Esempio n. 1
0
        private static async Task <string> CreateGroup(string name)
        {
            Microsoft.Graph.Group newGroup = await GraphHelper.CreateNewGroup(name);

            InfoLine("New Group '" + newGroup.DisplayName + "' created");

            return(newGroup.Id);
        }
Esempio n. 2
0
        public static Group GroupProperty(Microsoft.Graph.Group graphGroup)
        {
            Group group = new Group();

            group.id          = graphGroup.Id;
            group.displayName = graphGroup.DisplayName;

            return(group);
        }
Esempio n. 3
0
        public static void AddMember(this Microsoft.Graph.Group group, string userId)
        {
            if (group.AdditionalData == null)
            {
                group.AdditionalData = new Dictionary <string, object>();
            }

            string[] membersToAdd = new string[1];
            membersToAdd[0] = $"https://graph.microsoft.com/v1.0/users/{userId}";
            group.AdditionalData.Add("*****@*****.**", membersToAdd);
        }
        public async Task Should_get_group_by_given_id()
        {
            var accessUri = $"{GraphApiSettings.GraphApiBaseUri}v1.0/groups/{GroupId}";
            var group     = new Microsoft.Graph.Group()
            {
                Id = GroupId
            };

            SecureHttpRequest.Setup(s => s.GetAsync(GraphApiSettings.AccessToken, accessUri)).ReturnsAsync(ApiRequestHelper.CreateHttpResponseMessage(group, HttpStatusCode.OK));

            var response = await Service.GetGroupByIdAsync(GroupId);

            response.Should().NotBeNull();
            response.Id.Should().Be(GroupId);
            SecureHttpRequest.Verify(s => s.GetAsync(GraphApiSettings.AccessToken, accessUri), Times.Once);
        }
        public void TestIntialize()
        {
            user = new Microsoft.Graph.User()
            {
                Id = "1"
            };
            group = new Microsoft.Graph.Group()
            {
                Id = "2"
            };
            customDirectoryObject = new CustomDirectoryObject
            {
                ObjectDataId = $"{GraphApiSettings.GraphApiBaseUri}v1.0/{GraphApiSettings.TenantId}/directoryObjects/{user.Id}"
            };

            groupAccessUri = $"{GraphApiSettings.GraphApiBaseUri}v1.0/{GraphApiSettings.TenantId}/groups/{group.Id}/members/$ref";
        }
        public ActiveDirectoryServiceTests()
        {
            _mockRemoteGraphService = new Mock <IRemoteGraphService>();
            _mockLogger             = new Mock <ILogger <ActiveDirectoryService> >();

            var configuration = new MapperConfiguration(cfg => cfg.AddProfile(new MappingProfiles()));
            var mapper        = new Mapper(configuration);

            //var cache = new NoCacheService();
            _mockCache = new Mock <ICacheService>();

            _activeDirectoryService = new ActiveDirectoryService(_mockRemoteGraphService.Object,
                                                                 mapper, _mockCache.Object, _mockLogger.Object);

            // Init testdata
            var inMemoryGraphService = new InMemoryGraphService();
            var userId  = Guid.NewGuid().ToString();
            var groupId = Guid.NewGuid().ToString();

            _user      = inMemoryGraphService.GetUserAsync(userId).Result;
            _group     = inMemoryGraphService.GetGroupAsync(groupId).Result;
            _managerId = Guid.NewGuid().ToString();

            var users  = inMemoryGraphService.FindActiveUserAsync(string.Empty).Result;
            var groups = inMemoryGraphService.FindGroupAsync(string.Empty).Result;

            // Init mock behaviour
            _mockRemoteGraphService.Setup(x => x.GetUserAsync(It.IsAny <string>()))
            .Returns(Task.FromResult(_user));

            _mockRemoteGraphService.Setup(x => x.FindActiveUserAsync(It.IsAny <string>()))
            .Returns(Task.FromResult(users));

            _mockRemoteGraphService.Setup(x => x.GetManagerIdOfUserAsync(It.IsAny <string>()))
            .Returns(Task.FromResult(_managerId));

            _mockRemoteGraphService.Setup(x => x.GetGroupAsync(It.IsAny <string>()))
            .Returns(Task.FromResult(_group));

            _mockRemoteGraphService.Setup(x => x.FindGroupAsync(It.IsAny <string>()))
            .Returns(Task.FromResult(groups));
        }
Esempio n. 7
0
 public GroupModel(Microsoft.Graph.Group group)
 {
     GUID = group.Id;
     Name = group.DisplayName;
 }
        public async Task <ActionResult> DeployBaseline(string displayName, string selectedBaseline, string policyPrefix, string allowLegacyAuth, string clientId = null)
        {
            SignalRMessage signalR = new SignalRMessage
            {
                clientId = clientId
            };

            signalR.sendMessage("Selected baseline: " + selectedBaseline);

            try
            {
                // Create exclusion group (if the group already exists we retrieve the ID)
                Microsoft.Graph.Group createdGroup = await GraphHelper.CreateGroup(displayName, clientId);

                List <string> groupsCreated = new List <string>
                {
                    createdGroup.Id
                };

                // Load CA policies for policy set
                string[] filePaths = Directory.GetFiles(Server.MapPath(TEMPLATE_CA_POLICY_FOLDER_PATH + selectedBaseline), "*.json");

                if (filePaths.Length == 0)
                {
                    signalR.sendMessage($"Warning no Conditional Access Policies found within selected set ({selectedBaseline})!");
                }

                // Modify exclusions & Display Name
                List <ConditionalAccessPolicy> conditionalAccessPolicies = new List <ConditionalAccessPolicy>();

                foreach (string filePath in filePaths)
                {
                    try
                    {
                        if (System.IO.File.Exists(filePath))
                        {
                            using (var streamReader = new StreamReader(filePath, Encoding.UTF8))
                            {
                                string textCaPolicy = streamReader.ReadToEnd();

                                // Modify properties on template
                                ConditionalAccessPolicy conditionalAccessPolicy = JsonConvert.DeserializeObject <ConditionalAccessPolicy>(textCaPolicy);
                                conditionalAccessPolicy.conditions.users.excludeGroups = groupsCreated.ToArray();
                                conditionalAccessPolicy.displayName = conditionalAccessPolicy.displayName.Insert(0, policyPrefix).Replace("<PREFIX> -", "").Trim();

                                // Check for legacy auth exclusion group
                                if (conditionalAccessPolicy.conditions.clientAppTypes.Contains("other") && conditionalAccessPolicy.grantControls.builtInControls.Contains("block"))
                                {
                                    // Wee need to initialize a new list to avoid modifications to the existing!
                                    List <String>         newGroupsCreated     = new List <String>(groupsCreated);
                                    Microsoft.Graph.Group allowLegacyAuthGroup = await GraphHelper.CreateGroup(allowLegacyAuth, clientId);

                                    newGroupsCreated.Add(allowLegacyAuthGroup.Id);
                                    conditionalAccessPolicy.conditions.users.excludeGroups = newGroupsCreated.ToArray();
                                }

                                // Create the policy
                                await GraphHelper.ImportCaConfig(JsonConvert.SerializeObject(conditionalAccessPolicy), clientId);
                            }
                        }
                    }
                    catch (Exception e)
                    {
                        signalR.sendMessage("Error: " + e.Message);
                    }
                }
            }
            catch (Exception e)
            {
                signalR.sendMessage("Error: " + e.Message);
            }

            signalR.sendMessage("Done#!");
            return(new HttpStatusCodeResult(204));
        }