static void CreateServiceIdentity(string name) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); AccessControlServiceIdentity identity = AccessControlServiceIdentity.Create(settings, name); identity.Save(); Console.WriteLine("Name: {0}\nKey: {1}", identity.Name, Convert.ToBase64String(identity.Key)); }
static void DeleteServiceIdentity(string name) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); ManagementService serviceClient = ManagementServiceHelper.CreateManagementServiceClient(settings); serviceClient.DeleteServiceIdentityIfExists(name); serviceClient.SaveChanges(); Console.WriteLine("Deleted."); }
static void RevokeOperationRight(string operation, string path, string name) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); Uri uri = ServiceBusEnvironment.CreateServiceUri("http", @namespace, path); AccessControlList list = NamespaceAccessControl.GetAccessControlList(uri, settings); IdentityReference identityReference = IdentityReference.CreateServiceIdentityReference(name); if (operation.Equals("Send", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Send)); if (existing != null) { if (existing.Inherited) { Console.Error.WriteLine("Cannot revoke inherited rules."); return; } list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else if (operation.Equals("Listen", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Listen)); if (existing != null) { list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else if (operation.Equals("Manage", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Manage)); if (existing != null) { list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else { Console.Error.WriteLine("Unknown operation '{0}'", operation); } }
static void ShowRights(string path) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); Uri uri = ServiceBusEnvironment.CreateServiceUri("http", @namespace, path); AccessControlList list = NamespaceAccessControl.GetAccessControlList(uri, settings); Console.WriteLine("Path {0}", path); Console.WriteLine("------------------------------------------"); Console.WriteLine("{0,-6} {1,-25} {2,-4}", "Right", "Assigned To", "Inherited"); Console.WriteLine("------------------------------------------"); foreach (AccessControlRule rule in list) { Console.WriteLine("{0,-6} {1,-25} {2,-4}", rule.Right.ClaimValue, rule.Condition.ClaimValue, rule.Inherited); } }
static void GetServiceIdentity(string name) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); ManagementService serviceClient = ManagementServiceHelper.CreateManagementServiceClient(settings); ServiceIdentity si = serviceClient.GetServiceIdentityByName(name); if (si != null) { ServiceIdentityKey symmKey = (from sk in si.ServiceIdentityKeys where sk.Type == ServiceIdentityKeyType.Symmetric.ToString() select sk).FirstOrDefault(); if (symmKey != null) { Console.WriteLine("Name: {0}\nKey: {1}", si.Name, Convert.ToBase64String(symmKey.Value)); return; } } Console.Error.WriteLine("Service identity '{0}' not found or key not found", name); }