public static PSRoleAssignment ToPSRoleAssignment(this RoleAssignment assignment, AuthorizationClient policyClient, ActiveDirectoryClient activeDirectoryClient, string scopeForRoleDefinition = null)
{
PSRoleDefinition roleDefinition = null;
PSADObject adObject = null;
// Get role definition name information by role definition ID
try
{
if (string.IsNullOrEmpty(scopeForRoleDefinition))
{
roleDefinition = policyClient.GetRoleDefinition(assignment.RoleDefinitionId);
}
else
{
roleDefinition = policyClient.GetRoleDefinition(assignment.RoleDefinitionId.GetGuidFromId(), scopeForRoleDefinition);
}
}
catch (CloudException ce) when(ce.Response.StatusCode == HttpStatusCode.Unauthorized)
{
//Swallow unauthorized errors on RoleDefinition when displaying RoleAssignments
}
// Get ab object
try
{
adObject = activeDirectoryClient.GetObjectByObjectId(assignment.PrincipalId);
}
catch (Common.MSGraph.Version1_0.DirectoryObjects.Models.OdataErrorException oe)
{
if (oe.IsAuthorizationDeniedException() || oe.IsNotFoundException())
{
adObject = new PSADObject()
{
Id = assignment.PrincipalId, Type = UnknownType
};
}
//Swallow exceptions when displaying active directive object
}
return(new PSRoleAssignment()
{
RoleAssignmentName = assignment.Name,
RoleAssignmentId = assignment.Id,
Scope = assignment.Scope,
DisplayName = adObject?.DisplayName,
SignInName = adObject is PSADUser user ? user.UserPrincipalName : null,
RoleDefinitionName = roleDefinition?.Name,
RoleDefinitionId = assignment.RoleDefinitionId.GuidFromFullyQualifiedId(),
ObjectId = assignment.PrincipalId,
// Use information from adObject first, assignment.PrincipalType is a cached information
ObjectType = adObject?.Type ?? assignment.PrincipalType,
// CanDelegate's value is absent from RoleAssignment
// CanDelegate = null,
Description = assignment.Description,
ConditionVersion = assignment.ConditionVersion,
Condition = assignment.Condition
});
public static PSRoleAssignment ToPSRoleAssignment(this RoleAssignment assignment, AuthorizationClient policyClient, ActiveDirectoryClient activeDirectoryClient, string scopeForRoleDefinition = null)
{
PSRoleDefinition roleDefinition = null;
PSADObject adObject = null;
// Get role definition name information by role definition ID
try
{
if (string.IsNullOrEmpty(scopeForRoleDefinition))
{
roleDefinition = policyClient.GetRoleDefinition(assignment.RoleDefinitionId);
}
else
{
roleDefinition = policyClient.GetRoleDefinition(assignment.RoleDefinitionId.GetGuidFromId(), scopeForRoleDefinition);
}
}
catch (CloudException ce) when(ce.Response.StatusCode == HttpStatusCode.Unauthorized)
{
//Swallow unauthorized errors on RoleDefinition when displaying RoleAssignments
}
// Get ab object
try
{
adObject = activeDirectoryClient.GetObjectByObjectId(assignment.PrincipalId);
}
catch
{
//Swallow exceptions when displaying active directive object
}
return(new PSRoleAssignment()
{
RoleAssignmentName = assignment.Name,
RoleAssignmentId = assignment.Id,
Scope = assignment.Scope,
DisplayName = adObject?.DisplayName,
SignInName = adObject is PSADUser user ? user.UserPrincipalName : null,
RoleDefinitionName = roleDefinition?.Name,
RoleDefinitionId = assignment.RoleDefinitionId,
ObjectId = assignment.PrincipalId,
ObjectType = string.IsNullOrEmpty(assignment.PrincipalType) ? adObject?.Type ?? UnknownType : assignment.PrincipalType,
// CanDelegate's value is absent from RoleAssignment
// CanDelegate = null,
Description = assignment.Description,
ConditionVersion = assignment.ConditionVersion,
Condition = assignment.Condition
});
