/// <summary> /// Assign owner role to Blueprint RP (so that we can do deployments) /// </summary> /// <param name="subscriptionId"></param> /// <param name="spnObjectId"></param> protected void AssignOwnerPermission(string subscriptionId, string spnObjectId) { string scope = string.Format(BlueprintConstants.SubscriptionScope, subscriptionId); var filter = new Rest.Azure.OData.ODataQuery<RoleAssignmentFilter>(); filter.SetFilter(a => a.AssignedTo(spnObjectId)); var roleAssignmentList = AuthorizationManagementClient.RoleAssignments.ListForScopeAsync(scope, filter).GetAwaiter().GetResult(); var roleAssignment = roleAssignmentList? .Where(ra => ra.Id.EndsWith(BlueprintConstants.OwnerRoleDefinitionId)) .FirstOrDefault(); if (roleAssignment != null) return; var roleAssignmentParams = new RoleAssignmentProperties( roleDefinitionId: BlueprintConstants.OwnerRoleDefinitionId, principalId: spnObjectId); try { AuthorizationManagementClient.RoleAssignments.CreateAsync(scope: scope, roleAssignmentName: Guid.NewGuid().ToString(), parameters: new RoleAssignmentCreateParameters(roleAssignmentParams)) .GetAwaiter().GetResult(); } catch (Exception ex) { // ignore if it already exists if (ex is CloudException cex && cex.Response.StatusCode != HttpStatusCode.Conflict) { throw; } } }
public IEnumerable <PSADUser> FilterUsers(ADObjectFilterOptions options, ulong first = ulong.MaxValue, ulong skip = 0) { if (!string.IsNullOrEmpty(options.Id)) { User user = null; try { user = GraphClient.Users.Get(Normalize(options.Id)); } catch { /* The user does not exist, ignore the exception. */ } if (user != null) { return(new List <PSADUser> { user.ToPSADUser() }); } } else if (!string.IsNullOrEmpty(options.UPN) || !string.IsNullOrEmpty(options.Mail)) { IPage <User> result = null; try { string upnOrMail = Normalize(options.UPN) ?? Normalize(options.Mail); var odataQuery = new Rest.Azure.OData.ODataQuery <User>(); if (!string.IsNullOrEmpty(options.UPN)) { odataQuery.SetFilter(u => u.UserPrincipalName == upnOrMail); } else { odataQuery.SetFilter(u => u.Mail == upnOrMail); } result = GraphClient.Users.List(odataQuery); } catch { /* The user does not exist, ignore the exception. */ } if (result != null) { return(result.Select(u => u.ToPSADUser())); } } else { Rest.Azure.OData.ODataQuery <User> odataQuery = null; if (!string.IsNullOrEmpty(options.SearchString) && options.SearchString.EndsWith("*")) { options.SearchString = options.SearchString.TrimEnd('*'); odataQuery = new Rest.Azure.OData.ODataQuery <User>(u => u.DisplayName.StartsWith(options.SearchString)); } else { odataQuery = new Rest.Azure.OData.ODataQuery <User>(u => u.DisplayName == options.SearchString); } return(new GenericPageEnumerable <User>( delegate() { return GraphClient.Users.List(odataQuery.ToString()); }, GraphClient.Users.ListNext, first, skip).Select(u => u.ToPSADUser())); } return(new List <PSADUser>()); }
public IEnumerable <PSADUser> FilterUsers(ADObjectFilterOptions options, int first = int.MaxValue, int skip = 0) { if (!string.IsNullOrEmpty(options.Id)) { MicrosoftGraphUser user = null; try { user = GraphClient.Users.GetUser(Normalize(options.Id)); } catch { /* The user does not exist, ignore the exception. */ } if (user != null) { return(new List <PSADUser> { user.ToPSADUser() }); } } else if (!string.IsNullOrEmpty(options.UPN) || !string.IsNullOrEmpty(options.Mail)) { IList <MicrosoftGraphUser> result = null; try { string upnOrMail = Normalize(options.UPN) ?? Normalize(options.Mail); var odataQuery = new Rest.Azure.OData.ODataQuery <MicrosoftGraphUser>(); if (!string.IsNullOrEmpty(options.UPN)) { odataQuery.SetFilter(u => u.UserPrincipalName == upnOrMail); } else { odataQuery.SetFilter(u => u.Mail == upnOrMail); } result = GraphClient.Users.ListUser( "eventual", filter: OdataHelper.GetFilterString(odataQuery) ).Value; } catch { /* The user does not exist, ignore the exception. */ } if (result != null) { return(result.Select(u => u.ToPSADUser())); } } else { Rest.Azure.OData.ODataQuery <MicrosoftGraphUser> odataQuery = null; if (!string.IsNullOrEmpty(options.SearchString) && options.SearchString.EndsWith("*")) { options.SearchString = options.SearchString.TrimEnd('*'); odataQuery = new Rest.Azure.OData.ODataQuery <MicrosoftGraphUser>(u => u.DisplayName != null && u.DisplayName.StartsWith(options.SearchString)); } else { odataQuery = new Rest.Azure.OData.ODataQuery <MicrosoftGraphUser>(u => u.DisplayName == options.SearchString); } return(GraphClient.Users.ListUser( consistencyLevel: "eventual", filter: OdataHelper.GetFilterString(odataQuery) ).Value.Select(u => u.ToPSADUser())); } return(new List <PSADUser>()); }