in userFilters)
{
user = filter.Execute(user, jobConfig);
if (user == null)
{
break;
}
}
if (user != null)
{
Logger.Debug("{0} needs to be processed.", userName);
yield return(user);
}
else
{
Logger.Debug("{0} did not meet the filter criteria or has not changed", userName);
}
}
}
attribFilters.Values.ToList().ForEach(f => (f as IDisposable)?.Dispose());
attribFilters.Clear();
userFilters.ForEach(f => (f as IDisposable)?.Dispose());
userFilters.Clear();
}
