public static async Task <IGroupMembersCollectionWithReferencesPage> GetGroupMembersAsync(string groupId)
{
IGroupMembersCollectionWithReferencesPage members = null;
var graphClient = AuthenticationHelper.GetAuthenticatedClient();
try
{
var group = await graphClient.Groups[groupId].Request().Expand("members").GetAsync();
members = group.Members;
foreach (var member in members)
{
Debug.WriteLine("Member Id:" + member.Id);
}
}
catch (ServiceException e)
{
Debug.WriteLine("We could not get the group members: " + e.Error.Message);
return(null);
}
return(members);
}
// Read properties and relationships of group members.
// This snippet requires an admin work account.
public async Task <List <ResultsItem> > GetMembers(string id)
{
List <ResultsItem> items = new List <ResultsItem>();
// Get group members.
IGroupMembersCollectionWithReferencesPage members = await graphClient.Groups[id].Members.Request(requestOptions)
.WithUserAccount(ClaimsPrincipal.Current.ToGraphUserAccount())
.GetAsync();
if (members?.Count > 0)
{
foreach (User user in members)
{
// Get member properties.
items.Add(new ResultsItem
{
Properties = new Dictionary <string, object>
{
{ Resource.Prop_Upn, user.UserPrincipalName },
{ Resource.Prop_Id, user.Id }
}
});
}
}
return(items);
}
private async Task <List <string> > GetGroupFrom(GraphServiceClient graphClient, string id)
{
List <string> list = new List <string>();
try
{
Microsoft.Graph.Group group = await graphClient.Groups[id].Request().GetAsync();
if (group != null)
{
IGroupMembersCollectionWithReferencesPage members = await graphClient.Groups[id].Members.Request().GetAsync();
var foundMembers = members.CurrentPage.ToList();
if (foundMembers != null && foundMembers.Count > 0)
{
do
{
foundMembers = members.CurrentPage.ToList();
foreach (var member in foundMembers)
{
try
{
var graphMember = await graphClient.Users[member.Id].Request().GetAsync();
list.Add(graphMember.UserPrincipalName.ToLower());
_logger.LogInformation(8, id + "--> " + graphMember.UserPrincipalName.ToLower());
}
catch (Exception e)
{
_logger.LogWarning(8, e, "member: " + member.Id + "|| group: " + group.DisplayName);
// don't crash
}
}
if (members.NextPageRequest != null)
{
members = await members.NextPageRequest.GetAsync();
}
else
{
members = null;
}
} while (members != null && members.Count > 0);
}
}
return(list);
}
catch (Exception e)
{
_logger.LogError(8, e, "GetGroupFrom " + id.ToString());
return(list);
}
}
/// <summary>
/// Itterate down a groups membership, looking in any sub-groups, and record all the members
/// </summary>
/// <param name="azureGraph"></param>
/// <param name="thisGroupsMembers"></param>
/// <param name="singleGroupMembershipManager"></param>
/// <param name="groupSyncInstructions"></param>
/// <returns></returns>
async Task AzureRecurseGroupsGenerateGroupMembersList(
GraphServiceClient azureGraph,
IGroupMembersCollectionWithReferencesPage thisGroupsMembers,
ProvisionFromDirectoryGroupsMembershipManager.SingleGroupManager singleGroupMembershipManager)
{
var thispage_members = thisGroupsMembers;
do
{
if (thispage_members.Count > 0)
{
foreach (var thisMember in thispage_members)
{
var asUser = thisMember as Microsoft.Graph.User;
var asSubGroup = thisMember as Microsoft.Graph.Group;
//-------------------------------------------------
//If it's a USER, then add it to our tracking list
//-------------------------------------------------
if (asUser != null)
{
//-------------------------------------------------
//Add them to the list of users
//-------------------------------------------------
AddUserToGroupProvisioningTrackingManager(
singleGroupMembershipManager,
asUser);
}
//-------------------------------------------------
//If it's a GROUP, then recurse down it
//-------------------------------------------------
else if (asSubGroup != null)
{
//-----------------------------------------------------------------------------------
//Recurse down the subgroup and get its members
//-----------------------------------------------------------------------------------
var subGroupsMembers = await azureGraph.Groups[asSubGroup.Id].Members.Request().GetAsync();
await AzureRecurseGroupsGenerateGroupMembersList(azureGraph, subGroupsMembers, singleGroupMembershipManager);
}
}
}
//Go to the next page
if (thispage_members.NextPageRequest != null)
{
thispage_members = await thispage_members.NextPageRequest.GetAsync();
}
else
{
thispage_members = null;
}
} while (thispage_members != null);
}
public static IEnumerable <UserDto> MergeUsersWithAzureData(IEnumerable <User> usersFromRepo,
IGroupMembersCollectionWithReferencesPage usersFromAzureAd, IMapper mapper)
{
var mergedUsers = (from userFromRepo in usersFromRepo
from dbUserFromAzureAd in usersFromAzureAd
where userFromRepo.Id == Guid.Parse(dbUserFromAzureAd.Id)
let dtoFromDb = mapper.Map <UserDto>(userFromRepo)
select mapper.Map(dbUserFromAzureAd, dtoFromDb))
.OrderByDescending(u => u.Surname)
.ThenBy(u => u.GivenName)
.ThenBy(u => u.DisplayName);
return(mergedUsers);
}
private static async Task <List <DirectoryObject> > GetMembers(IGroupMembersCollectionWithReferencesPage page, CancellationToken token)
{
List <DirectoryObject> members = new List <DirectoryObject>();
if (page?.Count > 0)
{
members.AddRange(page.CurrentPage);
while (page.NextPageRequest != null)
{
page = await GraphHelper.ExecuteWithRetryAndRateLimit(async() => await page.NextPageRequest.GetAsync(token), token, 0);
members.AddRange(page.CurrentPage);
}
}
return(members);
}
/// <summary>
/// Itterate down a groups membership, looing in any sub-groups, and record all the members
/// </summary>
/// <param name="azureGraph"></param>
/// <param name="thisGroupsMembers"></param>
/// <param name="baseGroupToRetrieve"></param>
async Task AzureRecurseGroupsGenerateRolesList(GraphServiceClient azureGraph, IGroupMembersCollectionWithReferencesPage thisGroupsMembers, ProvisionConfigExternalDirectorySync.SynchronizeGroupToRole baseGroupToRetrieve)
{
var thispage_members = thisGroupsMembers;
do
{
if (thispage_members.Count > 0)
{
foreach (var thisMember in thispage_members)
{
var asUser = thisMember as Microsoft.Graph.User;
var asSubGroup = thisMember as Microsoft.Graph.Group;
if (asUser != null)
{
AddUserToRoleProvisioningTrackingManager(
baseGroupToRetrieve.TableauRole,
baseGroupToRetrieve.AllowPromotedRoleForMembers,
baseGroupToRetrieve.AuthenticationModel,
asUser,
baseGroupToRetrieve.SourceGroupName);
//Add them to the list of users
}
else if (asSubGroup != null)
{
//-----------------------------------------------------------------------------------
//Recurse down the subgroup and get its members
//-----------------------------------------------------------------------------------
var subGroupsMembers = await azureGraph.Groups[asSubGroup.Id].Members.Request().GetAsync();
await AzureRecurseGroupsGenerateRolesList(azureGraph, subGroupsMembers, baseGroupToRetrieve);
}
}
}
//Go to the next page
if (thispage_members.NextPageRequest != null)
{
thispage_members = await thispage_members.NextPageRequest.GetAsync();
}
else
{
thispage_members = null;
}
} while (thispage_members != null);
}
public static List <GroupMember> BuildGroupMembersList(
IGroupMembersCollectionWithReferencesPage groupMembersList)
{
var groupMembers = new List <GroupMember>();
foreach (var __ in groupMembersList)
{
if (__ is User user)
{
groupMembers.Add(new GroupMember
{
Id = user.Id,
MemberName = user.DisplayName,
MemberType = nameof(Models.BloodHound.User)
});
}
else if (__ is Microsoft.Graph.Group group)
{
groupMembers.Add(new GroupMember
{
Id = group.Id,
MemberName = group.DisplayName,
MemberType = nameof(Group)
});
}
else if (__ is Device device)
{
groupMembers.Add(new GroupMember
{
Id = device.Id,
MemberName = device.DisplayName,
MemberType = nameof(Computer)
});
}
else
{
throw new NotImplementedException();
}
}
return(groupMembers);
}
public async Task <ActionResult> AssociateUserWithGroup(UserGroupAssociation model)
{
if (ModelState.IsValid)
{
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string, string> tup = await usersService.AssociateUserWithAGroup(graphServiceClient, model.UserEmailAddress, model.GroupName);
//get member of this group, which must include the new addition
List <ResultsItem> items = new List <ResultsItem>();
// Get group members.
IGroupMembersCollectionWithReferencesPage members = await graphServiceClient.Groups[tup.Item4].Members.Request().GetAsync();
if (members?.Count > 0)
{
foreach (Microsoft.Graph.User user in members)
{
// Get member properties.
items.Add(new ResultsItem()
{
Display = user.DisplayName, Id = user.Id
});
}
}
return(View("ListGroupMembers", new Tuple <bool, string, string, List <ResultsItem> >(tup.Item1, tup.Item2, model.GroupName, items)));
}
catch (Exception ex)
{
model.isOk = false;
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("AssociateUserWithGroup", model));
}
public IEnumerable <List <DirectoryObject> > GetGroupMembers(Group group, CancellationToken token)
{
IGroupMembersCollectionWithReferencesPage page = null;
try
{
page = client.Groups[group.Id].Members.Request().GetAsync(token).Result;
}
catch (Exception e)
{
Trace.WriteLine(e.Message);
}
while (page != null)
{
yield return(page.ToList());
if (page.NextPageRequest == null)
{
break;
}
page = page.NextPageRequest.GetAsync(token).Result;
}
}
/// <summary>
/// Returns all the Members of an Office 365 group.
/// </summary>
/// <param name="group">The Office 365 group object of type UnifiedGroupEntity</param>
/// <param name="accessToken">The OAuth 2.0 Access Token to use for invoking the Microsoft Graph</param>
/// <param name="retryCount">Number of times to retry the request in case of throttling</param>
/// <param name="delay">Milliseconds to wait before retrying the request. The delay will be increased (doubled) every retry</param>
/// <returns>Members of an Office 365 group as a list of UnifiedGroupUser entity</returns>
public static List <UnifiedGroupUser> GetUnifiedGroupMembers(UnifiedGroupEntity group, string accessToken, int retryCount = 10, int delay = 500)
{
List <UnifiedGroupUser> unifiedGroupUsers = null;
List <User> unifiedGroupGraphUsers = null;
IGroupMembersCollectionWithReferencesPage groupUsers = null;
if (String.IsNullOrEmpty(accessToken))
{
throw new ArgumentNullException(nameof(accessToken));
}
if (group == null)
{
throw new ArgumentNullException(nameof(group));
}
try
{
var result = Task.Run(async() =>
{
var graphClient = CreateGraphClient(accessToken, retryCount, delay);
// Get the members of an Office 365 group.
groupUsers = await graphClient.Groups[group.GroupId].Members.Request().GetAsync();
if (groupUsers.CurrentPage != null && groupUsers.CurrentPage.Count > 0)
{
unifiedGroupGraphUsers = new List <User>();
GenerateGraphUserCollection(groupUsers.CurrentPage, unifiedGroupGraphUsers);
}
// Retrieve users when the results are paged.
while (groupUsers.NextPageRequest != null)
{
groupUsers = groupUsers.NextPageRequest.GetAsync().GetAwaiter().GetResult();
if (groupUsers.CurrentPage != null && groupUsers.CurrentPage.Count > 0)
{
GenerateGraphUserCollection(groupUsers.CurrentPage, unifiedGroupGraphUsers);
}
}
// Create the collection of type OfficeDevPnP 'UnifiedGroupUser' after all users are retrieved, including paged data.
if (unifiedGroupGraphUsers != null && unifiedGroupGraphUsers.Count > 0)
{
unifiedGroupUsers = new List <UnifiedGroupUser>();
foreach (User usr in unifiedGroupGraphUsers)
{
UnifiedGroupUser groupUser = new UnifiedGroupUser();
groupUser.UserPrincipalName = usr.UserPrincipalName != null ? usr.UserPrincipalName : string.Empty;
groupUser.DisplayName = usr.DisplayName != null ? usr.DisplayName : string.Empty;
unifiedGroupUsers.Add(groupUser);
}
}
return(unifiedGroupUsers);
}).GetAwaiter().GetResult();
}
catch (ServiceException ex)
{
Log.Error(Constants.LOGGING_SOURCE, CoreResources.GraphExtensions_ErrorOccured, ex.Error.Message);
throw;
}
return(unifiedGroupUsers);
}
private async Task SearchPeopleAsync(string searchPattern)
{
if (string.IsNullOrWhiteSpace(searchPattern))
{
ClearAndHideSearchResultListBox();
return;
}
IsLoading = true;
try
{
GraphServiceClient graphClient = await GraphServiceHelper.GetGraphServiceClientAsync();
if (graphClient != null)
{
int searchLimit = SearchResultLimit > 0 ? SearchResultLimit : DefaultSearchResultLimit;
int queryLimit = searchLimit + Selections.Count;
IEnumerable <Person> rawResults;
if (string.IsNullOrWhiteSpace(GroupId))
{
var options = new List <QueryOption>
{
new QueryOption("$search", $"\"{searchPattern}\""),
new QueryOption("$filter", "personType/class eq 'Person' and personType/subclass eq 'OrganizationUser'"),
new QueryOption("$top", queryLimit.ToString())
};
rawResults = await graphClient.Me.People.Request(options).GetAsync();
}
else
{
IGroupMembersCollectionWithReferencesPage userRequest = await graphClient.Groups[GroupId].Members.Request().GetAsync();
List <Person> allPersons = new List <Person>();
while (true)
{
foreach (User user in userRequest)
{
if (string.IsNullOrEmpty(searchPattern) ||
(!string.IsNullOrEmpty(user.DisplayName) && user.DisplayName.StartsWith(searchPattern, StringComparison.OrdinalIgnoreCase)) ||
(!string.IsNullOrEmpty(user.Surname) && user.Surname.StartsWith(searchPattern, StringComparison.OrdinalIgnoreCase)))
{
Person person = GetPersonFromUser(user);
allPersons.Add(person);
}
if (allPersons.Count >= queryLimit)
{
break;
}
}
if (allPersons.Count >= queryLimit ||
userRequest.NextPageRequest == null)
{
break;
}
userRequest = await userRequest.NextPageRequest.GetAsync();
}
rawResults = allPersons;
}
SearchResults.Clear();
var results = rawResults.Where(o => !Selections.Any(s => s.Id == o.Id))
.Take(searchLimit);
foreach (var item in results)
{
SearchResults.Add(item);
}
if (SearchResults.Count > 0)
{
ShowSearchResults();
}
else
{
ClearAndHideSearchResultListBox();
}
}
}
catch (Exception exception)
{
MessageDialog messageDialog = new MessageDialog(exception.Message);
await messageDialog.ShowAsync();
}
finally
{
IsLoading = false;
}
}
public static async Task <List <DirectoryObject> > GetGroupMembers(GraphServiceClient client, string groupid, CancellationToken token)
{
IGroupMembersCollectionWithReferencesPage result = await GraphHelper.ExecuteWithRetryAndRateLimit(async() => await client.Groups[groupid].Members.Request().GetAsync(token), token, 0);
return(await GetMembers(result, token));
}
