public async Task <ActionResult> CreateGuestUser(GuestUserModel _objGstUsrMdl)
{
ResultsViewModel results = new ResultsViewModel(false);
if (ModelState.IsValid)
{
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
string inviteURL = ConfigHelper.inviteRedirectURLBase;// + ConfigHelper.Tenant;
Tuple <bool, string, string> tup = await usersService.CreateGuestUser(graphServiceClient, _objGstUsrMdl.UserDisplayName, _objGstUsrMdl.UserEmailAddress,
inviteURL, _objGstUsrMdl.WelcomeMessage);
_objGstUsrMdl.userID = tup.Item2;
_objGstUsrMdl.resultantMessage = tup.Item3;
_objGstUsrMdl.status = tup.Item1;
return(View("GuestUsersCreateResult", _objGstUsrMdl));
}
catch (Exception ex)
{
_objGstUsrMdl.status = false;
_objGstUsrMdl.resultantMessage = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("GuestUsers", _objGstUsrMdl));
}
public async Task <ActionResult> UpdateUser(UpdateUserModel model)
{
List <ResultsItem> items = new List <ResultsItem>();
if (ModelState.IsValid)
{
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string> tup = await usersService.UpdateUser(azureClient, model.UserEmailAddress, model.Jobtitle,
model.department, model.City, model.phone);
Microsoft.Azure.ActiveDirectory.GraphClient.User user = (Microsoft.Azure.ActiveDirectory.GraphClient.User)azureClient.Users.Where(u => u.Mail.Equals(
model.UserEmailAddress, StringComparison.CurrentCultureIgnoreCase) ||
u.UserPrincipalName.Equals(model.UserEmailAddress, StringComparison.CurrentCultureIgnoreCase)).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
return(View("ShowUser", new Tuple <bool, string, string, Microsoft.Azure.ActiveDirectory.GraphClient.User>(
tup.Item1, tup.Item2, model.UserEmailAddress, user)));
}
catch (Exception ex)
{
model.status = false;
model.resultantMessage = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("UpdateUser", model));
}
public ViewResult RemoveAppRoleFromUser()
{
AddAppRoleToUserModel model = new AddAppRoleToUserModel();
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var apps = azureClient.Applications.ExecuteAsync().Result;
var enumeratedApps = AzureADExtensions.EnumerateAllAsync(apps).Result;
foreach (var app in enumeratedApps)
{
model.TenantApplications.Add(new SelectListItem()
{
Text = app.DisplayName, Value = app.DisplayName
});
}
model.isOk = true;
}
catch (Exception ex)
{
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
return(View("RemoveAppRoleFromUser", model));
}
public ActionResult GetApplicationExtAttribs(string appName)
{
List <ResultsItem> lst = new List <ResultsItem>();
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var application = azureClient.Applications.Where(a => a.DisplayName == appName).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
if (application != null)
{
var exts = azureClient.Applications[application.ObjectId].ExtensionProperties;
foreach (IExtensionProperty r in exts.ExecuteAsync().Result.EnumerateAllAsync().Result)
{
lst.Add(new ResultsItem()
{
Id = r.Name, Display = r.Name
});
}
}
}
catch (Exception ex)
{ }
return(Json(lst, JsonRequestBehavior.AllowGet));
}
public ActionResult GetApplicationRoles(string appName)
{
List <ResultsItem> lst = new List <ResultsItem>();
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var application = azureClient.Applications.Where(a => a.DisplayName == appName).ExecuteAsync().Result;
if (application != null)
{
var approles = application.CurrentPage.FirstOrDefault().AppRoles;
foreach (AppRole r in approles)
{
lst.Add(new ResultsItem()
{
Id = r.DisplayName, Display = r.Description
});
}
}
}
catch (Exception ex)
{
}
return(Json(lst, JsonRequestBehavior.AllowGet));
}
public ViewResult ListTenantApps()
{
List <ResultsItem> lst = new List <ResultsItem>();
bool isok = false;
string message = "";
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var apps = azureClient.Applications.ExecuteAsync().Result;
var enumeratedApps = AzureADExtensions.EnumerateAllAsync(apps).Result;
foreach (var app in enumeratedApps.OrderBy(a => a.DisplayName))
{
lst.Add(new ResultsItem()
{
Id = app.DisplayName, Display = app.DisplayName
});
}
isok = true;
}
catch (Exception ex)
{
message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
return(View(new Tuple <bool, string, List <ResultsItem> >(isok, message, lst)));
}
public async Task <ActionResult> RemoveAppRoleFromUser(AddAppRoleToUserModel model)
{
List <ResultsItem> items = new List <ResultsItem>();
if (ModelState.IsValid)
{
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
string token = await GraphAuthService.GetTokenForApplication(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string, string, string> tup = await usersService.RemoveApplicationRoleFromUser(azureClient, token,
ConfigHelper.AzureADGraphUrl, ConfigHelper.Tenant, model.AppName, model.UserEmailAddress, model.AppRoleName);
// Get group members.
var appRoleAssignmentsPaged = await azureClient.ServicePrincipals
.GetByObjectId(tup.Item5)
.AppRoleAssignedTo
.ExecuteAsync();
var appRoleAssignments = await AzureADExtensions.EnumerateAllAsync(appRoleAssignmentsPaged);
Guid approleid = Guid.Parse(tup.Item4);
var users = appRoleAssignments
.Where(a => a.Id == approleid && a.PrincipalType == "User")
.Select(a => new { Id = a.PrincipalId.ToString(), Name = a.PrincipalDisplayName })
.ToList();
if (users != null)
{
foreach (var s in users)
{
items.Add(new ResultsItem()
{
Id = s.Id, Display = s.Name
});
}
}
return(View("ListRoleMembers", new Tuple <bool, string, string, List <ResultsItem> >(tup.Item1, tup.Item2, model.AppRoleName, items)));
}
catch (Exception ex)
{
model.isOk = false;
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("RemoveAppRoleFromUser", model));
}
public async Task <ActionResult> GetAccessReviewDetails(string typeid, string id)
{
string formattedJson = "";
string status = "ERROR";
string message = "Could not complete the request";
Tuple <bool, string, string> res = new Tuple <bool, string, string>(false, "", "");
List <string> lstInstances = new List <string>();
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
string token = GraphAuthService.GetTokenForApplication(ConfigHelper.UseApplicationPermissions, false).Result;
if (typeid == "1")
{
res = await usersService.GetAccessReviewDetails(graphServiceClient, token, ConfigHelper.GraphUrl, id);
}
else if (typeid == "2")
{
res = await usersService.GetAccessReviewReviewers(graphServiceClient, token, ConfigHelper.GraphUrl, id);
}
else if (typeid == "3")
{
res = await usersService.GetAccessReviewDecisions(graphServiceClient, token, ConfigHelper.GraphUrl, id);
}
if (res.Item1)
{
formattedJson = res.Item3;// JsonConvert.SerializeObject(res.Item3, Formatting.Indented);
status = "OK";
}
else
{
message = res.Item2;
}
}
catch (Exception ex)
{
message = ex.Message + " " + (ex.InnerException != null ? ex.InnerException.Message : "");
}
var jsonData = new
{
status = status,
message = message,
jresult = formattedJson
};
return(Json(jsonData, JsonRequestBehavior.AllowGet));
}
public void ShouldNotFindRegisteredDomainForInvalidEmail(string value)
{
var check = new RegisteredDomainCheck
{
Username = value
};
var service = new GraphAuthService(_registrationService);
var result = Assert.Throws <HttpError>(() => service.Post(check));
Assert.NotNull(result);
Assert.IsAssignableFrom <HttpError>(result);
Assert.Equal(HttpStatusCode.BadRequest, result.StatusCode);
}
public void ShouldNotFindUnRegisteredDomain()
{
var check = new RegisteredDomainCheck
{
Username = "******"
};
var service = new GraphAuthService(_registrationService);
var result = service.Post(check);
Assert.NotNull(result);
Assert.IsAssignableFrom <RegisteredDomainCheckResponse>(result);
Assert.False(((RegisteredDomainCheckResponse)result).IsRegistered);
}
public ViewResult GuestUsers()
{
Tuple <bool, string, List <Microsoft.Graph.User> > results = new Tuple <bool, string, List <Microsoft.Graph.User> >(false, string.Empty, null);
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
results = usersService.GetGuestUsers(graphServiceClient).Result;
}
catch (Exception ex)
{
results = new Tuple <bool, string, List <Microsoft.Graph.User> >(false, ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : ""), null);
}
//bool test = IsUserInDirectory("*****@*****.**");
return(View("GuestUsers", results));
}
public async Task <ActionResult> AssignExtAttribToUser(ManageApplicationExtensionsAssignment model)
{
List <ResultsItem> items = new List <ResultsItem>();
if (ModelState.IsValid)
{
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string, string, string> tup = await usersService.AssignExtensionAttributeToUser(azureClient, model.UserEmailAddress, model.AppName,
model.AppExtAttribName, model.ExtAttribValue);
Microsoft.Azure.ActiveDirectory.GraphClient.User user = (Microsoft.Azure.ActiveDirectory.GraphClient.User)azureClient.Users.Where(u => u.Mail.Equals(
model.UserEmailAddress, StringComparison.CurrentCultureIgnoreCase) ||
u.UserPrincipalName.Equals(model.UserEmailAddress, StringComparison.CurrentCultureIgnoreCase)
).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
if (user != null)
{
foreach (var s in user.GetExtendedProperties())
{
items.Add(new ResultsItem()
{
Id = s.Key, Display = (s.Value == null ? "" : s.Value.ToString())
});
}
}
return(View("ListuserExtAttributes", new Tuple <bool, string, string, List <ResultsItem> >(tup.Item1, tup.Item2, model.UserEmailAddress, items)));
}
catch (Exception ex)
{
model.isOk = false;
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("AssignExtAttribToUser", model));
}
public async Task <ActionResult> AssociateUserWithGroup(UserGroupAssociation model)
{
if (ModelState.IsValid)
{
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string, string> tup = await usersService.AssociateUserWithAGroup(graphServiceClient, model.UserEmailAddress, model.GroupName);
//get member of this group, which must include the new addition
List <ResultsItem> items = new List <ResultsItem>();
// Get group members.
IGroupMembersCollectionWithReferencesPage members = await graphServiceClient.Groups[tup.Item4].Members.Request().GetAsync();
if (members?.Count > 0)
{
foreach (Microsoft.Graph.User user in members)
{
// Get member properties.
items.Add(new ResultsItem()
{
Display = user.DisplayName, Id = user.Id
});
}
}
return(View("ListGroupMembers", new Tuple <bool, string, string, List <ResultsItem> >(tup.Item1, tup.Item2, model.GroupName, items)));
}
catch (Exception ex)
{
model.isOk = false;
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("AssociateUserWithGroup", model));
}
public ActionResult GetUserApplicationRoles(string appName, string useremail)
{
List <ResultsItem> lst = new List <ResultsItem>();
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var user = azureClient.Users.Where(a => a.Mail.Equals(useremail, StringComparison.InvariantCultureIgnoreCase) || a.UserPrincipalName.Equals(useremail, StringComparison.InvariantCultureIgnoreCase)
).Expand(p => p.AppRoleAssignments).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
if (user != null)
{
var cc = user.AppRoleAssignments;
var approlesassigns = AzureADExtensions.EnumerateAllAsync(cc).Result;
var filtered = approlesassigns.Where(a => a.PrincipalType == "User");
//now get role names for those
var fapplication = azureClient.Applications.Where(a => a.DisplayName == appName).ExecuteAsync().Result;
if (fapplication != null)
{
var myroles = fapplication.CurrentPage.FirstOrDefault().AppRoles.Where(a => filtered.Select(b => b.Id).Contains(a.Id));
foreach (AppRole r in myroles)
{
lst.Add(new ResultsItem()
{
Id = r.DisplayName, Display = r.Description
});
}
}
}
}
catch (Exception ex)
{ }
return(Json(lst, JsonRequestBehavior.AllowGet));
}
public ViewResult GetUser(GuestUserModel model)
{
List <Tuple <string, List <ResultsItem> > > tupAppRoles = new List <Tuple <string, List <ResultsItem> > >();
List <ResultsItem> lstUserAppRoles = new List <ResultsItem>();
List <ResultsItem> exts = new List <ResultsItem>();
List <string> groups = new List <string>();
Microsoft.Azure.ActiveDirectory.GraphClient.User myuser = null;
if (ModelState.IsValid)
{
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var user = azureClient.Users.Where(a => a.UserPrincipalName.Equals(model.UserEmailAddress, StringComparison.InvariantCultureIgnoreCase) ||
a.Mail.Equals(model.UserEmailAddress, StringComparison.InvariantCultureIgnoreCase)
).Expand(p => p.AppRoleAssignments).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
if (user != null)
{
var cc = user.AppRoleAssignments;
var approlesassigns = AzureADExtensions.EnumerateAllAsync(cc).Result;
var filtered = approlesassigns.Where(a => a.PrincipalType == "User");
//now get role names for those
var fapplications = azureClient.Applications.ExecuteAsync().Result;
if (fapplications != null)
{
IEnumerable <IApplication> allapps = AzureADExtensions.EnumerateAllAsync(fapplications).Result;
foreach (IApplication app in allapps)
{
string applicationname = app.DisplayName;
var fapplication = azureClient.Applications.Where(a => a.DisplayName == applicationname).ExecuteAsync().Result;
if (fapplication != null)
{
lstUserAppRoles = new List <ResultsItem>();
var myroles = fapplication.CurrentPage.FirstOrDefault().AppRoles.Where(a => filtered.Select(b => b.Id).Contains(a.Id));
foreach (AppRole r in myroles)
{
lstUserAppRoles.Add(new ResultsItem()
{
Id = r.DisplayName, Display = r.Description
});
}
tupAppRoles.Add(new Tuple <string, List <ResultsItem> >(app.DisplayName, lstUserAppRoles));
}
}
}
//get extension attributes
myuser = (Microsoft.Azure.ActiveDirectory.GraphClient.User)user;
foreach (var s in myuser.GetExtendedProperties())
{
exts.Add(new ResultsItem()
{
Id = s.Key, Display = (s.Value == null ? "" : s.Value.ToString())
});
}
IUserFetcher retrievedUserFetcher = myuser;
Microsoft.Azure.ActiveDirectory.GraphClient.Extensions.IPagedCollection <IDirectoryObject> pagedCollection =
retrievedUserFetcher.MemberOf.ExecuteAsync().Result;
List <IDirectoryObject> directoryObjects = pagedCollection.EnumerateAllAsync().Result.ToList();
foreach (IDirectoryObject directoryObject in directoryObjects)
{
if (directoryObject is Microsoft.Azure.ActiveDirectory.GraphClient.Group)
{
Microsoft.Azure.ActiveDirectory.GraphClient.Group group = directoryObject as Microsoft.Azure.ActiveDirectory.GraphClient.Group;
groups.Add(group.DisplayName);
}
}
}
return(View("GetUserDetails", new UserDetails()
{
isOk = true, message = "", exts = exts, tupAppRoles = tupAppRoles, user = myuser, Groups = groups
}));
}
catch (Exception ex)
{
model.status = false;
model.resultantMessage = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("GetUser", model));
}
public async Task <ViewResult> ListAccessReviews()
{
string formattedJson = "";
string status = "ERROR";
string message = "Could not complete the request";
Tuple <bool, string, string> res = new Tuple <bool, string, string>(false, "", "");
List <Tuple <string, string, string, string> > AccessReviewIDs = new List <Tuple <string, string, string, string> >();
AccessReviews ar = new AccessReviews();
string masterRecurrenceType = "", childRecurrenceType = "";
try
{
var graphServiceClient = GraphAuthService.CreateGraphServiceClient(ConfigHelper.UseApplicationPermissions);
string token = GraphAuthService.GetTokenForApplication(ConfigHelper.UseApplicationPermissions, false).Result;
res = await usersService.GetAccessReviewProgramControlList(graphServiceClient, token, ConfigHelper.GraphUrl);
if (res.Item1)
{
formattedJson = res.Item3;
JObject jObject = JObject.Parse(formattedJson);
JArray values = (JArray)jObject.SelectToken("value");//this is a list of current action reviews either recurring or not
foreach (JToken v in values)
{
string controlId = (string)v.SelectToken("controlId");//refers to action review
string displayName = (string)v.SelectToken("displayName");
string startDateTime = (string)v.SelectToken("startDateTime");
string endDateTime = (string)v.SelectToken("endDateTime");
string arstatus = (string)v.SelectToken("status");
//check if this is recurring
res = await usersService.GetAccessReviewDetails(graphServiceClient, token, ConfigHelper.GraphUrl, controlId);
if (res.Item1)
{
jObject = JObject.Parse(res.Item3);
masterRecurrenceType = (string)jObject.SelectToken("settings").SelectToken("recurrenceSettings").SelectToken("recurrenceType");
string det = "Name: " + displayName + " | Start Date: " + startDateTime + " | End Date: " + endDateTime + " | Status: " + arstatus;
AccessReviewIDs.Add(new Tuple <string, string, string, string>(controlId, "", masterRecurrenceType, det));
if (masterRecurrenceType != "onetime")
{
//get instances
res = await usersService.GetAccessReviewInstances(graphServiceClient, token, ConfigHelper.GraphUrl, controlId);//this would not inlcude current one
if (res.Item1)
{
formattedJson = res.Item3;//this contains instance details
jObject = JObject.Parse(formattedJson);
JArray instances = (JArray)jObject.SelectToken("value");//instance array
foreach (JToken v2 in instances)
{
string acid = (string)v2.SelectToken("id");
startDateTime = (string)v2.SelectToken("startDateTime");
endDateTime = (string)v2.SelectToken("endDateTime");
arstatus = (string)v2.SelectToken("status");
string dname = (string)v2.SelectToken("displayName");
det = "Name: " + dname + " | Start Date: " + startDateTime + " | End Date: " + endDateTime + " | Status: " + arstatus;
AccessReviewIDs.Add(new Tuple <string, string, string, string>(acid, controlId, "", det));
}
}
else
{
message = res.Item2;
}
}
}
else
{
message = res.Item2;
}
}
status = "OK";
}
else
{
message = res.Item2;
}
}
catch (Exception ex)
{
message = ex.Message + " " + (ex.InnerException != null ? ex.InnerException.Message : "");
}
return(View(new AccessReviews()
{
status = (status == "OK"), resultantMessage = message, lstResult = AccessReviewIDs
}));
}