/// <summary> /// Handle the provisioning for a single user /// </summary> /// <param name="userToProvision"></param> /// <param name="siteSignIn"></param> /// <param name="workingListUnexaminedUsers"></param> private void Execute_ProvisionUsers_SingleUser( ProvisioningUser userToProvision, TableauServerSignIn siteSignIn, WorkingListSiteUsers workingListUnexaminedUsers) { //See if a user with this name already exists var foundExistingUser = workingListUnexaminedUsers.FindUser(userToProvision.UserName); ProvisionUserInstructions.MissingUserAction missingUserAction; ProvisionUserInstructions.UnexpectedUserAction unexpectedUserAction; //Get the instructions based on the desired Auth model for the user we are provisioning switch (userToProvision.UserAuthenticationParsed) { case SiteUserAuth.Default: missingUserAction = _provisionInstructions.ActionForMissingDefaultAuthUsers; unexpectedUserAction = _provisionInstructions.ActionForUnexpectedDefaultAuthUsers; break; case SiteUserAuth.SAML: missingUserAction = _provisionInstructions.ActionForMissingSamlUsers; unexpectedUserAction = _provisionInstructions.ActionForUnexpectedSamlUsers; break; default: IwsDiagnostics.Assert(false, "814-1204: Unknown auth type"); throw new Exception("814-1204: Unknown auth type"); } //CASE 1: The user does NOT exist. So add them if (foundExistingUser == null) { Execute_ProvisionUsers_SingleUser_AddUser(siteSignIn, userToProvision, missingUserAction); return; } //CASE 2: The user EXISTS but is not the right role or auth; update them if ( (string.Compare(foundExistingUser.SiteRole, userToProvision.UserRole, true) != 0) || (string.Compare(foundExistingUser.SiteAuthentication, userToProvision.UserAuthentication, true) != 0) ) { Execute_ProvisionUsers_SingleUser_ModifyUser(siteSignIn, userToProvision, foundExistingUser); return; } //CASE 3: The user exists and does NOT need to be modified _statusLogs.AddStatus("No action: User exists and has expected role and authentication. User: " + userToProvision.UserName); }
/// <summary> /// Provisioning for a single group /// </summary> /// <param name="siteSignIn"></param> /// <param name="thisProvisionGroup"></param> /// <param name="existingGroups"></param> private void Execute_ProvisionGroups_SingleGroup( TableauServerSignIn siteSignIn, ProvisioningGroup thisProvisionGroup, DownloadGroupsList existingGroups, DownloadUsersList siteUsersList) { _statusLogs.AddStatusHeader("Provision the group: " + thisProvisionGroup.GroupName); var thisExistingGroup = existingGroups.FindGroupWithName(thisProvisionGroup.GroupName); ICollection <SiteUser> existingUsersInGroup = new List <SiteUser>(); //If the Group does not exist on server then create it if (thisExistingGroup == null) { var createGroup = new SendCreateGroup(siteSignIn, thisProvisionGroup.GroupName); thisExistingGroup = createGroup.ExecuteRequest(); CSVRecord_GroupModified(thisExistingGroup.Name, "created group", ""); _statusLogs.AddStatus("Created group: " + thisExistingGroup.Name); } else { //Download the members of the group var downloadGroupMembers = new DownloadUsersListInGroup(siteSignIn, thisExistingGroup.Id); downloadGroupMembers.ExecuteRequest(); existingUsersInGroup = downloadGroupMembers.Users; } //==================================================================================== //Keep a list of the remaining users in the Server Site's group //==================================================================================== var workingListUnexaminedUsers = new WorkingListSiteUsers(existingUsersInGroup); //==================================================================================== //Go through each of the users we need to provision, and see if they are in the group //already //==================================================================================== foreach (var provisionThisUser in thisProvisionGroup.Members) { var userInGroup = workingListUnexaminedUsers.FindUser(provisionThisUser); if (userInGroup != null) { //The user is already in the group, no need to add them workingListUnexaminedUsers.RemoveUser(userInGroup); } else { //Add the user to the group try { Execute_ProvisionGroups_SingleGroup_AddUser(siteSignIn, provisionThisUser, thisExistingGroup, siteUsersList); } catch (Exception exAddUserToGroup) //Unexpected error case { IwsDiagnostics.Assert(false, "811-700: Internal error adding user to group: " + exAddUserToGroup.Message); _statusLogs.AddError("811-700: Internal error adding user to group: " + exAddUserToGroup.Message); } } } //============================================================================== //Remove any remaining users that are in the Server Site's Group but not in //our provisioning list //============================================================================== foreach (var unexpectedUser in workingListUnexaminedUsers.GetUsers()) { try { Execute_ProvisionGroups_RemoveSingleUser(siteSignIn, unexpectedUser, thisExistingGroup); } catch (Exception exUnxpectedUsers) { _statusLogs.AddError("Error removing unexpected user in GROUP " + unexpectedUser.ToString() + ", " + exUnxpectedUsers.Message); CSVRecord_Error(unexpectedUser.Name, unexpectedUser.SiteRole, unexpectedUser.SiteAuthentication, "Error removing unexpected user in GROUP" + unexpectedUser.ToString() + ", " + exUnxpectedUsers.Message); } } }