/// <summary> /// Updates the specified DirectoryRole using PATCH. /// </summary> /// <param name="directoryRoleToUpdate">The DirectoryRole to update.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the request.</param> /// <exception cref="ClientException">Thrown when an object returned in a response is used for updating an object in Microsoft Graph.</exception> /// <returns>The updated DirectoryRole.</returns> public async System.Threading.Tasks.Task <DirectoryRole> UpdateAsync(DirectoryRole directoryRoleToUpdate, CancellationToken cancellationToken) { if (directoryRoleToUpdate.AdditionalData != null) { if (directoryRoleToUpdate.AdditionalData.ContainsKey(Constants.HttpPropertyNames.ResponseHeaders) || directoryRoleToUpdate.AdditionalData.ContainsKey(Constants.HttpPropertyNames.StatusCode)) { throw new ClientException( new Error { Code = GeneratedErrorConstants.Codes.NotAllowed, Message = String.Format(GeneratedErrorConstants.Messages.ResponseObjectUsedForUpdate, directoryRoleToUpdate.GetType().Name) }); } } if (directoryRoleToUpdate.AdditionalData != null) { if (directoryRoleToUpdate.AdditionalData.ContainsKey(Constants.HttpPropertyNames.ResponseHeaders) || directoryRoleToUpdate.AdditionalData.ContainsKey(Constants.HttpPropertyNames.StatusCode)) { throw new ClientException( new Error { Code = GeneratedErrorConstants.Codes.NotAllowed, Message = String.Format(GeneratedErrorConstants.Messages.ResponseObjectUsedForUpdate, directoryRoleToUpdate.GetType().Name) }); } } this.ContentType = "application/json"; this.Method = "PATCH"; var updatedEntity = await this.SendAsync <DirectoryRole>(directoryRoleToUpdate, cancellationToken).ConfigureAwait(false); this.InitializeCollectionProperties(updatedEntity); return(updatedEntity); }
public static void DirectoryRolePermissions(DirectoryRole _, List <string> userIds, HashSet <string> administrators) { try { var gremlinEdges = new List <GremlinEdge>(); TryGetPermissions(_, out var permissions); if (permissions?.Contains("microsoft.aad.directory/users/password/update") == true) { userIds.Where(userId => !administrators.Contains(userId)).ForEach( userId => gremlinEdges.Add( new GremlinEdge( _.Id + userId, "ForceChangePassword", _.Id, userId, nameof(AzureAdLateralMovement.Models.BloodHound.DirectoryRole), nameof(User), _.Id.GetHashCode(), userId.GetHashCode() ))); } CosmosDbHelper.RunImportEdgesBlock.Post(gremlinEdges); } catch (Exception e) { Console.WriteLine(e); throw; } }
public static void DirectoryRoleMembership(DirectoryRole _, List <GroupMember> members) { var gremlinVertices = new List <GremlinVertex>(); var gremlinEdges = new List <GremlinEdge>(); var vertex = new GremlinVertex(_.Id, nameof(Models.BloodHound.DirectoryRole)); vertex.AddProperty(CosmosDbHelper.CollectionPartitionKey, _.Id.GetHashCode()); vertex.AddProperty(nameof(_.DisplayName), _.DisplayName?.ToUpper() ?? string.Empty); gremlinVertices.Add(vertex); members.ForEach(member => { gremlinEdges.Add(new GremlinEdge( _.Id + member.Id, "MemberOf", member.Id, _.Id, nameof(User), nameof(Models.BloodHound.DirectoryRole), member.Id.GetHashCode(), _.Id.GetHashCode())); }); CosmosDbHelper.RunImportVerticesBlock.Post(gremlinVertices); CosmosDbHelper.RunImportEdgesBlock.Post(gremlinEdges); }
/// <summary> /// Creates the specified DirectoryRole using POST. /// </summary> /// <param name="directoryRoleToCreate">The DirectoryRole to create.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the request.</param> /// <returns>The created DirectoryRole.</returns> public async System.Threading.Tasks.Task <DirectoryRole> CreateAsync(DirectoryRole directoryRoleToCreate, CancellationToken cancellationToken) { this.ContentType = "application/json"; this.Method = "POST"; var newEntity = await this.SendAsync <DirectoryRole>(directoryRoleToCreate, cancellationToken).ConfigureAwait(false); this.InitializeCollectionProperties(newEntity); return(newEntity); }
/// <summary> /// Updates the specified DirectoryRole using PATCH. /// </summary> /// <param name="directoryRoleToUpdate">The DirectoryRole to update.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the request.</param> /// <returns>The updated DirectoryRole.</returns> public async Task <DirectoryRole> UpdateAsync(DirectoryRole directoryRoleToUpdate, CancellationToken cancellationToken) { this.ContentType = "application/json"; this.Method = "PATCH"; var updatedEntity = await this.SendAsync <DirectoryRole>(directoryRoleToUpdate, cancellationToken).ConfigureAwait(false); this.InitializeCollectionProperties(updatedEntity); return(updatedEntity); }
private static void TryGetPermissions(DirectoryRole _, out List <string> permissions) { if (_?.DisplayName == null || AzureDictionaryRolesToPermissionsMapping == null) { permissions = null; } else { AzureDictionaryRolesToPermissionsMapping.TryGetValue(_.DisplayName, out permissions); } }
public static void DirectoryRoleMembership(DirectoryRole _, List <GroupMember> groupMembers) { if (_groupsOutput.IsCompleted) { _groupsOutput = new BlockingCollection <JsonBase>(); _groupsWriter = Extensions.StartOutputWriter(_groupsOutput); } var properties = new Dictionary <string, object> { { nameof(_.RoleTemplateId), _.RoleTemplateId } }; _groupsOutput.Add(new Models.BloodHound.DirectoryRole { Name = _.DisplayName, Members = groupMembers.ToArray(), Properties = properties }); }
/// <summary> /// Initializes any collection properties after deserialization, like next requests for paging. /// </summary> /// <param name="directoryRoleToInitialize">The <see cref="DirectoryRole"/> with the collection properties to initialize.</param> private void InitializeCollectionProperties(DirectoryRole directoryRoleToInitialize) { if (directoryRoleToInitialize != null && directoryRoleToInitialize.AdditionalData != null) { if (directoryRoleToInitialize.Members != null && directoryRoleToInitialize.Members.CurrentPage != null) { directoryRoleToInitialize.Members.AdditionalData = directoryRoleToInitialize.AdditionalData; object nextPageLink; directoryRoleToInitialize.AdditionalData.TryGetValue("*****@*****.**", out nextPageLink); var nextPageLinkString = nextPageLink as string; if (!string.IsNullOrEmpty(nextPageLinkString)) { directoryRoleToInitialize.Members.InitializeNextPageRequest( this.Client, nextPageLinkString); } } } }
/// <summary> /// Adds the specified DirectoryRole to the collection via POST. /// </summary> /// <param name="directoryRole">The DirectoryRole to add.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the request.</param> /// <returns>The created DirectoryRole.</returns> public System.Threading.Tasks.Task <DirectoryRole> AddAsync(DirectoryRole directoryRole, CancellationToken cancellationToken) { this.ContentType = "application/json"; this.Method = "POST"; return(this.SendAsync <DirectoryRole>(directoryRole, cancellationToken)); }
/// <summary> /// Adds the specified DirectoryRole to the collection via POST. /// </summary> /// <param name="directoryRole">The DirectoryRole to add.</param> /// <returns>The created DirectoryRole.</returns> public System.Threading.Tasks.Task <DirectoryRole> AddAsync(DirectoryRole directoryRole) { return(this.AddAsync(directoryRole, CancellationToken.None)); }
/// <summary> /// Creates the specified DirectoryRole using POST. /// </summary> /// <param name="directoryRoleToCreate">The DirectoryRole to create.</param> /// <returns>The created DirectoryRole.</returns> public System.Threading.Tasks.Task <DirectoryRole> CreateAsync(DirectoryRole directoryRoleToCreate) { return(this.CreateAsync(directoryRoleToCreate, CancellationToken.None)); }
/// <summary> /// Creates the specified DirectoryRole using PUT. /// </summary> /// <param name="directoryRoleToCreate">The DirectoryRole to create.</param> /// <returns>The created DirectoryRole.</returns> public Task <DirectoryRole> CreateAsync(DirectoryRole directoryRoleToCreate) { return(this.CreateAsync(directoryRoleToCreate, CancellationToken.None)); }
/// <summary> /// Adds the specified DirectoryRole to the collection via POST. /// </summary> /// <param name="directoryRole">The DirectoryRole to add.</param> /// <returns>The created DirectoryRole.</returns> public Task <DirectoryRole> AddAsync(DirectoryRole directoryRole) { return(this.AddAsync(directoryRole, CancellationToken.None)); }