public async Task<IdentityResult> RegisterCustomerAsync(UserModel userModel, AppRole appRole = AppRole.customer) { var addToRoleResult = new IdentityResult(); // Add generate username to the model IdentityUser user = new IdentityUser { UserName = userModel.UserName, Email = userModel.EmailAddress, EmailConfirmed = true, PhoneNumber = userModel.PhoneNumber, PhoneNumberConfirmed = true, }; var result = await _userManager.CreateAsync(user, userModel.Password); //Role-user combination is managed as Contact-Role combination in ContactRole table //Create Role Admin if it does not exist var _role = await _roleManager.FindByNameAsync(appRole.ToString()); if (_role == null) { _role = new IdentityRole(appRole.ToString()); var roleresult = await _roleManager.CreateAsync(_role); } var rolesForUser = await _userManager.GetRolesAsync(user.Id); if (!rolesForUser.Contains(_role.Name)) { addToRoleResult = await _userManager.AddToRoleAsync(user.Id, _role.Name); } return addToRoleResult; }
public static bool IsInRole(this IPrincipal user, AppRole appRole) { var roles = appRole.ToString().Split(',').Select(x => x.Trim()); foreach (var role in roles) { if (user.IsInRole(role)) return true; } return false; }
public async Task <bool> AddAsync(AppRoleViewModel roleVm) { var role = new AppRole() { //Id = Guid.NewGuid(), Name = roleVm.Name, Description = roleVm.Description }; var result = await _roleManager.CreateAsync(role); return(result.Succeeded); }
public ActionResult Edit(string id) { AppRole role = RoleManager.FindById(id); string[] memberIDs = role.Users.Select(x => x.UserId).ToArray(); IEnumerable <AppUser> members = UserManager.Users.Where(x => memberIDs.Any(y => y == x.Id)); IEnumerable <AppUser> nonMembers = UserManager.Users.Except(members); return(View(new RoleEditModel { Role = role, Members = members, NonMembers = nonMembers })); }
public async Task <ActionResult> Edit(int id) { AppRole role = await roleManager.FindByIdAsync(id); if (role != null) { return(View(new EditRoleModel { Id = role.Id, Name = role.Name, User = role.User })); } return(RedirectToAction("Index", "Role")); }
public async Task <bool> AddAsync(AppRoleViewModel roleViewModel) { var role = new AppRole() { Name = roleViewModel.Name, Description = roleViewModel.Description, CreatedDate = DateTime.Now }; var result = await this._roleManager.CreateAsync(role); return(result.Succeeded); }
private static IList <AppRole> GetAppRoles() { IList <AppRole> appRoles = new List <AppRole>(); AppRole appRole = new AppRole(); appRole.Id = Guid.Parse("1579eed6-fcb5-4448-b8ec-e62cb4d46f59"); appRole.Description = "Service Center Manager"; appRole.DisplayName = "ServiceCenterManager"; appRole.Value = "ServiceCenterManager"; appRoles.Add(appRole); return(appRoles); }
public static void Initialize(StepIdentityContext context, UserManager <AppUser> usermgr, RoleManager <AppRole> rolemgr) //UserContext is EF context { context.Database.EnsureCreated(); //if db is not exist ,it will create database .but ,do nothing . if (context.Users.Any() || context.Roles.Any()) { return; // DB has been seeded } if (!rolemgr.RoleExistsAsync("AppModerator").Result) { var role2 = new AppRole { Name = "AppModerator" }; IdentityResult roleResult = rolemgr.CreateAsync(role2).Result; } if (!rolemgr.RoleExistsAsync("AppUser").Result) { var role2 = new AppRole { Name = "AppUser" }; IdentityResult roleResult = rolemgr.CreateAsync(role2).Result; } if (usermgr.FindByNameAsync("*****@*****.**").Result == null) { var user1 = new AppUser { FirstName = "Masha", LastName = "Shtoda", UserName = "******", Birthday = new DateTime(2000, 12, 31), Email = "*****@*****.**", EmailConfirmed = true, PhoneNumber = "0123456789", PhoneNumberConfirmed = true }; IdentityResult result = usermgr.CreateAsync(user1, "Qwerty123_").Result; if (result.Succeeded) { usermgr.AddToRoleAsync(user1, "AppModerator").Wait(); } } }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (ModelState.IsValid) { var user = new AppUser { UserName = Input.Email, Email = Input.Email, PhotoURL = "default.jpg", FullName = $"{Input.FirstName} {Input.LastName}", BirthDate = Input.BirthDate, Gender = Input.Gender }; var result = await _userManager.CreateAsync(user, Input.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); { await _signInManager.SignInAsync(user, isPersistent : false); //assigne role member for all new users bool x = await _roleManager.RoleExistsAsync("Member"); if (!x) { // first we create Member rool var role = new AppRole(); role.Name = "Member"; await _roleManager.CreateAsync(role); } await _userManager.AddToRoleAsync(user, "Member"); return(RedirectToAction("Index", "Home", Input)); // return LocalRedirect(returnUrl); } } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <CommandResult <AppRoleViewModel> > ExecuteAync(AppRoleViewModel roleVm) { var userId = _httpContextAccessor.HttpContext.User.Identity.Name; var userName = _userManager.FindByIdAsync(userId).Result.UserName; try { if (await _checkUserIsAdminQuery.ExecuteAsync(userId) || await _getPermissionActionQuery.ExecuteAsync(userId, ConstantFunctions.ROLE, ActionSetting.CanCreate)) { var role = new AppRole() { Name = roleVm.Name, Description = roleVm.Description }; var result = await _roleManager.CreateAsync(role); await Logging <AddRoleAsyncCommand> .InformationAsync(ActionCommand.COMMAND_ADD, userName, JsonConvert.SerializeObject(role)); return(new CommandResult <AppRoleViewModel> { isValid = result.Succeeded, myModel = new AppRoleViewModel { Description = role.Description, Name = role.Name, Id = role.Id } }); } else { await Logging <AddRoleAsyncCommand> .WarningAsync(ActionCommand.COMMAND_ADD, userName, ErrorMessageConstant.ERROR_ADD_PERMISSION); return(new CommandResult <AppRoleViewModel> { isValid = false, errorMessage = ErrorMessageConstant.ERROR_ADD_PERMISSION }); } } catch (System.Exception ex) { await Logging <AddRoleAsyncCommand> .ErrorAsync(ex, ActionCommand.COMMAND_ADD, userName, "Has error"); return(new CommandResult <AppRoleViewModel> { isValid = false, errorMessage = ex.InnerException.ToString() }); } }
public async Task <IActionResult> CreateRole(string id) { if (id != null) { AppRole role = await _roleManager.FindByIdAsync(id); return(View(new RoleViewModel { Name = role.Name })); } return(View()); }
public async Task DeleteSecret_ThatExists_Success() { string roleName_A = _uniqueKeys.GetKey("RDel"); AppRole roleA = new AppRole(roleName_A); Assert.True(await _appRoleAuthEngine.SaveRole(roleA), "A1: Saving the role failed."); // Now create the a secret AppRoleSecret secret_A = await _appRoleAuthEngine.GenerateSecretID(roleA.Name); Assert.True(await _appRoleAuthEngine.DeleteSecretID(roleA.Name, secret_A.ID), "A2: Deleting the secret failed"); Assert.IsNull(await _appRoleAuthEngine.ReadSecretID(roleA.Name, secret_A.ID), "A3: Expected to not find the given secret. But instead was returned a secret. Delete did not work?"); }
public async Task <IActionResult> RoleUpdate(string RoleID) { AppRole role = await _roleManager.FindByIdAsync(RoleID); if (role == null) { //SAYFAYI GÜNCELLE return(RedirectToAction("Roles")); } //SUCCEED return(View(role.Adapt <RoleModel>())); }
private void CheckRoleData(AppUser user, AppRole role) { if (role.Name == RoleNames.Transporter && !user.ProjectId.HasValue) { throw new InvalidOperationException("TransporterId is required"); } if (role.Name == RoleNames.Mechanic && (!user.ProjectId.HasValue || user.RouteIds == null || !user.RouteIds.Any())) { throw new InvalidOperationException("RouteIds is required"); } }
public async Task <IActionResult> AddEditAppRole(Guid id) { AppRoleViewModel model = new AppRoleViewModel(); AppRole appRole = await roleManager.FindByIdAsync(id.ToString()); if (appRole != null) { model.Id = appRole.Id.ToString(); model.RoleName = appRole.Name; model.Description = appRole.Description; } return(PartialView("_AddEditAppRole", model)); }
public static void DeleteRole() { try { AppRole appRole = new AppRole("Role2"); SecRoleManager.DeleteRole(appRole); WriteLine($"{appRole.Name} was deleted."); } catch (Exception ex) { WriteLine(ex.Message); } }
public HttpResponseMessage Details(HttpRequestMessage request, string id) { if (string.IsNullOrEmpty(id)) { return request.CreateErrorResponse(HttpStatusCode.BadRequest, nameof(id) + " không có giá trị."); } AppRole appRole = AppRoleManager.FindById(id); if (appRole == null) { return request.CreateErrorResponse(HttpStatusCode.NoContent, "No group"); } return request.CreateResponse(HttpStatusCode.OK, appRole); }
public async Task <ActionResult> Edit([Bind(Include = "Id,Name,ClientId,AppId")] AppRole appRole) { if (ModelState.IsValid) { db.Entry(appRole).State = EntityState.Modified; await db.SaveChangesAsync(); return(RedirectToAction("Index")); } ViewBag.AppId = new SelectList(db.Apps, "Id", "Database", appRole.AppId); ViewBag.ClientId = new SelectList(db.Partners, "Id", "Name", appRole.ClientId); return(View(appRole)); }
public async Task <ActionResult> Edit(string id) { AppRole role = await RoleManager.FindByIdAsync(id); string[] memberIds = role.Users.Select(x => x.UserId).ToArray(); IEnumerable <AppUser> members = UserManager.Users.Where(x => memberIds.Any(m => x.Id == m)); IEnumerable <AppUser> nonMembers = UserManager.Users.Except(members); return(View(new RoleEditModel { Role = role, Members = members, NonMembers = nonMembers })); }
public async Task <AppRole> CreateAsync(AppRole role) { // находим пользователя if (context.Roles.Any(x => x.Name == role.Name)) { throw new Exception("Role '" + role.Name + "' is already taken"); } context.Roles.Add(role); await context.SaveChangesAsync(); return(role); }
public async Task <ActionResult> Create(AppRole role) { var roleresult = await _roleManager.CreateAsync(role); if (!roleresult.Succeeded) { foreach (var error in roleresult.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } return(RedirectToAction("Index")); }
public async Task <IActionResult> OnPostCreateAsync(string rolename, string roledescription) { bool x = await _roleManager.RoleExistsAsync(rolename); if (!x) { var role = new AppRole(); role.Name = rolename; role.RoleDescription = roledescription; await _roleManager.CreateAsync(role); } return(RedirectToPage("./Roles")); }
public async Task <UserResponse> GetUserByNameAsync(string name) { var user = await userManager.FindByNameAsync(name); var userResult = mapper.Map <AppUser, UserResponse>(user); var roles = await userManager.GetRolesAsync(user); string roleName = roles.FirstOrDefault(); AppRole role = await roleManager.FindByNameAsync(roleName); userResult.Role = role.Description; return(userResult); }
private async Task <IdentityResult> AddRole(string roleName) { if (!await AppRoleManager.RoleExistsAsync(roleName)) { AppRole role = new AppRole(); role.Name = "Admin"; return(await AppRoleManager.CreateAsync(role)); } else { return(null); } }
public async Task <IdentityResult> DeleteRole(string id) { AppRole role = await context.RoleManager.FindByIdAsync(id); IdentityResult deleteResult = null; if (role != null) { deleteResult = await context.RoleManager.DeleteAsync(role); } return(deleteResult); }
public static void UpdateApplicationRole(this AppRole appRole, ApplicationRoleViewModel appRoleViewModel, string action = "add") { if (action == "update") { appRole.Id = appRoleViewModel.Id; } else { appRole.Id = Guid.NewGuid().ToString(); } appRole.Name = appRoleViewModel.Name; appRole.Description = appRoleViewModel.Description; }
private bool AddRole(string roleName) { if (!_roleManager.RoleExistsAsync(roleName).Result) //rolun veritabında olup olmadığını kontrol ediyor { AppRole role = new AppRole() //veritabında yoksa yeni role oluşturcaz { Name = roleName }; IdentityResult result = _roleManager.CreateAsync(role).Result; //rolemanager create methoyla eklicez return(result.Succeeded); } return(true); //role varsa zaten true dönecek }
public RoleEditModel CreateRoleEditModel(AppRole role) { var roleModel = new RoleEditModel(); var userList = IdentityManager.Users.ToList(); var membersId = role.Users.Select(x => x.UserId); roleModel.Role = role; roleModel.Members = userList.Where(x => membersId.Contains(x.Id)); roleModel.NonMembers = userList.Except(roleModel.Members); return(roleModel); }
public ActionResult Users() { if (HttpContext.User.IsInRole("Administrators")) { return(View(UserManager.Users)); } else { AppRole customerRole = RoleManager.FindByName("Customers"); string[] customerIds = customerRole.Users.Select(x => x.UserId).ToArray(); return(View(UserManager.Users.Where(user => customerIds.Any(id => id == user.Id)).ToList())); } }
public ActionResult Details(string roleName) { AppRole role = RoleManager.FindByName(roleName); if (role == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } else { return(View(role)); } }
public IViewComponentResult Invoke(AppRole appRole, string modalId) { ViewBag.ModalId = modalId; if (appRole == null) { return(View(new AppRole())); } else { return(View(appRole)); } }
public async Task <IActionResult> Add([FromBody] AppRole role) { role.Id = Guid.NewGuid().ToString(); role.CreatedDate = DateTime.UtcNow; IdentityResult result = await roleManager.CreateAsync(role); if (!result.Succeeded) { return(BadRequest(result.Errors)); } return(Ok(role)); }
public async Task<ActionResult> Create(RoleViewModel roleViewModel) { if (ModelState.IsValid) { var role = new AppRole() { Name = roleViewModel.Name }; var roleresult = await RoleManager.CreateAsync(role); if (!roleresult.Succeeded) { ModelState.AddModelError("", roleresult.Errors.First()); return View(); } return RedirectToAction("Index"); } return View(); }
public CommModule(AppRole Role) { appRole = Role; }
public async Task<IHttpActionResult> Post(RoleViewModel m) { if (!ModelState.IsValid) return BadRequest(ModelState); var role = new AppRole() { CreateBy = User.Identity.GetUserId(), CreateTime = DateTimeOffset.Now, Deleted = false, Id = Guid.NewGuid().ToString(), Name = m.Name }; if (!roleManager.RoleExists(m.Name)) roleManager.Create(role); else { ModelState.AddModelError("Failure", "该角色已存在。"); return BadRequest(ModelState); } return Created<RoleViewModel>(new RoleViewModel() { Id = role.Id, Name = role.Name }); }
private static void Main() { // record start DateTime of execution string currentDateTime = DateTime.Now.ToUniversalTime().ToString(); #region Setup Active Directory Client //********************************************************************* // setup Active Directory Client //********************************************************************* ActiveDirectoryClient activeDirectoryClient; try { activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication(); } catch (AuthenticationException ex) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("Acquiring a token failed with the following error: {0}", ex.Message); if (ex.InnerException != null) { //You should implement retry and back-off logic per the guidance given here:http://msdn.microsoft.com/en-us/library/dn168916.aspx //InnerException Message will contain the HTTP error status codes mentioned in the link above Console.WriteLine("Error detail: {0}", ex.InnerException.Message); } Console.ResetColor(); Console.ReadKey(); return; } #endregion #region TenantDetails //********************************************************************* // Get Tenant Details // Note: update the string TenantId with your TenantId. // This can be retrieved from the login Federation Metadata end point: // https://login.windows.net/GraphDir1.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml // Replace "GraphDir1.onMicrosoft.com" with any domain owned by your organization // The returned value from the first xml node "EntityDescriptor", will have a STS URL // containing your TenantId e.g. "https://sts.windows.net/4fd2b2f2-ea27-4fe5-a8f3-7b1a7c975f34/" is returned for GraphDir1.onMicrosoft.com //********************************************************************* VerifiedDomain initialDomain = new VerifiedDomain(); VerifiedDomain defaultDomain = new VerifiedDomain(); ITenantDetail tenant = null; Console.WriteLine("\n Retrieving Tenant Details"); try { List<ITenantDetail> tenantsList = activeDirectoryClient.TenantDetails .Where(tenantDetail => tenantDetail.ObjectId.Equals(Constants.TenantId)) .ExecuteAsync().Result.CurrentPage.ToList(); if (tenantsList.Count > 0) { tenant = tenantsList.First(); } } catch (Exception e) { Console.WriteLine("\nError getting TenantDetails {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (tenant == null) { Console.WriteLine("Tenant not found"); } else { TenantDetail tenantDetail = (TenantDetail)tenant; Console.WriteLine("Tenant Display Name: " + tenantDetail.DisplayName); // Get the Tenant's Verified Domains initialDomain = tenantDetail.VerifiedDomains.First(x => x.Initial.HasValue && x.Initial.Value); Console.WriteLine("Initial Domain Name: " + initialDomain.Name); defaultDomain = tenantDetail.VerifiedDomains.First(x => [email protected] && [email protected]); Console.WriteLine("Default Domain Name: " + defaultDomain.Name); // Get Tenant's Tech Contacts foreach (string techContact in tenantDetail.TechnicalNotificationMails) { Console.WriteLine("Tenant Tech Contact: " + techContact); } } #endregion #region Create a new User IUser newUser = new User(); if (defaultDomain.Name != null) { newUser.DisplayName = "Sample App Demo User (Manager)"; newUser.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name; newUser.AccountEnabled = true; newUser.MailNickname = "SampleAppDemoUserManager"; newUser.PasswordProfile = new PasswordProfile { Password = "******", ForceChangePasswordNextLogin = true }; newUser.UsageLocation = "US"; try { activeDirectoryClient.Users.AddUserAsync(newUser).Wait(); Console.WriteLine("\nNew User {0} was created", newUser.DisplayName); } catch (Exception e) { Console.WriteLine("\nError creating new user {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region List of max 4 Users by UPN //********************************************************************* // Demonstrate Getting a list of Users with paging (get 4 users), sorted by displayName //********************************************************************* int maxUsers = 4; try { Console.WriteLine("\n Retrieving Users"); List<IUser> users = activeDirectoryClient.Users.OrderBy(user => user.UserPrincipalName).Take(maxUsers).ExecuteAsync().Result.CurrentPage.ToList(); foreach (IUser user in users) { Console.WriteLine("UserObjectId: {0} UPN: {1}", user.ObjectId, user.UserPrincipalName); } } catch (Exception e) { Console.WriteLine("\nError getting Users. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Create a User with a temp Password //********************************************************************************************* // Create a new User with a temp Password //********************************************************************************************* IUser userToBeAdded = new User(); userToBeAdded.DisplayName = "Sample App Demo User"; userToBeAdded.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name; userToBeAdded.AccountEnabled = true; userToBeAdded.MailNickname = "SampleAppDemoUser"; userToBeAdded.PasswordProfile = new PasswordProfile { Password = "******", ForceChangePasswordNextLogin = true }; userToBeAdded.UsageLocation = "US"; try { activeDirectoryClient.Users.AddUserAsync(userToBeAdded).Wait(); Console.WriteLine("\nNew User {0} was created", userToBeAdded.DisplayName); } catch (Exception e) { Console.WriteLine("\nError creating new user. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Update newly created User //******************************************************************************************* // update the newly created user's Password, PasswordPolicies and City //********************************************************************************************* if (userToBeAdded.ObjectId != null) { // update User's city and reset their User's Password userToBeAdded.City = "Seattle"; userToBeAdded.Country = "UK"; PasswordProfile PasswordProfile = new PasswordProfile { Password = "******", ForceChangePasswordNextLogin = false }; userToBeAdded.PasswordProfile = PasswordProfile; userToBeAdded.PasswordPolicies = "DisablePasswordExpiration, DisableStrongPassword"; try { userToBeAdded.UpdateAsync().Wait(); Console.WriteLine("\nUser {0} was updated", userToBeAdded.DisplayName); } catch (Exception e) { Console.WriteLine("\nError Updating the user {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Search User by UPN // search for a single user by UPN string searchString = "admin@" + initialDomain.Name; Console.WriteLine("\n Retrieving user with UPN {0}", searchString); User retrievedUser = new User(); List<IUser> retrievedUsers = null; try { retrievedUsers = activeDirectoryClient.Users .Where(user => user.UserPrincipalName.Equals(searchString)) .ExecuteAsync().Result.CurrentPage.ToList(); } catch (Exception e) { Console.WriteLine("\nError getting new user {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } // should only find one user with the specified UPN if (retrievedUsers != null && retrievedUsers.Count == 1) { retrievedUser = (User)retrievedUsers.First(); } else { Console.WriteLine("User not found {0}", searchString); } #endregion #region User Operations if (retrievedUser.UserPrincipalName != null) { Console.WriteLine("\n Found User: "******" UPN: " + retrievedUser.UserPrincipalName); #region Assign User a Manager //Assigning User a new manager. if (newUser.ObjectId != null) { Console.WriteLine("\n Assign User {0}, {1} as Manager.", retrievedUser.DisplayName, newUser.DisplayName); retrievedUser.Manager = newUser as DirectoryObject; try { newUser.UpdateAsync().Wait(); Console.Write("User {0} is successfully assigned {1} as Manager.", retrievedUser.DisplayName, newUser.DisplayName); } catch (Exception e) { Console.WriteLine("\nError assigning manager to user. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Get User's Manager //Get the retrieved user's manager. Console.WriteLine("\n Retrieving User {0}'s Manager.", retrievedUser.DisplayName); DirectoryObject usersManager = retrievedUser.Manager; if (usersManager != null) { User manager = usersManager as User; if (manager != null) { Console.WriteLine("User {0} Manager details: \nManager: {1} UPN: {2}", retrievedUser.DisplayName, manager.DisplayName, manager.UserPrincipalName); } } else { Console.WriteLine("Manager not found."); } #endregion #region Get User's Direct Reports //********************************************************************* // get the user's Direct Reports //********************************************************************* if (newUser.ObjectId != null) { Console.WriteLine("\n Getting User{0}'s Direct Reports.", newUser.DisplayName); IUserFetcher newUserFetcher = (IUserFetcher)newUser; try { IPagedCollection<IDirectoryObject> directReports = newUserFetcher.DirectReports.ExecuteAsync().Result; do { List<IDirectoryObject> directoryObjects = directReports.CurrentPage.ToList(); foreach (IDirectoryObject directoryObject in directoryObjects) { if (directoryObject is User) { User directReport = directoryObject as User; Console.WriteLine("User {0} Direct Report is {1}", newUser.UserPrincipalName, directReport.UserPrincipalName); } } directReports = directReports.GetNextPageAsync().Result; } while (directReports != null); } catch (Exception e) { Console.WriteLine("\nError getting direct reports of user. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Get list of Group IDS, user is member of //********************************************************************* // get a list of Group IDs that the user is a member of //********************************************************************* //const bool securityEnabledOnly = false; //IEnumerable<string> memberGroups = retrievedUser.GetMemberGroupsAsync(securityEnabledOnly).Result; //Console.WriteLine("\n {0} is a member of the following Groups (IDs)", retrievedUser.DisplayName); //foreach (String memberGroup in memberGroups) //{ // Console.WriteLine("Member of Group ID: " + memberGroup); //} #endregion #region Get User's Group And Role Membership, Getting the complete set of objects //********************************************************************* // get the User's Group and Role membership, getting the complete set of objects //********************************************************************* Console.WriteLine("\n {0} is a member of the following Group and Roles (IDs)", retrievedUser.DisplayName); IUserFetcher retrievedUserFetcher = retrievedUser; try { IPagedCollection<IDirectoryObject> pagedCollection = retrievedUserFetcher.MemberOf.ExecuteAsync().Result; do { List<IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList(); foreach (IDirectoryObject directoryObject in directoryObjects) { if (directoryObject is Group) { Group group = directoryObject as Group; Console.WriteLine(" Group: {0} Description: {1}", group.DisplayName, group.Description); } if (directoryObject is DirectoryRole) { DirectoryRole role = directoryObject as DirectoryRole; Console.WriteLine(" Role: {0} Description: {1}", role.DisplayName, role.Description); } } pagedCollection = pagedCollection.GetNextPageAsync().Result; } while (pagedCollection != null); } catch (Exception e) { Console.WriteLine("\nError getting user's groups and roles memberships. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion } #endregion #region Search for User (People Picker) //********************************************************************* // People picker // Search for a user using text string "Us" match against userPrincipalName, displayName, giveName, surname //********************************************************************* searchString = "Us"; Console.WriteLine("\nSearching for any user with string {0} in UPN,DisplayName,First or Last Name", searchString); List<IUser> usersList = null; IPagedCollection<IUser> searchResults = null; try { IUserCollection userCollection = activeDirectoryClient.Users; searchResults = userCollection.Where(user => user.UserPrincipalName.StartsWith(searchString) || user.DisplayName.StartsWith(searchString) || user.GivenName.StartsWith(searchString) || user.Surname.StartsWith(searchString)).ExecuteAsync().Result; usersList = searchResults.CurrentPage.ToList(); } catch (Exception e) { Console.WriteLine("\nError getting User {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (usersList != null && usersList.Count > 0) { do { usersList = searchResults.CurrentPage.ToList(); foreach (IUser user in usersList) { Console.WriteLine("User DisplayName: {0} UPN: {1}", user.DisplayName, user.UserPrincipalName); } searchResults = searchResults.GetNextPageAsync().Result; } while (searchResults != null); } else { Console.WriteLine("User not found"); } #endregion #region Search for Group using StartWith filter //********************************************************************* // Search for a group using a startsWith filter (displayName property) //********************************************************************* Group retrievedGroup = new Group(); searchString = "My"; List<IGroup> foundGroups = null; try { foundGroups = activeDirectoryClient.Groups .Where(group => group.DisplayName.StartsWith(searchString)) .ExecuteAsync().Result.CurrentPage.ToList(); } catch (Exception e) { Console.WriteLine("\nError getting Group {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (foundGroups != null && foundGroups.Count > 0) { retrievedGroup = foundGroups.First() as Group; } else { Console.WriteLine("Group Not Found"); } #endregion #region Assign Member to Group if (retrievedGroup.ObjectId != null) { try { retrievedGroup.Members.Add(newUser as DirectoryObject); retrievedGroup.UpdateAsync().Wait(); } catch (Exception e) { Console.WriteLine("\nError assigning member to group. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Get Group members if (retrievedGroup.ObjectId != null) { Console.WriteLine("\n Found Group: " + retrievedGroup.DisplayName + " " + retrievedGroup.Description); //********************************************************************* // get the groups' membership - // Note this method retrieves ALL links in one request - please use this method with care - this // may return a very large number of objects //********************************************************************* IGroupFetcher retrievedGroupFetcher = retrievedGroup; try { IPagedCollection<IDirectoryObject> members = retrievedGroupFetcher.Members.ExecuteAsync().Result; Console.WriteLine(" Members:"); do { List<IDirectoryObject> directoryObjects = members.CurrentPage.ToList(); foreach (IDirectoryObject member in directoryObjects) { if (member is User) { User user = member as User; Console.WriteLine("User DisplayName: {0} UPN: {1}", user.DisplayName, user.UserPrincipalName); } if (member is Group) { Group group = member as Group; Console.WriteLine("Group DisplayName: {0}", group.DisplayName); } if (member is Contact) { Contact contact = member as Contact; Console.WriteLine("Contact DisplayName: {0}", contact.DisplayName); } } members = members.GetNextPageAsync().Result; } while (members != null); } catch (Exception e) { Console.WriteLine("\nError getting groups' membership. {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Add User to Group //********************************************************************************************* // Add User to the "WA" Group //********************************************************************************************* if (retrievedGroup.ObjectId != null) { try { retrievedGroup.Members.Add(userToBeAdded as DirectoryObject); retrievedGroup.UpdateAsync().Wait(); } catch (Exception e) { Console.WriteLine("\nAdding user to group failed {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Create a new Group //********************************************************************************************* // Create a new Group //********************************************************************************************* Group californiaEmployees = new Group { DisplayName = "California Employees" + Helper.GetRandomString(8), Description = "Employees in the state of California", MailNickname = "CalEmployees", MailEnabled = false, SecurityEnabled = true }; try { activeDirectoryClient.Groups.AddGroupAsync(californiaEmployees).Wait(); Console.WriteLine("\nNew Group {0} was created", californiaEmployees.DisplayName); } catch (Exception e) { Console.WriteLine("\nError creating new Group {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Delete User //********************************************************************************************* // Delete the user that we just created //********************************************************************************************* if (userToBeAdded.ObjectId != null) { try { userToBeAdded.DeleteAsync().Wait(); Console.WriteLine("\nUser {0} was deleted", userToBeAdded.DisplayName); } catch (Exception e) { Console.WriteLine("Deleting User failed {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } if (newUser.ObjectId != null) { try { newUser.DeleteAsync().Wait(); Console.WriteLine("\nUser {0} was deleted", newUser.DisplayName); } catch (Exception e) { Console.WriteLine("Deleting User failed {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Delete Group //********************************************************************************************* // Delete the Group that we just created //********************************************************************************************* if (californiaEmployees.ObjectId != null) { try { californiaEmployees.DeleteAsync().Wait(); Console.WriteLine("\nGroup {0} was deleted", californiaEmployees.DisplayName); } catch (Exception e) { Console.WriteLine("Deleting Group failed {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Get All Roles //********************************************************************* // Get All Roles //********************************************************************* List<IDirectoryRole> foundRoles = null; try { foundRoles = activeDirectoryClient.DirectoryRoles.ExecuteAsync().Result.CurrentPage.ToList(); } catch (Exception e) { Console.WriteLine("\nError getting Roles {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (foundRoles != null && foundRoles.Count > 0) { foreach (IDirectoryRole role in foundRoles) { Console.WriteLine("\n Found Role: {0} {1} {2} ", role.DisplayName, role.Description, role.ObjectId); } } else { Console.WriteLine("Role Not Found {0}", searchString); } #endregion #region Get Service Principals //********************************************************************* // get the Service Principals //********************************************************************* IPagedCollection<IServicePrincipal> servicePrincipals = null; try { servicePrincipals = activeDirectoryClient.ServicePrincipals.ExecuteAsync().Result; } catch (Exception e) { Console.WriteLine("\nError getting Service Principal {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (servicePrincipals != null) { do { List<IServicePrincipal> servicePrincipalsList = servicePrincipals.CurrentPage.ToList(); foreach (IServicePrincipal servicePrincipal in servicePrincipalsList) { Console.WriteLine("Service Principal AppId: {0} Name: {1}", servicePrincipal.AppId, servicePrincipal.DisplayName); } servicePrincipals = servicePrincipals.GetNextPageAsync().Result; } while (servicePrincipals != null); } #endregion #region Get Applications //********************************************************************* // get the Application objects //********************************************************************* IPagedCollection<IApplication> applications = null; try { applications = activeDirectoryClient.Applications.Take(999).ExecuteAsync().Result; } catch (Exception e) { Console.WriteLine("\nError getting Applications {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (applications != null) { do { List<IApplication> appsList = applications.CurrentPage.ToList(); foreach (IApplication app in appsList) { Console.WriteLine("Application AppId: {0} Name: {1}", app.AppId, app.DisplayName); } applications = applications.GetNextPageAsync().Result; } while (applications != null); } #endregion #region User License Assignment //********************************************************************************************* // User License Assignment - assign EnterprisePack license to new user, and disable SharePoint service // first get a list of Tenant's subscriptions and find the "Enterprisepack" one // Enterprise Pack includes service Plans for ExchangeOnline, SharePointOnline and LyncOnline // validate that Subscription is Enabled and there are enough units left to assign to users //********************************************************************************************* IPagedCollection<ISubscribedSku> skus = null; try { skus = activeDirectoryClient.SubscribedSkus.ExecuteAsync().Result; } catch (Exception e) { Console.WriteLine("\nError getting Applications {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (skus != null) { do { List<ISubscribedSku> subscribedSkus = skus.CurrentPage.ToList(); foreach (ISubscribedSku sku in subscribedSkus) { if (sku.SkuPartNumber == "ENTERPRISEPACK") { if ((sku.PrepaidUnits.Enabled.Value > sku.ConsumedUnits) && (sku.CapabilityStatus == "Enabled")) { // create addLicense object and assign the Enterprise Sku GUID to the skuId // AssignedLicense addLicense = new AssignedLicense { SkuId = sku.SkuId.Value }; // find plan id of SharePoint Service Plan foreach (ServicePlanInfo servicePlan in sku.ServicePlans) { if (servicePlan.ServicePlanName.Contains("SHAREPOINT")) { addLicense.DisabledPlans.Add(servicePlan.ServicePlanId.Value); break; } } IList<AssignedLicense> licensesToAdd = new[] { addLicense }; IList<Guid> licensesToRemove = new Guid[] { }; // attempt to assign the license object to the new user try { if (newUser.ObjectId != null) { newUser.AssignLicenseAsync(licensesToAdd, licensesToRemove).Wait(); Console.WriteLine("\n User {0} was assigned license {1}", newUser.DisplayName, addLicense.SkuId); } } catch (Exception e) { Console.WriteLine("\nLicense assingment failed {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } } } skus = skus.GetNextPageAsync().Result; } while (skus != null); } #endregion #region Switch to OAuth Authorization Code Grant (Acting as a user) activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsUser(); #endregion #region Create Application //********************************************************************************************* // Create a new Application object with App Role Assignment (Direct permission) //********************************************************************************************* Application appObject = new Application { DisplayName = "Test-Demo App" + Helper.GetRandomString(8) }; appObject.IdentifierUris.Add("https://localhost/demo/" + Guid.NewGuid()); appObject.ReplyUrls.Add("https://localhost/demo"); AppRole appRole = new AppRole(); appRole.Id = Guid.NewGuid(); appRole.IsEnabled = true; appRole.AllowedMemberTypes.Add("User"); appRole.DisplayName = "Something"; appRole.Description = "Anything"; appRole.Value = "policy.write"; appObject.AppRoles.Add(appRole); // created Keycredential object for the new App object KeyCredential keyCredential = new KeyCredential { StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(1), Type = "Symmetric", Value = Convert.FromBase64String("g/TMLuxgzurjQ0Sal9wFEzpaX/sI0vBP3IBUE/H/NS4="), Usage = "Verify" }; appObject.KeyCredentials.Add(keyCredential); try { activeDirectoryClient.Applications.AddApplicationAsync(appObject).Wait(); Console.WriteLine("New Application created: " + appObject.ObjectId); } catch (Exception e) { Console.WriteLine("Application Creation execption: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Create Service Principal //********************************************************************************************* // create a new Service principal //********************************************************************************************* ServicePrincipal newServicePrincpal = new ServicePrincipal(); if (appObject != null) { newServicePrincpal.DisplayName = appObject.DisplayName; newServicePrincpal.AccountEnabled = true; newServicePrincpal.AppId = appObject.AppId; try { activeDirectoryClient.ServicePrincipals.AddServicePrincipalAsync(newServicePrincpal).Wait(); Console.WriteLine("New Service Principal created: " + newServicePrincpal.ObjectId); } catch (Exception e) { Console.WriteLine("Service Principal Creation execption: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Create an Extension Property ExtensionProperty linkedInUserId = new ExtensionProperty { Name = "linkedInUserId", DataType = "String", TargetObjects = { "User" } }; try { appObject.ExtensionProperties.Add(linkedInUserId); appObject.UpdateAsync().Wait(); Console.WriteLine("\nUser object extended successfully."); } catch (Exception e) { Console.WriteLine("\nError extending the user object {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Manipulate an Extension Property try { if (retrievedUser != null && retrievedUser.ObjectId != null) { retrievedUser.SetExtendedProperty(linkedInUserId.Name, "ExtensionPropertyValue"); retrievedUser.UpdateAsync().Wait(); Console.WriteLine("\nUser {0}'s extended property set successully.", retrievedUser.DisplayName); } } catch (Exception e) { Console.WriteLine("\nError Updating the user object {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Get an Extension Property try { if (retrievedUser != null && retrievedUser.ObjectId != null) { IReadOnlyDictionary<string, object> extendedProperties = retrievedUser.GetExtendedProperties(); object extendedProperty = extendedProperties[linkedInUserId.Name]; Console.WriteLine("\n Retrieved User {0}'s extended property value is: {1}.", retrievedUser.DisplayName, extendedProperty); } } catch (Exception e) { Console.WriteLine("\nError Updating the user object {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Assign Direct Permission try { User user = (User)activeDirectoryClient.Users.ExecuteAsync().Result.CurrentPage.ToList().FirstOrDefault(); if (appObject.ObjectId != null && user != null && newServicePrincpal.ObjectId != null) { AppRoleAssignment appRoleAssignment = new AppRoleAssignment(); appRoleAssignment.Id = appRole.Id; appRoleAssignment.ResourceId = Guid.Parse(newServicePrincpal.ObjectId); appRoleAssignment.PrincipalType = "User"; appRoleAssignment.PrincipalId = Guid.Parse(user.ObjectId); user.AppRoleAssignments.Add(appRoleAssignment); user.UpdateAsync().Wait(); Console.WriteLine("User {0} is successfully assigned direct permission.", retrievedUser.DisplayName); } } catch (Exception e) { Console.WriteLine("Direct Permission Assignment failed: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Get Devices //********************************************************************************************* // Get a list of Mobile Devices from tenant //********************************************************************************************* Console.WriteLine("\nGetting Devices"); IPagedCollection<IDevice> devices = null; try { devices = activeDirectoryClient.Devices.ExecuteAsync().Result; } catch (Exception e) { Console.WriteLine("/nError getting devices {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (devices != null) { do { List<IDevice> devicesList = devices.CurrentPage.ToList(); foreach (IDevice device in devicesList) { if (device.ObjectId != null) { Console.WriteLine("Device ID: {0}, Type: {1}", device.DeviceId, device.DeviceOSType); IPagedCollection<IDirectoryObject> registeredOwners = device.RegisteredOwners; if (registeredOwners != null) { do { List<IDirectoryObject> registeredOwnersList = registeredOwners.CurrentPage.ToList(); foreach (IDirectoryObject owner in registeredOwnersList) { Console.WriteLine("Device Owner ID: " + owner.ObjectId); } registeredOwners = registeredOwners.GetNextPageAsync().Result; } while (registeredOwners != null); } } } devices = devices.GetNextPageAsync().Result; } while (devices != null); } #endregion #region Create New Permission //********************************************************************************************* // Create new permission object //********************************************************************************************* OAuth2PermissionGrant permissionObject = new OAuth2PermissionGrant(); permissionObject.ConsentType = "AllPrincipals"; permissionObject.Scope = "user_impersonation"; permissionObject.StartTime = DateTime.Now; permissionObject.ExpiryTime = (DateTime.Now).AddMonths(12); // resourceId is objectId of the resource, in this case objectId of AzureAd (Graph API) permissionObject.ResourceId = "52620afb-80de-4096-a826-95f4ad481686"; //ClientId = objectId of servicePrincipal permissionObject.ClientId = newServicePrincpal.ObjectId; try { activeDirectoryClient.Oauth2PermissionGrants.AddOAuth2PermissionGrantAsync(permissionObject).Wait(); Console.WriteLine("New Permission object created: " + permissionObject.ObjectId); } catch (Exception e) { Console.WriteLine("Permission Creation exception: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion #region Get All Permissions //********************************************************************************************* // get all Permission Objects //********************************************************************************************* Console.WriteLine("\n Getting Permissions"); IPagedCollection<IOAuth2PermissionGrant> permissions = null; try { permissions = activeDirectoryClient.Oauth2PermissionGrants.ExecuteAsync().Result; } catch (Exception e) { Console.WriteLine("Error: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } if (permissions != null) { do { List<IOAuth2PermissionGrant> perms = permissions.CurrentPage.ToList(); foreach (IOAuth2PermissionGrant perm in perms) { Console.WriteLine("Permission: {0} Name: {1}", perm.ClientId, perm.Scope); } permissions = permissions.GetNextPageAsync().Result; } while (permissions != null); } #endregion #region Delete Application //********************************************************************************************* // Delete Application Objects //********************************************************************************************* if (appObject.ObjectId != null) { try { appObject.DeleteAsync().Wait(); Console.WriteLine("Deleted Application object: " + appObject.ObjectId); } catch (Exception e) { Console.WriteLine("Application Deletion execption: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } } #endregion #region Batch Operations //********************************************************************************************* // Show Batching with 3 operators. Note: up to 5 operations can be in a batch //********************************************************************************************* IReadOnlyQueryableSet<User> userQuery = activeDirectoryClient.DirectoryObjects.OfType<User>(); IReadOnlyQueryableSet<Group> groupsQuery = activeDirectoryClient.DirectoryObjects.OfType<Group>(); IReadOnlyQueryableSet<DirectoryRole> rolesQuery = activeDirectoryClient.DirectoryObjects.OfType<DirectoryRole>(); try { IBatchElementResult[] batchResult = activeDirectoryClient.Context.ExecuteBatchAsync(userQuery, groupsQuery, rolesQuery).Result; int responseCount = 1; foreach (IBatchElementResult result in batchResult) { if (result.FailureResult != null) { Console.WriteLine("Failed: {0} ", result.FailureResult.InnerException); } if (result.SuccessResult != null) { Console.WriteLine("Batch Item Result {0} succeeded", responseCount++); } } } catch (Exception e) { Console.WriteLine("Batch execution failed. : {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : ""); } #endregion //********************************************************************************************* // End of Demo Console App //********************************************************************************************* Console.WriteLine("\nCompleted at {0} \n Press Any Key to Exit.", currentDateTime); Console.ReadKey(); }