/// <summary>
/// Public constructor
/// </summary>
/// <param name="type">Type of ACL entry: User/group/Other/mask</param>
/// <param name="userOrGroupId">Object ID of the object depending on the type of the ACL entry. For acl type other and mask it should be null</param>
/// <param name="scope">ACCESS or DEFAULT</param>
/// <param name="action">The type of ACL to set</param>
public AclEntry(AclType type, string userOrGroupId, AclScope scope, AclAction action)
{
Type = type;
UserOrGroupId = userOrGroupId;
Scope = scope;
Action = action;
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (objectSet.HasRelations && objectSet.HasObjects)
{
context.SetStatus(0, 1, "正在分析数据。");
// 查找组织关系
var pendingOperations = new List <Action <object> >();
var objects = objectSet.Objects;
Dictionary <string, IList <PC.SCOrganization> > orgToOrgRelations = new Dictionary <string, IList <PC.SCOrganization> >();
Dictionary <string, IList <PC.SCUser> > orgToUserRelations = new Dictionary <string, IList <PC.SCUser> >();
Dictionary <string, IList <PC.SCGroup> > orgToGroupRelations = new Dictionary <string, IList <PC.SCGroup> >();
Dictionary <string, PC.SchemaObjectBase> knownObjects = new Dictionary <string, PC.SchemaObjectBase>(); // 缓存已知对象,避免多次往返
context.SetStatus(0, 1, "正在统计需要导入的对象");
Stat stat = new Stat(); // 统计信息
FindFullOURelations(objectSet, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, new PC.SCOrganization[] { this.Parent }, stat); // 爬出所有组织关系
Dictionary <PC.SCOrganization, IList <PC.SCRelationObject> > userToOrgRelations = new Dictionary <PC.SCOrganization, IList <PC.SCRelationObject> >();
this.allSteps = this.CalculateSteps(stat);
this.currentSteps = 0;
bool orgValid = false; // 必须校验组织
context.SetStatus(0, this.allSteps, "正在导入数据。");
// 递归导入组织,并剔除错误的数据
orgValid = this.PrepareOrganizations(objectSet, context, knownObjects, orgToOrgRelations, this.Parent, this.IncludeOrganizations == false);
if (this.IncludeAcl)
{
// 递归导入Acl
var action = new AclAction(this);
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeUser)
{
var action = new UserAction(this);
action.ImportSecretaries = this.IncludeSecretaries;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeGroup)
{
var action = new GroupAction(this);
action.ImportMembers = this.IncludeGroupMembers;
action.ImportConditions = this.IncludeGroupConditions;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
}
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (objectSet.HasRelations && objectSet.HasObjects)
{
context.SetStatus(0, 1, "正在分析数据。");
// 查找组织关系
var pendingOperations = new List<Action<object>>();
var objects = objectSet.Objects;
Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations = new Dictionary<string, IList<PC.SCOrganization>>();
Dictionary<string, IList<PC.SCUser>> orgToUserRelations = new Dictionary<string, IList<PC.SCUser>>();
Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations = new Dictionary<string, IList<PC.SCGroup>>();
Dictionary<string, PC.SchemaObjectBase> knownObjects = new Dictionary<string, PC.SchemaObjectBase>(); // 缓存已知对象,避免多次往返
context.SetStatus(0, 1, "正在统计需要导入的对象");
Stat stat = new Stat(); // 统计信息
FindFullOURelations(objectSet, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, new PC.SCOrganization[] { this.Parent }, stat); // 爬出所有组织关系
Dictionary<PC.SCOrganization, IList<PC.SCRelationObject>> userToOrgRelations = new Dictionary<PC.SCOrganization, IList<PC.SCRelationObject>>();
this.allSteps = this.CalculateSteps(stat);
this.currentSteps = 0;
bool orgValid = false; // 必须校验组织
context.SetStatus(0, this.allSteps, "正在导入数据。");
// 递归导入组织,并剔除错误的数据
orgValid = this.PrepareOrganizations(objectSet, context, knownObjects, orgToOrgRelations, this.Parent, this.IncludeOrganizations == false);
if (this.IncludeAcl)
{
// 递归导入Acl
var action = new AclAction(this);
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeUser)
{
var action = new UserAction(this);
action.ImportSecretaries = this.IncludeSecretaries;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeGroup)
{
var action = new GroupAction(this);
action.ImportMembers = this.IncludeGroupMembers;
action.ImportConditions = this.IncludeGroupConditions;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
}
}
/// <summary>
/// Extension method that returns the octal permission corresponding to the AclACtion. For ex: AclAction.ReadExecute => "r-x"
/// </summary>
/// <param name="act">Acl aCtion</param>
/// <returns>Octal permission string</returns>
public static string GetRwx(this AclAction act)
{
StringBuilder sb = new StringBuilder(3);
sb.Append((act & AclAction.ReadOnly) > 0?'r':'-');
sb.Append((act & AclAction.WriteOnly) > 0 ? 'w' : '-');
sb.Append((act & AclAction.ExecuteOnly) > 0 ? 'x' : '-');
return(sb.ToString());
}
/// <summary>
/// Parses a AclEntry string into acl type, acl type Id, acl scope and acl action (permissions).
/// Throws exception if the acl string is not correct.
/// </summary>
/// <param name="aclEntry">Acl Entry string delimited by ':'</param>
/// <param name="removeAcl">Whether this string is for removing Acl.</param>
/// <returns>Acl Entry instance</returns>
public static AclEntry ParseAclEntryString(string aclEntry, bool removeAcl)
{
aclEntry = aclEntry.Trim();
string[] parts = aclEntry.Split(':');
if (parts.Length > 4)
{
throw new ArgumentException("Invalid AclEntry string: " + aclEntry);
}
if (parts.Length == 4 && !parts[0].Equals("default"))
{
throw new ArgumentException("Invalid AclEntry string: " + aclEntry);
}
int strtPartIndx = 0;
AclScope scope;
if (parts.Length == 4) //Because it is of AclScope default
{
strtPartIndx++;
scope = AclScope.Default;
}
else
{
scope = AclScope.Access;
}
AclType aclType = (AclType)Enum.Parse(typeof(AclType), parts[strtPartIndx].Trim());//This will throw exception
string aclNm = parts[strtPartIndx + 1].Trim();
if (aclType == AclType.mask && !String.IsNullOrEmpty(aclNm))
{
throw new ArgumentException("AclType Mask should not contain userId or group Id");
}
if (aclType == AclType.other && !String.IsNullOrEmpty(aclNm))
{
throw new ArgumentException("AclType Other should not contain userId or group Id");
}
AclAction action = AclAction.None;
if (!removeAcl)
{
AclAction?ac = AclActionExtension.GetAclAction(parts[strtPartIndx + 2].Trim());
if (ac == null)
{
throw new ArgumentException("Invalid permission in aclentry " + aclEntry);
}
action = ac.Value;
}
return(new AclEntry(aclType, aclNm, scope, action));
}
protected async Task <WebPubSub> CreateDefaultWebPubSub(string webPubSubName, Location location, ResourceGroup resourceGroup)
{
// Create WebPubSub ConfigData
IList <LiveTraceCategory> categories = new List <LiveTraceCategory>()
{
new LiveTraceCategory("category-01", "true"),
};
AclAction aclAction = new AclAction("Deny");
IList <WebPubSubRequestType> allow = new List <WebPubSubRequestType>();
IList <WebPubSubRequestType> deny = new List <WebPubSubRequestType>()
{
new WebPubSubRequestType("RESTAPI")
};
NetworkAcl publicNetwork = new NetworkAcl(allow, deny);
IList <PrivateEndpointAcl> privateEndpoints = new List <PrivateEndpointAcl>();
List <ResourceLogCategory> resourceLogCategory = new List <ResourceLogCategory>()
{
new ResourceLogCategory()
{
Name = "category1", Enabled = "false"
}
};
WebPubSubData data = new WebPubSubData(Location.WestUS2)
{
Sku = new WebPubSubSku("Standard_S1"),
LiveTraceConfiguration = new LiveTraceConfiguration("true", categories),
NetworkAcls = new WebPubSubNetworkAcls(aclAction, publicNetwork, privateEndpoints),
ResourceLogConfiguration = new ResourceLogConfiguration(resourceLogCategory),
};
// Create WebPubSub
var webPubSub = await(await resourceGroup.GetWebPubSubs().CreateOrUpdateAsync(webPubSubName, data)).WaitForCompletionAsync();
return(webPubSub.Value);
}
public async Task <WebPubSub> CreateWebPubSub()
{
// Create WebPubSub ConfigData
IList <LiveTraceCategory> categories = new List <LiveTraceCategory>();
categories.Add(new LiveTraceCategory("category-01", "true"));
AclAction aclAction = new AclAction("Deny");
IList <WebPubSubRequestType> allow = new List <WebPubSubRequestType>();
IList <WebPubSubRequestType> deny = new List <WebPubSubRequestType>();
//allow.Add(new WebPubSubRequestType("ClientConnectionValue"));
deny.Add(new WebPubSubRequestType("RESTAPI"));
NetworkAcl publicNetwork = new NetworkAcl(allow, deny);
IList <PrivateEndpointAcl> privateEndpoints = new List <PrivateEndpointAcl>();
List <ResourceLogCategory> resourceLogCategory = new List <ResourceLogCategory>()
{
new ResourceLogCategory()
{
Name = "category1", Enabled = "false"
}
};
WebPubSubData data = new WebPubSubData(AzureLocation.WestUS2)
{
Sku = new WebPubSubSku("Standard_S1"),
LiveTraceConfiguration = new LiveTraceConfiguration("true", categories),
//EventHandler = new EventHandlerSettings(items),
NetworkAcls = new WebPubSubNetworkAcls(aclAction, publicNetwork, privateEndpoints),
ResourceLogConfiguration = new ResourceLogConfiguration(resourceLogCategory),
};
// Create WebPubSub
var webPubSub = await(await _resourceGroup.GetWebPubSubs().CreateOrUpdateAsync(true, _webPubSubName, data)).WaitForCompletionAsync();
return(webPubSub.Value);
}
public async Task CreateOrUpdate()
{
#region Snippet:Managing_WebPubSub_CreateWebPubSub
WebPubSubCollection WebPubSubColletion = resourceGroup.GetWebPubSubs();
string webPubSubName = "myWebPubSubName";
// Use the same location as the resource group
IList <LiveTraceCategory> categories = new List <LiveTraceCategory>();
categories.Add(new LiveTraceCategory("category-01", "true"));
AclAction aclAction = new AclAction("Deny");
IList <WebPubSubRequestType> allow = new List <WebPubSubRequestType>();
IList <WebPubSubRequestType> deny = new List <WebPubSubRequestType>();
deny.Add(new WebPubSubRequestType("RESTAPI"));
NetworkAcl publicNetwork = new NetworkAcl(allow, deny);
IList <PrivateEndpointAcl> privateEndpoints = new List <PrivateEndpointAcl>();
List <ResourceLogCategory> resourceLogCategory = new List <ResourceLogCategory>()
{
new ResourceLogCategory()
{
Name = "category1", Enabled = "false"
}
};
WebPubSubData data = new WebPubSubData(Location.WestUS2)
{
Sku = new WebPubSubSku("Standard_S1"),
LiveTraceConfiguration = new LiveTraceConfiguration("true", categories),
NetworkAcls = new WebPubSubNetworkAcls(aclAction, publicNetwork, privateEndpoints),
ResourceLogConfiguration = new ResourceLogConfiguration(resourceLogCategory),
};
WebPubSub webPubSub = await(await WebPubSubColletion.CreateOrUpdateAsync(webPubSubName, data)).WaitForCompletionAsync();
#endregion
}
/// <summary> /// Converts the <see cref="sourceValue" /> parameter to the <see cref="destinationType" /> parameter using <see cref="formatProvider" /// /> and <see cref="ignoreCase" /> /// </summary> /// <param name="sourceValue">the <see cref="System.Object"/> to convert from</param> /// <param name="destinationType">the <see cref="System.Type" /> to convert to</param> /// <param name="formatProvider">not used by this TypeConverter.</param> /// <param name="ignoreCase">when set to <c>true</c>, will ignore the case when converting.</param> /// <returns> /// an instance of <see cref="AclAction" />, or <c>null</c> if there is no suitable conversion. /// </returns> public override object ConvertFrom(object sourceValue, global::System.Type destinationType, global::System.IFormatProvider formatProvider, bool ignoreCase) => AclAction.CreateFrom(sourceValue);
