internal SqlServerData(ResourceIdentifier id, string name, ResourceType type, IDictionary <string, string> tags, Location location, Models.ResourceIdentity identity, string kind, string administratorLogin, string administratorLoginPassword, string version, string state, string fullyQualifiedDomainName, IReadOnlyList <ServerPrivateEndpointConnection> privateEndpointConnections, string minimalTlsVersion, ServerNetworkAccessFlag?publicNetworkAccess, ServerWorkspaceFeature?workspaceFeature, string primaryUserAssignedIdentityId, Guid?federatedClientId, string keyId, ServerExternalAdministrator administrators, ServerNetworkAccessFlag?restrictOutboundNetworkAccess) : base(id, name, type, tags, location)
{
Identity = identity;
Kind = kind;
AdministratorLogin = administratorLogin;
AdministratorLoginPassword = administratorLoginPassword;
Version = version;
State = state;
FullyQualifiedDomainName = fullyQualifiedDomainName;
PrivateEndpointConnections = privateEndpointConnections;
MinimalTlsVersion = minimalTlsVersion;
PublicNetworkAccess = publicNetworkAccess;
WorkspaceFeature = workspaceFeature;
PrimaryUserAssignedIdentityId = primaryUserAssignedIdentityId;
FederatedClientId = federatedClientId;
KeyId = keyId;
Administrators = administrators;
RestrictOutboundNetworkAccess = restrictOutboundNetworkAccess;
}
internal static SqlServerData DeserializeSqlServerData(JsonElement element)
{
Optional <ManagedServiceIdentity> identity = default;
Optional <string> kind = default;
IDictionary <string, string> tags = default;
AzureLocation location = default;
ResourceIdentifier id = default;
string name = default;
ResourceType type = default;
SystemData systemData = default;
Optional <string> administratorLogin = default;
Optional <string> administratorLoginPassword = default;
Optional <string> version = default;
Optional <string> state = default;
Optional <string> fullyQualifiedDomainName = default;
Optional <IReadOnlyList <ServerPrivateEndpointConnection> > privateEndpointConnections = default;
Optional <string> minimalTlsVersion = default;
Optional <ServerNetworkAccessFlag> publicNetworkAccess = default;
Optional <ServerWorkspaceFeature> workspaceFeature = default;
Optional <string> primaryUserAssignedIdentityId = default;
Optional <Guid> federatedClientId = default;
Optional <string> keyId = default;
Optional <ServerExternalAdministrator> administrators = default;
Optional <ServerNetworkAccessFlag> restrictOutboundNetworkAccess = default;
foreach (var property in element.EnumerateObject())
{
if (property.NameEquals("identity"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
var serializeOptions = new JsonSerializerOptions {
Converters = { new ManagedServiceIdentityTypeV3Converter() }
};
identity = JsonSerializer.Deserialize <ManagedServiceIdentity>(property.Value.ToString(), serializeOptions);
continue;
}
if (property.NameEquals("kind"))
{
kind = property.Value.GetString();
continue;
}
if (property.NameEquals("tags"))
{
Dictionary <string, string> dictionary = new Dictionary <string, string>();
foreach (var property0 in property.Value.EnumerateObject())
{
dictionary.Add(property0.Name, property0.Value.GetString());
}
tags = dictionary;
continue;
}
if (property.NameEquals("location"))
{
location = new AzureLocation(property.Value.GetString());
continue;
}
if (property.NameEquals("id"))
{
id = new ResourceIdentifier(property.Value.GetString());
continue;
}
if (property.NameEquals("name"))
{
name = property.Value.GetString();
continue;
}
if (property.NameEquals("type"))
{
type = new ResourceType(property.Value.GetString());
continue;
}
if (property.NameEquals("systemData"))
{
systemData = JsonSerializer.Deserialize <SystemData>(property.Value.ToString());
continue;
}
if (property.NameEquals("properties"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
foreach (var property0 in property.Value.EnumerateObject())
{
if (property0.NameEquals("administratorLogin"))
{
administratorLogin = property0.Value.GetString();
continue;
}
if (property0.NameEquals("administratorLoginPassword"))
{
administratorLoginPassword = property0.Value.GetString();
continue;
}
if (property0.NameEquals("version"))
{
version = property0.Value.GetString();
continue;
}
if (property0.NameEquals("state"))
{
state = property0.Value.GetString();
continue;
}
if (property0.NameEquals("fullyQualifiedDomainName"))
{
fullyQualifiedDomainName = property0.Value.GetString();
continue;
}
if (property0.NameEquals("privateEndpointConnections"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
List <ServerPrivateEndpointConnection> array = new List <ServerPrivateEndpointConnection>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(ServerPrivateEndpointConnection.DeserializeServerPrivateEndpointConnection(item));
}
privateEndpointConnections = array;
continue;
}
if (property0.NameEquals("minimalTlsVersion"))
{
minimalTlsVersion = property0.Value.GetString();
continue;
}
if (property0.NameEquals("publicNetworkAccess"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
publicNetworkAccess = new ServerNetworkAccessFlag(property0.Value.GetString());
continue;
}
if (property0.NameEquals("workspaceFeature"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
workspaceFeature = new ServerWorkspaceFeature(property0.Value.GetString());
continue;
}
if (property0.NameEquals("primaryUserAssignedIdentityId"))
{
primaryUserAssignedIdentityId = property0.Value.GetString();
continue;
}
if (property0.NameEquals("federatedClientId"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
federatedClientId = property0.Value.GetGuid();
continue;
}
if (property0.NameEquals("keyId"))
{
keyId = property0.Value.GetString();
continue;
}
if (property0.NameEquals("administrators"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
administrators = ServerExternalAdministrator.DeserializeServerExternalAdministrator(property0.Value);
continue;
}
if (property0.NameEquals("restrictOutboundNetworkAccess"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
restrictOutboundNetworkAccess = new ServerNetworkAccessFlag(property0.Value.GetString());
continue;
}
}
continue;
}
}
return(new SqlServerData(id, name, type, systemData, tags, location, identity, kind.Value, administratorLogin.Value, administratorLoginPassword.Value, version.Value, state.Value, fullyQualifiedDomainName.Value, Optional.ToList(privateEndpointConnections), minimalTlsVersion.Value, Optional.ToNullable(publicNetworkAccess), Optional.ToNullable(workspaceFeature), primaryUserAssignedIdentityId.Value, Optional.ToNullable(federatedClientId), keyId.Value, administrators.Value, Optional.ToNullable(restrictOutboundNetworkAccess)));
}
/// <summary>
/// Verifies that the Azure Active Directory user or group exists, and will get the object id if it is not set.
/// </summary>
/// <param name="displayName">Azure Active Directory user or group display name</param>
/// <param name="objectId">Azure Active Directory user or group object id</param>
/// <returns></returns>
protected ServerExternalAdministrator GetActiveDirectoryInformation(ServerExternalAdministrator input)
{
if (input == null || string.IsNullOrEmpty(input.Login))
{
return(null);
}
Guid? objectId = input.Sid;
string displayName = input.Login;
bool? adOnlyAuth = input.AzureADOnlyAuthentication;
// Gets the default Tenant id for the subscriptions
Guid tenantId = GetTenantId();
// Check for a Azure Active Directory group. Recommended to always use group.
IEnumerable <PSADGroup> groupList = null;
PSADGroup group = null;
var filter = new ADObjectFilterOptions()
{
Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null,
SearchString = displayName,
Paging = true,
};
// Get a list of groups from Azure Active Directory
groupList = ActiveDirectoryClient.FilterGroups(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase));
if (groupList != null && groupList.Count() > 1)
{
// More than one group was found with that display name.
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADGroupMoreThanOneFound, displayName));
}
else if (groupList != null && groupList.Count() == 1)
{
// Only one group was found. Get the group display name and object id
group = groupList.First();
// Only support Security Groups
if (group.SecurityEnabled.HasValue && !group.SecurityEnabled.Value)
{
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.InvalidADGroupNotSecurity, displayName));
}
}
// Lookup for serviceprincipals
ODataQuery <ServicePrincipal> odataQueryFilter;
if ((objectId != null && objectId != Guid.Empty))
{
var applicationIdString = objectId.ToString();
odataQueryFilter = new Rest.Azure.OData.ODataQuery <ServicePrincipal>(a => a.AppId == applicationIdString);
}
else
{
odataQueryFilter = new Rest.Azure.OData.ODataQuery <ServicePrincipal>(a => a.DisplayName == displayName);
}
var servicePrincipalList = ActiveDirectoryClient.FilterServicePrincipals(odataQueryFilter);
if (servicePrincipalList != null && servicePrincipalList.Count() > 1)
{
// More than one service principal was found.
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADApplicationMoreThanOneFound, displayName));
}
else if (servicePrincipalList != null && servicePrincipalList.Count() == 1)
{
// Only one user was found. Get the user display name and object id
PSADServicePrincipal app = servicePrincipalList.First();
if (displayName != null && string.CompareOrdinal(displayName, app.DisplayName) != 0)
{
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADApplicationDisplayNameMismatch, displayName, app.DisplayName));
}
if (group != null)
{
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADDuplicateGroupAndApplicationFound, displayName));
}
return(new ServerExternalAdministrator()
{
Login = displayName,
Sid = app.ApplicationId,
TenantId = tenantId,
PrincipalType = "Application",
AzureADOnlyAuthentication = adOnlyAuth
});
}
if (group != null)
{
return(new ServerExternalAdministrator()
{
Login = group.DisplayName,
Sid = group.Id,
TenantId = tenantId,
PrincipalType = "Group",
AzureADOnlyAuthentication = adOnlyAuth
});
}
// No group or service principal was found. Check for a user
filter = new ADObjectFilterOptions()
{
Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null,
SearchString = displayName,
Paging = true,
};
// Get a list of user from Azure Active Directory
var userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase));
// No user was found. Check if the display name is a UPN
if (userList == null || userList.Count() == 0)
{
// Check if the display name is the UPN
filter = new ADObjectFilterOptions()
{
Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null,
UPN = displayName,
Paging = true,
};
userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.UserPrincipalName, displayName, StringComparison.OrdinalIgnoreCase));
}
// No user was found. Check if the display name is a guest user.
if (userList == null || userList.Count() == 0)
{
// Check if the display name is the UPN
filter = new ADObjectFilterOptions()
{
Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null,
Mail = displayName,
Paging = true,
};
userList = ActiveDirectoryClient.FilterUsers(filter);
}
// No user was found
if (userList == null || userList.Count() == 0)
{
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADObjectNotFound, displayName));
}
else if (userList.Count() > 1)
{
// More than one user was found.
throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADUserMoreThanOneFound, displayName));
}
else
{
// Only one user was found. Get the user display name and object id
var obj = userList.First();
return(new ServerExternalAdministrator()
{
Login = displayName,
Sid = obj.Id,
TenantId = tenantId,
PrincipalType = "User",
AzureADOnlyAuthentication = adOnlyAuth
});
}
}
