public HttpResponseMessage UpdateUser(UpdateUserParameters parameters) { try { if (!bool.Parse(Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "EnableUpdate", "True"))) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "You are not allowed to update users")); } var settings = new AzureConfig(AzureConfig.ServiceName, PortalSettings.PortalId); var graphClient = new GraphClient(settings.AADApplicationId, settings.AADApplicationKey, settings.TenantId); var portalUserMapping = UserMappingsRepository.Instance.GetUserMapping("PortalId", settings.UseGlobalSettings ? -1 : PortalSettings.PortalId); // Validate permissions var user = graphClient.GetUser(parameters.user.ObjectId); string portalUserMappingB2cCustomClaimName = portalUserMapping?.GetB2cCustomClaimName(); if (!UserInfo.IsSuperUser && portalUserMapping != null && !string.IsNullOrEmpty(portalUserMappingB2cCustomClaimName)) { if (!user.AdditionalData.ContainsKey(portalUserMapping.GetB2cCustomClaimName()) || (int)(long)user.AdditionalData[portalUserMapping.GetB2cCustomClaimName()] != PortalSettings.PortalId) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "You are not allowed to modify this user")); } } // Update user user.DisplayName = parameters.user.DisplayName; user.GivenName = parameters.user.GivenName; user.Surname = parameters.user.Surname; // WORKAROUND: "A stream property was found in a JSON Light request payload. Stream properties are only supported in responses." // ==> Patch only the PortalId extension user.AdditionalData.Clear(); if (user.UserPrincipalName.StartsWith("cpim_")) // Is a federated user? { // Can't modify this properties on federated users user.UserIdentities = null; user.SignInNames = null; } else { if (bool.Parse(Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "EnableAddUsersByUsername", "False")) && !string.IsNullOrEmpty(parameters.user.Username)) { AddSignInName(user, "userName", parameters.user.Username); } if (bool.Parse(Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "EnableAddUsersByUsername", "False")) && !string.IsNullOrEmpty(parameters.user.Mail)) { AddSignInName(user, "emailAddress", parameters.user.Mail); user.OtherMails = new string[] { parameters.user.Mail }; } } // Custom Attributes var customAttributes = Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "CustomFields").Replace(" ", ""); if (!string.IsNullOrEmpty(customAttributes)) { string[] attr = customAttributes.Split(','); foreach (var key in parameters.user.AdditionalData.Keys) { if (key.StartsWith("extension_") && attr.Any(x => key.EndsWith(x))) { user.AdditionalData.Add(key, parameters.user.AdditionalData[key]); } } } graphClient.UpdateUser(user); // Update group membership UpdateGroupMemberShip(graphClient, user, parameters.groups); return(Request.CreateResponse(HttpStatusCode.OK, user)); } catch (Exception ex) { return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message)); } }