/// <summary>
/// Gets details of a single <see cref="User" /> Graph.
/// </summary>
/// <returns>A view with the details of a single <see cref="User" />.</returns>
public async Task <ActionResult> UserDetails(string objectId)
{
User user = null;
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
user = (User)await client.Users.GetByObjectId(objectId).ExecuteAsync();
}
catch (Exception e)
{
if (Request.QueryString["reauth"] == "True")
{
//
// Send an OpenID Connect sign-in request to get a new set of tokens.
// If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
// The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
//
HttpContext.GetOwinContext()
.Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
//
// The user needs to re-authorize. Show them a message to that effect.
//
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View());
}
return(View(user));
}
/// <summary>
/// Gets a list of <see cref="User" /> objects that are members of this site's group.
/// Notice: They are Azure Directory online <see cref="User" /> data, not <see cref="ADUser" />
/// that stored locally.
/// </summary>
/// <returns>A view with the list of <see cref="User" /> objects.</returns>
public async Task <ActionResult> User()
{
var userList = new List <User>();
string NTI_Staff_GroupID = ConfigurationManager.AppSettings["ida:NTI_Staff_GroupID"];
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
IGroup group = await client.Groups.GetByObjectId(NTI_Staff_GroupID).ExecuteAsync();
IGroupFetcher groupFetcher = group as IGroupFetcher;
IPagedCollection <IDirectoryObject> pagedCollection = await groupFetcher.Members.ExecuteAsync();
if (pagedCollection != null)
{
do
{
List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
foreach (IDirectoryObject directoryObject in directoryObjects)
{
if (directoryObject is User)
{
var user = (User)directoryObject;
userList.Add(user);
}
}
pagedCollection = await pagedCollection.GetNextPageAsync();
} while (pagedCollection != null);
}
}
catch (Exception e)
{
if (Request.QueryString["reauth"] == "True")
{
//
// Send an OpenID Connect sign-in request to get a new set of tokens.
// If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
// The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
//
HttpContext.GetOwinContext()
.Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
//
// The user needs to re-authorize. Show them a message to that effect.
//
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View(userList));
}
return(View(userList));
}
/// <summary>
/// Creates a view to delete an existing <see cref="User" />.
/// </summary>
/// <param name="objectId">Unique identifier of the <see cref="User" />.</param>
/// <returns>A view of the <see cref="User" /> to be deleted.</returns>
public async Task <ActionResult> UserDelete(string objectId)
{
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
var user = (User)await client.Users.GetByObjectId(objectId).ExecuteAsync();
return(View(user));
}
catch (Exception exception)
{
ModelState.AddModelError("", exception.Message);
return(View());
}
}
/// <summary>
/// Gets a list of <see cref="User" /> objects that a given <see cref="User" /> has as a direct report.
/// </summary>
/// <param name="objectId">Unique identifier of the <see cref="User" />.</param>
/// <returns>A view with the list of <see cref="User" /> objects.</returns>
public async Task <ActionResult> UserGetDirectReports(string objectId)
{
List <User> reports = new List <User>();
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
IUser user = await client.Users.GetByObjectId(objectId).ExecuteAsync();
var userFetcher = user as IUserFetcher;
IPagedCollection <IDirectoryObject> directReports = await userFetcher.DirectReports.ExecuteAsync();
do
{
List <IDirectoryObject> directoryObjects = directReports.CurrentPage.ToList();
foreach (IDirectoryObject directoryObject in directoryObjects)
{
if (directoryObject is User)
{
reports.Add((User)directoryObject);
}
}
directReports = await directReports.GetNextPageAsync();
} while (directReports != null);
}
catch (Exception e)
{
if (Request.QueryString["reauth"] == "True")
{
//
// Send an OpenID Connect sign-in request to get a new set of tokens.
// If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
// The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
//
HttpContext.GetOwinContext()
.Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
//
// The user needs to re-authorize. Show them a message to that effect.
//
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View());
}
return(View(reports));
}
public async Task <ActionResult> UserDelete(User user)
{
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
IUser toDelete = await client.Users.GetByObjectId(user.ObjectId).ExecuteAsync();
await toDelete.DeleteAsync();
return(RedirectToAction("User"));
}
catch (Exception exception)
{
ModelState.AddModelError("", exception.Message);
return(View(user));
}
}
public async Task <ActionResult> UserCreate(
[Bind(
Include =
"UserPrincipalName,AccountEnabled,PasswordProfile,MailNickname,DisplayName,GivenName,Surname,JobTitle,Department"
)] User user)
{
ActiveDirectoryClient client = null;
try
{
client = UserProfileController.GetActiveDirectoryClient();
}
catch (Exception e)
{
if (Request.QueryString["reauth"] == "True")
{
//
// Send an OpenID Connect sign-in request to get a new set of tokens.
// If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
// The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
//
HttpContext.GetOwinContext()
.Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
//
// The user needs to re-authorize. Show them a message to that effect.
//
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View());
}
try
{
await client.Users.AddUserAsync(user);
return(RedirectToAction("User"));
}
catch (Exception exception)
{
ModelState.AddModelError("", exception.Message);
return(View());
}
}
public async Task <ActionResult> UserEdit(
User user, FormCollection values)
{
try
{
ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
string userId = RouteData.Values["id"].ToString();
IUser toUpdate = await client.Users.GetByObjectId(userId).ExecuteAsync();
await toUpdate.UpdateAsync();
return(RedirectToAction("User"));
}
catch (Exception exception)
{
ModelState.AddModelError("", exception.Message);
return(View());
}
}
/// <summary>
/// Display personalised master page.
/// </summary>
/// <returns>A partial view of a link to personal profile with user name</returns>
public async Task <ActionResult> LoginLayout()
{
if (userid != User.Identity.Name || username == null)
{
userid = User.Identity.Name;
ActiveDirectoryClient activeDirectoryClient = UserProfileController.GetActiveDirectoryClient();
string userObjectID = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
try
{
var result = await activeDirectoryClient.Users
.Where(u => u.ObjectId.Equals(userObjectID))
.ExecuteAsync();
IUser user = result.CurrentPage.ToList().First();
username = user.GivenName;
}
catch (AdalException ex)
{
throw ex;
}
}
return(PartialView("_LoginPartial", username));
}
