/// <summary> /// Creates new role assignment. /// </summary> /// <param name="parameters">The create parameters</param> /// <returns>The created role assignment object</returns> public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parameters) { Guid principalId = ActiveDirectoryClient.GetObjectId(parameters.ADObjectFilter); Guid roleAssignmentId = RoleAssignmentNames.Count == 0 ? Guid.NewGuid() : RoleAssignmentNames.Dequeue(); string roleDefinitionId = GetRoleRoleDefinition(parameters.RoleDefinition).Id; RoleAssignmentCreateParameters createParameters = new RoleAssignmentCreateParameters { Properties = new RoleAssignmentProperties { PrincipalId = principalId, RoleDefinitionId = roleDefinitionId } }; AuthorizationManagementClient.RoleAssignments.Create(parameters.Scope, roleAssignmentId, createParameters); return(AuthorizationManagementClient.RoleAssignments.Get(parameters.Scope, roleAssignmentId).RoleAssignment.ToPSRoleAssignment(this, ActiveDirectoryClient)); }
/// <summary> /// Creates new role assignment. /// </summary> /// <param name="parameters">The create parameters</param> /// <returns>The created role assignment object</returns> public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parameters, string subscriptionId) { Guid principalId = ActiveDirectoryClient.GetObjectId(parameters.ADObjectFilter); Guid roleAssignmentId = RoleAssignmentNames.Count == 0 ? Guid.NewGuid() : RoleAssignmentNames.Dequeue(); string roleDefinitionId = !string.IsNullOrEmpty(parameters.RoleDefinitionName) ? AuthorizationHelper.GetRoleDefinitionFullyQualifiedId(subscriptionId, GetRoleRoleDefinition(parameters.RoleDefinitionName).Id) : AuthorizationHelper.GetRoleDefinitionFullyQualifiedId(subscriptionId, parameters.RoleDefinitionId); RoleAssignmentCreateParameters createParameters = new RoleAssignmentCreateParameters { Properties = new RoleAssignmentProperties { PrincipalId = principalId, RoleDefinitionId = roleDefinitionId } }; RoleAssignment assignment = AuthorizationManagementClient.RoleAssignments.Create(parameters.Scope, roleAssignmentId, createParameters).RoleAssignment; IEnumerable <RoleAssignment> assignments = new List <RoleAssignment>() { assignment }; return(assignments.ToPSRoleAssignments(this, ActiveDirectoryClient).FirstOrDefault()); }
/// <summary> /// Creates new role assignment. /// </summary> /// <param name="parameters">The create parameters</param> /// <returns>The created role assignment object</returns> public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parameters) { Guid principalId = ActiveDirectoryClient.GetObjectId(parameters.ADObjectFilter); Guid roleAssignmentId = RoleAssignmentNames.Count == 0 ? Guid.NewGuid() : RoleAssignmentNames.Dequeue(); string scope = parameters.Scope; ValidateScope(scope); string roleDefinitionId = !string.IsNullOrEmpty(parameters.RoleDefinitionName) ? AuthorizationHelper.ConstructFullyQualifiedRoleDefinitionIdFromScopeAndIdAsGuid(scope, GetSingleRoleDefinitionByName(parameters.RoleDefinitionName, scope).Id) : AuthorizationHelper.ConstructFullyQualifiedRoleDefinitionIdFromScopeAndIdAsGuid(scope, parameters.RoleDefinitionId); #if !NETSTANDARD RoleAssignmentCreateParameters createParameters = new RoleAssignmentCreateParameters { Properties = new RoleAssignmentProperties { PrincipalId = principalId, RoleDefinitionId = roleDefinitionId } }; RoleAssignment assignment = AuthorizationManagementClient.RoleAssignments.Create(parameters.Scope, roleAssignmentId, createParameters).RoleAssignment; #else var createParameters = new RoleAssignmentProperties { PrincipalId = principalId.ToString(), RoleDefinitionId = roleDefinitionId }; RoleAssignment assignment = AuthorizationManagementClient.RoleAssignments.Create( parameters.Scope, roleAssignmentId.ToString(), createParameters); #endif return(assignment.ToPSRoleAssignment(this, ActiveDirectoryClient)); }
/// <summary> /// Creates new role assignment. /// </summary> /// <param name="parameters">The create parameters</param> /// <returns>The created role assignment object</returns> public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parameters) { Guid principalId = ActiveDirectoryClient.GetObjectId(parameters.ADObjectFilter); string principalIdStr = null; if (principalId == Guid.Empty) { principalIdStr = ActiveDirectoryClient.GetAdfsObjectId(parameters.ADObjectFilter); } else { principalIdStr = principalId.ToString(); } Guid roleAssignmentId = RoleAssignmentNames.Count == 0 ? Guid.NewGuid() : RoleAssignmentNames.Dequeue(); string scope = parameters.Scope; string roleDefinitionId = !string.IsNullOrEmpty(parameters.RoleDefinitionName) ? AuthorizationHelper.ConstructFullyQualifiedRoleDefinitionIdFromScopeAndIdAsGuid(scope, GetSingleRoleDefinitionByName(parameters.RoleDefinitionName, scope).Id) : AuthorizationHelper.ConstructFullyQualifiedRoleDefinitionIdFromScopeAndIdAsGuid(scope, parameters.RoleDefinitionId); var createProperties = new RoleAssignmentProperties { PrincipalId = principalIdStr, RoleDefinitionId = roleDefinitionId }; var createParameters = new RoleAssignmentCreateParameters(createProperties); RoleAssignment assignment = AuthorizationManagementClient.RoleAssignments.Create( parameters.Scope, roleAssignmentId.ToString(), createParameters); return(assignment.ToPSRoleAssignment(this, ActiveDirectoryClient)); }