/// <summary> /// Remove a particular user from all groups at a collection level /// </summary> /// <param name="tfiPCValidUsers">The identity of ProjectCollectionValidUsers group</param> /// <param name="userIdentity">The identity of the user to be removed</param> /// <returns>True, if successful</returns> private bool RemoveUserFromAllGroupsInCollection(TeamFoundationIdentity tfiPCValidUsers, IdentityDescriptor userIdentity) { foreach (IdentityDescriptor groupDesc in tfiPCValidUsers.Members) { if (idMgmtSvc.IsMember(groupDesc, userIdentity)) { try { idMgmtSvc.RemoveMemberFromApplicationGroup(groupDesc, userIdentity); } catch (Exception ex) { FileHelper.Log(ex.Message); FileHelper.Log(ex.StackTrace); } } } return(true); }
private static void ApplyGroupMemberChanges(ApplicationTask task, SecurityGroupChange securityGroup, IdentityDescriptor groupDescriptor, IIdentityManagementService ims, IList <TeamFoundationIdentity> existingMembers) { var existingMemberAccountNames = existingMembers.Select(m => GetAccountName(m)); // Remove requested members. if (securityGroup.RemoveAllUsers) { foreach (var member in existingMembers) { ims.RemoveMemberFromApplicationGroup(groupDescriptor, member.Descriptor); } } else { if (!string.IsNullOrEmpty(securityGroup.UsersToRemove)) { foreach (var userToRemove in securityGroup.UsersToRemove.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries).Select(u => u.Trim())) { if (existingMemberAccountNames.Any(m => string.Equals(m, userToRemove, StringComparison.OrdinalIgnoreCase))) { PerformUserAction(task, ims, userToRemove, identityToRemove => ims.RemoveMemberFromApplicationGroup(groupDescriptor, identityToRemove.Descriptor)); } } } } // Add requested members. if (!string.IsNullOrEmpty(securityGroup.UsersToAdd)) { foreach (var userToAdd in securityGroup.UsersToAdd.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries).Select(u => u.Trim())) { if (!existingMemberAccountNames.Any(m => string.Equals(m, userToAdd, StringComparison.OrdinalIgnoreCase))) { PerformUserAction(task, ims, userToAdd, identityToAdd => ims.AddMemberToApplicationGroup(groupDescriptor, identityToAdd.Descriptor)); } } } }