private PowerShellResults <AdminRoleGroupRow> UpdateRoleAssignments(Delta <Identity> delta, Identity identity, SetAdminRoleGroupParameter properties, PowerShellResults <AdminRoleGroupRow> results)
        {
            ManagementScopeRow        managementScopeRow        = properties.ManagementScopeRow;
            ManagementRoleAssignments roleAssignmentsWebService = new ManagementRoleAssignments();

            results = this.SetRoleAssignments(delta.UnchangedObjects, roleAssignmentsWebService, identity, managementScopeRow, properties.OrganizationalUnitRow, results);
            if (results.Failed)
            {
                return(results);
            }
            results = this.AddRoleAssignments(delta.AddedObjects, roleAssignmentsWebService, identity, managementScopeRow, properties.OrganizationalUnitRow, results);
            if (results.Failed)
            {
                return(results);
            }
            results = this.RemoveRoleAssignments(delta.RemovedObjects, roleAssignmentsWebService, identity, results);
            if (results.Failed)
            {
                return(results);
            }
            return(results);
        }
Example #2
0
        private void UpdateRoleAssignments(PowerShellResults <RoleAssignmentPolicy> result, SetRoleAssignmentPolicy properties)
        {
            RoleAssignmentPolicy      value = result.Value;
            ManagementRoleAssignments managementRoleAssignments = new ManagementRoleAssignments();
            Delta <Identity>          delta = value.AssignedEndUserRoles.CalculateDelta(properties.AssignedEndUserRoles);

            if (delta.RemovedObjects != null && delta.RemovedObjects.Count > 0)
            {
                result.MergeErrors(this.RemoveRoleAssignments(delta.RemovedObjects, value, managementRoleAssignments));
                if (result.Failed)
                {
                    return;
                }
            }
            foreach (Identity role in delta.AddedObjects)
            {
                result.MergeErrors <ManagementRoleAssignment>(managementRoleAssignments.NewObject(new NewManagementRoleAssignment
                {
                    Policy = value.Identity,
                    Role   = role
                }));
            }
        }
Example #3
0
        private PowerShellResults RemoveRoleAssignments(List <Identity> roles, RoleAssignmentPolicy policy, ManagementRoleAssignments service)
        {
            PowerShellResults <ManagementRoleAssignment> list = service.GetList(new ManagementRoleAssignmentFilter
            {
                RoleAssignee = policy.Identity
            }, null);

            if (list.Failed)
            {
                return(list);
            }
            List <Identity> list2 = new List <Identity>();

            foreach (ManagementRoleAssignment managementRoleAssignment in list.Output)
            {
                if (roles.Contains(managementRoleAssignment.Role.ToIdentity()))
                {
                    list2.Add(managementRoleAssignment.Identity);
                }
            }
            return(service.RemoveObjects(list2.ToArray(), null));
        }
 private PowerShellResults <ManagementRoleAssignment> GetRoleAssignments(Identity roleIdentity, Identity roleAssignee, ManagementRoleAssignments roleAssignmentsWebService)
 {
     return(roleAssignmentsWebService.GetList(new ManagementRoleAssignmentFilter
     {
         Role = roleIdentity,
         Delegating = false,
         RoleAssignee = roleAssignee
     }, null));
 }
 private PowerShellResults <AdminRoleGroupRow> SetRoleAssignments(IEnumerable <Identity> unchangedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, ManagementScopeRow scopeRow, ExtendedOrganizationalUnit ouRow, PowerShellResults <AdminRoleGroupRow> results)
 {
     if ((ouRow != null || scopeRow != null) && unchangedRoles != null)
     {
         foreach (Identity roleIdentity in unchangedRoles)
         {
             PowerShellResults <ManagementRoleAssignment> roleAssignments = this.GetRoleAssignments(roleIdentity, identity, roleAssignmentsWebService);
             if (roleAssignments.Failed)
             {
                 results.MergeErrors <ManagementRoleAssignment>(roleAssignments);
                 return(results);
             }
             SetManagementRoleAssignment properties = this.SetScopeInfoInParameter(roleIdentity, null, scopeRow, ouRow, results);
             if (results.Failed)
             {
                 return(results);
             }
             ManagementRoleAssignment[] output = roleAssignments.Output;
             foreach (ManagementRoleAssignment managementRoleAssignment in output)
             {
                 if (managementRoleAssignment.DelegationType == RoleAssignmentDelegationType.Regular)
                 {
                     results.MergeErrors <ManagementRoleAssignment>(roleAssignmentsWebService.SetObject(managementRoleAssignment.Identity, properties));
                     if (results.Failed)
                     {
                         return(results);
                     }
                 }
             }
         }
         return(results);
     }
     return(results);
 }
 private PowerShellResults <AdminRoleGroupRow> RemoveRoleAssignments(IEnumerable <Identity> removedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, PowerShellResults <AdminRoleGroupRow> results)
 {
     if (removedRoles != null)
     {
         foreach (Identity roleIdentity in removedRoles)
         {
             PowerShellResults <ManagementRoleAssignment> roleAssignments = this.GetRoleAssignments(roleIdentity, identity, roleAssignmentsWebService);
             if (roleAssignments.Failed)
             {
                 results.MergeErrors <ManagementRoleAssignment>(roleAssignments);
                 return(results);
             }
             if (roleAssignments != null && roleAssignments.Output != null)
             {
                 ManagementRoleAssignment[] output = roleAssignments.Output;
                 IEnumerable <Identity>     source = from entry in output
                                                     where entry.DelegationType == RoleAssignmentDelegationType.Regular
                                                     select entry.Identity;
                 results.MergeErrors(roleAssignmentsWebService.RemoveObjects(source.ToArray <Identity>(), null));
                 if (results.Failed)
                 {
                     return(results);
                 }
             }
         }
         return(results);
     }
     return(results);
 }
 private PowerShellResults <AdminRoleGroupRow> AddRoleAssignments(IEnumerable <Identity> addedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, ManagementScopeRow scopeRow, ExtendedOrganizationalUnit ouRow, PowerShellResults <AdminRoleGroupRow> results)
 {
     if (addedRoles != null)
     {
         foreach (Identity identity2 in addedRoles)
         {
             NewManagementRoleAssignment newManagementRoleAssignment = new NewManagementRoleAssignment();
             newManagementRoleAssignment.Role          = identity2;
             newManagementRoleAssignment.SecurityGroup = identity.RawIdentity;
             this.SetScopeInfoInParameter(identity2, newManagementRoleAssignment, scopeRow, ouRow, results);
             if (results.Failed)
             {
                 return(results);
             }
             results.MergeErrors <ManagementRoleAssignment>(roleAssignmentsWebService.NewObject(newManagementRoleAssignment));
         }
         return(results);
     }
     return(results);
 }