private UserAccount DoCreate(AzureUser newUser)
{
var systemUserId = UserAccount.SYSTEM_USER_ACCOUNT_ID;
var now = DateTimeOffset.UtcNow;
var userAccount = new UserAccount
{
AccountStatusId = AccountStatus.Active.Id,
AdGuid = newUser.Id,
CreatedBy = systemUserId,
CreatedOn = now,
DisplayName = newUser.DisplayName,
EmailAddress = newUser.Email,
FirstName = newUser.FirstName,
LastAccessed = now,
LastName = newUser.LastName,
RevisedBy = systemUserId,
RevisedOn = now
};
var principal = new Principal
{
PrincipalTypeId = PrincipalType.Person.Id,
};
userAccount.Principal = principal;
principal.UserAccount = userAccount;
Context.UserAccounts.Add(userAccount);
Context.Principals.Add(principal);
return(userAccount);
}
public async Task PatchUser(string id, AzureUser user)
{
var userToUpdate = user.Adapt <AzureUserToPatch>();
var content = new StringContent(JsonConvert.SerializeObject(userToUpdate), Encoding.UTF8, "application/json");
var response = await SendRequest(HttpMethod.Patch, Consts.GraphApi.UserEntity, content, id);
if (!response.IsSuccessStatusCode)
{
throw new ApplicationException("Can not update user with current parameters");
}
}
private static bool AllTrue(UserFilters condition, AzureUser user)
{
foreach (UserFilters t in condition.GetInvocationList())
{
if (!t(user))
{
return(false);
}
}
return(true);
}
public void TestCreate()
{
var firstName = "first";
var lastName = "lastName";
var email = "email";
var id = Guid.NewGuid();
var displayName = "display";
var newUser = new AzureUser(
id: id,
email: email,
firstName: firstName,
lastName: lastName,
displayName: displayName
);
Assert.AreEqual(0, context.UserAccounts.Count());
Assert.AreEqual(0, context.Principals.Count());
var userAccount = service.Create(newUser);
Assert.AreEqual(1, context.UserAccounts.Count());
Assert.AreEqual(1, context.Principals.Count());
var savedUserAccount = context.UserAccounts.First();
var savedPrincipal = context.Principals.First();
Assert.AreEqual(savedUserAccount, savedPrincipal.UserAccount);
Assert.AreEqual(savedPrincipal, savedUserAccount.Principal);
Assert.IsTrue(Object.ReferenceEquals(userAccount, savedUserAccount));
Assert.AreEqual(PrincipalType.Person.Id, savedPrincipal.PrincipalTypeId);
Assert.AreEqual(firstName, savedUserAccount.FirstName);
Assert.AreEqual(lastName, savedUserAccount.LastName);
Assert.AreEqual(email, savedUserAccount.EmailAddress);
Assert.AreEqual(id, savedUserAccount.AdGuid);
Assert.AreEqual(displayName, savedUserAccount.DisplayName);
Assert.AreEqual(AccountStatus.Active.Id, savedUserAccount.AccountStatusId);
Assert.AreEqual(UserAccount.SYSTEM_USER_ACCOUNT_ID, savedUserAccount.CreatedBy);
Assert.AreEqual(UserAccount.SYSTEM_USER_ACCOUNT_ID, savedUserAccount.RevisedBy);
Assert.IsTrue(savedUserAccount.LastAccessed.HasValue);
DateTimeOffset.Now.Should().BeCloseTo(savedUserAccount.CreatedOn, 2000);
DateTimeOffset.Now.Should().BeCloseTo(savedUserAccount.RevisedOn, 2000);
DateTimeOffset.Now.Should().BeCloseTo(savedUserAccount.LastAccessed.Value, 2000);
Assert.IsNull(savedUserAccount.Note);
Assert.IsFalse(savedUserAccount.ExpiredDate.HasValue);
Assert.IsFalse(savedUserAccount.PermissionsRevisedOn.HasValue);
Assert.IsFalse(savedUserAccount.RestoredDate.HasValue);
Assert.IsFalse(savedUserAccount.RevokedDate.HasValue);
Assert.IsFalse(savedUserAccount.SuspendedDate.HasValue);
}
public async Task InsertUserIntoTable(AzureUser user)
{
var table = await _tableStorage.GetTableReference(_userTable);
var userEntity = new UserEntity()
{
PartitionKey = user.PartitionKey,
RowKey = user.Id
};
var tableOperation = TableOperation.InsertOrMerge(userEntity);
await table.ExecuteAsync(tableOperation);
}
private static bool FilterUserByStatus(AzureUser user, string status)
{
switch (status)
{
case Consts.UserStatuses.Active:
return(user.RequestStatus?.Name?.ToLower() == Consts.UserStatuses.CPActiveUserStatus && user.AccountEnabled == true);
case Consts.UserStatuses.Disabled:
return(user.RequestStatus?.Name?.ToLower() != Consts.UserStatuses.CPActiveUserStatus || user.AccountEnabled == false);
default:
throw new ArgumentException("Unknown status", nameof(status));
}
}
public void UpdateUserInCache(AzureUser model)
{
var usersInCache = _cache.Get <List <AzureUser> >(Consts.Cache.UsersKey);
var user = usersInCache.FirstOrDefault(x => x.ObjectId == model.ObjectId);
if (user != null)
{
MergeObjects(model, user);
}
else
{
usersInCache.Add(model.Adapt <AzureUser>());
}
_cache.Set(Consts.Cache.UsersKey, usersInCache);
}
static void Main(string[] args)
{
try
{
//Extendemos la propiedad en Azure para que esté disponible
//AzureUserCollection.ExtendAzureADProperties();
//Listamos todas las propiedades extendidas del AD
var allProperties = AzureUserCollection.GetExtendedPropertiesFromAD();
foreach (var property in allProperties)
{
Console.WriteLine(property);
}
//Asignamos la propiedad a un usuario
var userTest = new AzureUser()
{
AccountUPN = "*****@*****.**",
TiendaAsociada = "Barcelona Paseo de gracia"
};
userTest.SetUserCustomPropertiesInAD();
//Obtenemos y pintamos las propiedades del usuario
userTest.GetUserPropertiesFromAD();
Console.WriteLine(userTest.TiendaAsociada);
Console.ReadKey();
}
catch (Exception ex)
{
Console.WriteLine("An error has occurred");
Console.WriteLine(ex.Message);
while (ex.InnerException != null)
{
ex = ex.InnerException;
Console.WriteLine(ex.Message);
}
Console.ReadKey();
}
}
public async Task <AzureUser> PostUser(AzureUser user)
{
var content = new StringContent(JsonConvert.SerializeObject(user), Encoding.UTF8, "application/json");
var response = await SendRequest(HttpMethod.Post, Consts.GraphApi.UserEntity, content);
if (!response.IsSuccessStatusCode)
{
var responseMessage = await response?.Content?.ReadAsAsync <ErrorResponse>();
if (responseMessage.Odata.Message.Value == GraphApi.Errors.UserAlreadyExist)
{
throw new ApplicationException("User already exist");
}
throw new ApplicationException($"Can not create user with current parameters\n {responseMessage.Odata.Message.Value}");
}
var createdUser = await response?.Content?.ReadAsStringAsync();
var value = JsonConvert.DeserializeObject(createdUser) as JToken;
return(value.ToObject <AzureUser>());
}
public void TestConstructor()
{
var firstName = "first";
var lastName = "lastName";
var email = "email";
var id = Guid.NewGuid();
var displayName = "display";
var newUser = new AzureUser(
id: id,
email: email,
firstName: firstName,
lastName: lastName,
displayName: displayName
);
Assert.AreEqual(firstName, newUser.FirstName);
Assert.AreEqual(lastName, newUser.LastName);
Assert.AreEqual(email, newUser.Email);
Assert.AreEqual(id, newUser.Id);
Assert.AreEqual(displayName, newUser.DisplayName);
}
public async Task <AzureUser> GetUserDetailsByEmail(string email, bool includeSubscriptions = false, bool includeGroups = false)
{
AzureUser user = null;
if (!string.IsNullOrWhiteSpace(email))
{
using (var httpRequest = new HttpRequestMessage(HttpMethod.Get, $"/users?api-version=2017-03-01&expandGroups={includeGroups}&$top=1&$filter=email eq '{email}'"))
{
var response = await RequestAndDeserialiseAsync <AzureUserResponse>(httpRequest, "Could not get User");
user = response.Users.FirstOrDefault();
}
if (user != null && user.AzureId != null && includeSubscriptions)
{
var subscriptions = await GetSubscriptionsForUser(user.Id);
user.Subscriptions.AddRange(subscriptions);
}
}
return(user);
}
private void CreateTestUserAccount()
{
AzureUser testAzureUser = new AzureUser
{
SessionTimeout = 60,
IsLockedOut = false,
IsOnline = false,
LastActivityDate = DateTime.Now,
LastLockoutDate = new DateTime(1900, 1, 1),
LastPasswordChangedDate = new DateTime(1900, 1, 1),
LastLoginDate = new DateTime(1900, 1, 1),
RealName = "Jack Daniels",
Email = "*****@*****.**",
CreationDate = DateTime.Now,
IsApproved = true,
Password = "******",
Username = "******",
PartitionKey = "j",
RowKey = Guid.NewGuid().ToString()
};
//save test user
new AzureUserRepository().Save(testAzureUser);
string roleID = Guid.NewGuid().ToString();
AzureRole azureUserRole = new AzureRole
{
RowKey = roleID,
RoleName = "Webmaster",
PartitionKey = roleID.Substring(0, 1),
UserRowKey = testAzureUser.RowKey,
Timestamp = DateTime.Now
};
//save a role for the test user
new AzureRoleRepository().Save(azureUserRole);
}
private string GetUserEmail(AzureUser user) => user.SignInNames.FirstOrDefault(name => name.Type == "emailAddress")?.Value;
public static ApplicationUser NewUser(string username, string email)
{
return(AzureUser.NewUser <ApplicationUser>(username, email));
}
/// <summary>
///
/// </summary>
/// <param name="newUser"></param>
/// <returns></returns>
public UserAccount Create(AzureUser newUser)
{
Contract.Requires(newUser != null, "The user must not be null.");
return(null);
}
public void GroupSync(Logger Logger, IConfiguration config, IAuthenticationProvidor authProvidor, IAzureADFunctions azureAdFunctions, IOnPremADHelper onPremAdHelper, IOnPremAdFunctions onPremAdFunctions, ActiveDirectoryClient AzureClientSession)
{
//Get Entry into On-prem Active Directory Groups OU.
DirectoryEntry _OnPremGroupsDirectoryEntry = onPremAdHelper.GetADDirectoryEntry(config.FQDomainName, config.GroupsDestinationOUDN, Logger);
//Gather User Objects for the Work we intend to do later:
Group _AzureUsersgroup = azureAdFunctions.GetADGroup(AzureClientSession, config.AzureADGroupsGroup, Logger);
if (_AzureUsersgroup != null)
{
List <Tuple <string, IDirectoryObject> > _AzureGroupMembers = azureAdFunctions.GetAdGroupMembers(_AzureUsersgroup, config, Logger);
if (_AzureGroupMembers.Any(members => members.Item1 == "group"))
{
List <IGroup> _AzureGroupGroups = _AzureGroupMembers.Where(member => member.Item1.Equals("group"))
.Select(member => member.Item2)
.Select(member => member as IGroup)
.ToList();
List <DirectoryEntry> _OnPremContactObjects = onPremAdFunctions.GetOUContactObjects(config.FQDomainName, config.GroupsDestinationOUDN, onPremAdHelper, Logger);
#region Add Contact Objects to AD Contacts OU
//foreach group in Cloud check if they reside onprem and add them if they dont.
if (config.AllowCreationOfADObjects)
{
Dictionary <string, IGroup> azureGroups = _AzureGroupGroups.Where(x => x.Mail != null)
.ToDictionary(x => x.Mail.ToLower(), x => x);
foreach (string OnPremUser in _OnPremContactObjects.Where(x => x.Properties["Mail"].Value != null)
.Select(x => x.Properties["Mail"].Value.ToString()))
{
azureGroups.Remove(OnPremUser.ToLower());
}
int CreatedUsers = onPremAdFunctions.CreateADGroupContacts(Logger, config, _OnPremGroupsDirectoryEntry, onPremAdHelper, azureGroups);
Logger.Debug(String.Format("Created {0} group(s) in On-Prem Active Directory", CreatedUsers.ToString()));
Console.WriteLine("Created {0} group(s) in On-Prem Active Directory", CreatedUsers.ToString());
}
#endregion
#region Delete Group Objects from AD OU
//foreach group onprem check if they reside in cloud - delete them from AD if they dont (Make this over-rideable with a key)
if (config.AllowDeletionOfADObjects)
{
Dictionary <string, DirectoryEntry> onpremGroups = _OnPremContactObjects.Where(y => y.Properties["Mail"].Value != null)
.ToDictionary(y => y.Properties["Mail"].Value.ToString().ToLower(), y => y);
foreach (string AzureUser in _AzureGroupGroups.Where(y => y.Mail != null)
.Select(y => y.Mail.ToLower()))
{
onpremGroups.Remove(AzureUser.ToLower());
}
int DeletedGroups = onPremAdFunctions.DeleteADContacts(Logger, config, _OnPremGroupsDirectoryEntry, onpremGroups);
Logger.Debug(String.Format("Deleted {0} group(s) in On-Prem Active Directory", DeletedGroups.ToString()));
Console.WriteLine("Deleted {0} group(s) in On-Prem Active Directory", DeletedGroups.ToString());
}
}
else
{
Console.WriteLine("Could not find any GROUP objects in group {0}", config.AzureADUserGroup);
Logger.Error(String.Format("Could not find any GROUP objects in group {0}", config.AzureADUserGroup));
}
}
else
{
Console.WriteLine("Could not find Group in Azure ({0} to enumerate users from", config.AzureADUserGroup);
Logger.Error(String.Format("Could not find Group in Azure ({0} to enumerate users from", config.AzureADUserGroup));
}
//Close AD Directory Entry Handle
onPremAdHelper.DisposeADDirectoryEntry(_OnPremGroupsDirectoryEntry, Logger);
Console.WriteLine("Group Creation/Deletion complete - Changes will be reflected on Office365 Sync on Next Dir-Sync Cycle but may not appear in Address book until the following day.");
Logger.Debug(@"Group Creation/Deletion complete - Changes will be reflected on Office365 upon next DirSync.");
#endregion
}
/// <summary>
/// Creates a new user in the system.
/// </summary>
/// <param name="newUser">The new user.</param>
/// <returns>The created user.</returns>
public UserAccount Create(AzureUser newUser)
{
return(DoCreate(newUser));
}
private void GenerateSampleData()
{
for (int i = 0; i < 200; i++)
{
//Create Users
string rndUser = RandomString(5);
AzureUser au = new AzureUser
{
SessionTimeout = 60,
IsLockedOut = false,
IsOnline = false,
//Timestamp = DateTime.Now,
LastActivityDate = DateTime.Now,
LastLockoutDate = new DateTime(1900, 1, 1),
LastPasswordChangedDate = new DateTime(1900, 1, 1),
LastLoginDate = new DateTime(1900, 1, 1),
RealName = rndUser,
Email = rndUser + "@testuserdomain.com",
CreationDate = DateTime.Now,
IsApproved = true,
Password = "******",
Username = rndUser + "@testuserdomain.com",
PartitionKey = rndUser.Substring(0, 1),
RowKey = Guid.NewGuid().ToString()
};
new AzureUserRepository().Save(au);
string UID = Guid.NewGuid().ToString();
AzureRole arm = new AzureRole
{
RowKey = UID,
RoleName = "RegisteredUser",
PartitionKey = UID.Substring(0, 1),
UserRowKey = au.RowKey,
Timestamp = DateTime.Now
};
new AzureRoleRepository().Save(arm);
//Create Companies
string rndCompanyName = RandomString(5);
var company = new CompanyModel(au.RowKey, rndCompanyName, "sales@" + rndCompanyName + ".com", "accounts@" + rndCompanyName + ".com", i.ToString());
company.Country = "South Africa";
new CompanyRepository().Save(company);
//Create 10 Products
for (int x = 0; x < 10; x++)
{
ProductModel product;
byte[] photo = null;
Thread printThread = new Thread(() =>
{
photo = CreateImage(RandomString(2));
});
printThread.SetApartmentState(ApartmentState.STA);
printThread.Start();
printThread.Join();
string CatID = GetRandomCategory(categoryList);
string photoUrl = new PhotoRepository().SavePhoto(photo, Guid.NewGuid().ToString() + "_Test.png");
product = new ProductModel(RandomString(6), NextLoremIpsum(10), photoUrl, company.RowKey);
product.CategoryID = CatID;
product.Description = product.Description + " " + CatID;
product.FobPrice = RandomInt().ToString();
product.MinimumOrderQuantity = RandomInt();
product.ModelNumber = RandomInt().ToString();
product.PackagingAndDelivery = NextLoremIpsum(3);
product.PaymentTerms = NextLoremIpsum(4);
product.PlaceOfOrigin = NextLoremIpsum(2);
product.Port = NextLoremIpsum(1);
product.Quality = NextLoremIpsum(2);
product.Specifications = NextLoremIpsum(2);
product.SupplyAbility = NextLoremIpsum(2);
product.Colour = NextLoremIpsum(1);
product.BrandName = NextLoremIpsum(1);
new ProductRepository().Save(product);
}
}
}
public async Task <AzureUser> CreateUser(string ukprn)
{
AzureUser user = null;
var organisation = await _organisationsApiClient.Get(ukprn);
var emailForOrganisation = $"api+donotreplyto-{organisation.EndPointAssessorOrganisationId}@education.gov.uk";
IEnumerable <AzureUser> ukprnUsers = await GetUserDetailsByUkprn(ukprn, true, true);
var ukprnUsersWithSubscription = (from u in ukprnUsers
from subs in ukprnUsers.SelectMany(au => au.Subscriptions.Where(s => s.IsActive && s.ProductId == _productId))
where u.Id == subs.UserId
select u).ToList();
AzureUser emailUser = await GetUserDetailsByEmail(emailForOrganisation, true, true);
AzureUser ukprnUser = ukprnUsersWithSubscription.FirstOrDefault(u => u.Email.Equals(emailForOrganisation));
if (ukprnUsersWithSubscription.Any() && ukprnUser is null)
{
throw new Exceptions.EntityAlreadyExistsException($"Access is already enabled.");
}
else if (ukprnUser != null)
{
user = ukprnUser;
}
else if (emailUser != null)
{
user = emailUser;
await UpdateUserNote(user.Id, $"ukprn={ukprn}");
}
else
{
var request = new CreateAzureUserRequest
{
FirstName = organisation.EndPointAssessorOrganisationId,
LastName = organisation.EndPointAssessorName,
Email = emailForOrganisation,
Note = $"ukprn={ukprn}"
};
using (var httpRequest = new HttpRequestMessage(HttpMethod.Put, $"/users/{Guid.NewGuid()}?api-version=2017-03-01"))
{
user = await PostPutRequestWithResponse <CreateAzureUserRequest, AzureUser>(httpRequest, request);
}
}
if (user != null && !string.IsNullOrEmpty(user.Id))
{
if (!user.Groups.Any(g => string.Equals(g.Id, _groupId, StringComparison.InvariantCultureIgnoreCase)))
{
await AddUserToGroup(user.Id, _groupId);
}
if (!user.Subscriptions.Any(s => string.Equals(s.ProductId, _productId, StringComparison.InvariantCultureIgnoreCase)))
{
await SubscribeUserToProduct(user.Id, _productId);
}
await _organisationsApiClient.Update(new UpdateOrganisationRequest
{
EndPointAssessorName = organisation.EndPointAssessorName,
EndPointAssessorOrganisationId = organisation.EndPointAssessorOrganisationId,
EndPointAssessorUkprn = organisation.EndPointAssessorUkprn,
ApiEnabled = true,
ApiUser = user.Id
});
// Note: Multiple things could have happened by this point so refresh
user = await GetUserDetails(user.Id, true, true);
}
return(user);
}
