internal SqlServerData(ResourceIdentifier id, string name, ResourceType type, IDictionary <string, string> tags, Location location, Models.ResourceIdentity identity, string kind, string administratorLogin, string administratorLoginPassword, string version, string state, string fullyQualifiedDomainName, IReadOnlyList <ServerPrivateEndpointConnection> privateEndpointConnections, string minimalTlsVersion, ServerNetworkAccessFlag?publicNetworkAccess, ServerWorkspaceFeature?workspaceFeature, string primaryUserAssignedIdentityId, Guid?federatedClientId, string keyId, ServerExternalAdministrator administrators, ServerNetworkAccessFlag?restrictOutboundNetworkAccess) : base(id, name, type, tags, location) { Identity = identity; Kind = kind; AdministratorLogin = administratorLogin; AdministratorLoginPassword = administratorLoginPassword; Version = version; State = state; FullyQualifiedDomainName = fullyQualifiedDomainName; PrivateEndpointConnections = privateEndpointConnections; MinimalTlsVersion = minimalTlsVersion; PublicNetworkAccess = publicNetworkAccess; WorkspaceFeature = workspaceFeature; PrimaryUserAssignedIdentityId = primaryUserAssignedIdentityId; FederatedClientId = federatedClientId; KeyId = keyId; Administrators = administrators; RestrictOutboundNetworkAccess = restrictOutboundNetworkAccess; }
internal static SqlServerData DeserializeSqlServerData(JsonElement element) { Optional <ManagedServiceIdentity> identity = default; Optional <string> kind = default; IDictionary <string, string> tags = default; AzureLocation location = default; ResourceIdentifier id = default; string name = default; ResourceType type = default; SystemData systemData = default; Optional <string> administratorLogin = default; Optional <string> administratorLoginPassword = default; Optional <string> version = default; Optional <string> state = default; Optional <string> fullyQualifiedDomainName = default; Optional <IReadOnlyList <ServerPrivateEndpointConnection> > privateEndpointConnections = default; Optional <string> minimalTlsVersion = default; Optional <ServerNetworkAccessFlag> publicNetworkAccess = default; Optional <ServerWorkspaceFeature> workspaceFeature = default; Optional <string> primaryUserAssignedIdentityId = default; Optional <Guid> federatedClientId = default; Optional <string> keyId = default; Optional <ServerExternalAdministrator> administrators = default; Optional <ServerNetworkAccessFlag> restrictOutboundNetworkAccess = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("identity")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } var serializeOptions = new JsonSerializerOptions { Converters = { new ManagedServiceIdentityTypeV3Converter() } }; identity = JsonSerializer.Deserialize <ManagedServiceIdentity>(property.Value.ToString(), serializeOptions); continue; } if (property.NameEquals("kind")) { kind = property.Value.GetString(); continue; } if (property.NameEquals("tags")) { Dictionary <string, string> dictionary = new Dictionary <string, string>(); foreach (var property0 in property.Value.EnumerateObject()) { dictionary.Add(property0.Name, property0.Value.GetString()); } tags = dictionary; continue; } if (property.NameEquals("location")) { location = new AzureLocation(property.Value.GetString()); continue; } if (property.NameEquals("id")) { id = new ResourceIdentifier(property.Value.GetString()); continue; } if (property.NameEquals("name")) { name = property.Value.GetString(); continue; } if (property.NameEquals("type")) { type = new ResourceType(property.Value.GetString()); continue; } if (property.NameEquals("systemData")) { systemData = JsonSerializer.Deserialize <SystemData>(property.Value.ToString()); continue; } if (property.NameEquals("properties")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } foreach (var property0 in property.Value.EnumerateObject()) { if (property0.NameEquals("administratorLogin")) { administratorLogin = property0.Value.GetString(); continue; } if (property0.NameEquals("administratorLoginPassword")) { administratorLoginPassword = property0.Value.GetString(); continue; } if (property0.NameEquals("version")) { version = property0.Value.GetString(); continue; } if (property0.NameEquals("state")) { state = property0.Value.GetString(); continue; } if (property0.NameEquals("fullyQualifiedDomainName")) { fullyQualifiedDomainName = property0.Value.GetString(); continue; } if (property0.NameEquals("privateEndpointConnections")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <ServerPrivateEndpointConnection> array = new List <ServerPrivateEndpointConnection>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(ServerPrivateEndpointConnection.DeserializeServerPrivateEndpointConnection(item)); } privateEndpointConnections = array; continue; } if (property0.NameEquals("minimalTlsVersion")) { minimalTlsVersion = property0.Value.GetString(); continue; } if (property0.NameEquals("publicNetworkAccess")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } publicNetworkAccess = new ServerNetworkAccessFlag(property0.Value.GetString()); continue; } if (property0.NameEquals("workspaceFeature")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } workspaceFeature = new ServerWorkspaceFeature(property0.Value.GetString()); continue; } if (property0.NameEquals("primaryUserAssignedIdentityId")) { primaryUserAssignedIdentityId = property0.Value.GetString(); continue; } if (property0.NameEquals("federatedClientId")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } federatedClientId = property0.Value.GetGuid(); continue; } if (property0.NameEquals("keyId")) { keyId = property0.Value.GetString(); continue; } if (property0.NameEquals("administrators")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } administrators = ServerExternalAdministrator.DeserializeServerExternalAdministrator(property0.Value); continue; } if (property0.NameEquals("restrictOutboundNetworkAccess")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } restrictOutboundNetworkAccess = new ServerNetworkAccessFlag(property0.Value.GetString()); continue; } } continue; } } return(new SqlServerData(id, name, type, systemData, tags, location, identity, kind.Value, administratorLogin.Value, administratorLoginPassword.Value, version.Value, state.Value, fullyQualifiedDomainName.Value, Optional.ToList(privateEndpointConnections), minimalTlsVersion.Value, Optional.ToNullable(publicNetworkAccess), Optional.ToNullable(workspaceFeature), primaryUserAssignedIdentityId.Value, Optional.ToNullable(federatedClientId), keyId.Value, administrators.Value, Optional.ToNullable(restrictOutboundNetworkAccess))); }
/// <summary> /// Verifies that the Azure Active Directory user or group exists, and will get the object id if it is not set. /// </summary> /// <param name="displayName">Azure Active Directory user or group display name</param> /// <param name="objectId">Azure Active Directory user or group object id</param> /// <returns></returns> protected ServerExternalAdministrator GetActiveDirectoryInformation(ServerExternalAdministrator input) { if (input == null || string.IsNullOrEmpty(input.Login)) { return(null); } Guid? objectId = input.Sid; string displayName = input.Login; bool? adOnlyAuth = input.AzureADOnlyAuthentication; // Gets the default Tenant id for the subscriptions Guid tenantId = GetTenantId(); // Check for a Azure Active Directory group. Recommended to always use group. IEnumerable <PSADGroup> groupList = null; PSADGroup group = null; var filter = new ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of groups from Azure Active Directory groupList = ActiveDirectoryClient.FilterGroups(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); if (groupList != null && groupList.Count() > 1) { // More than one group was found with that display name. throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADGroupMoreThanOneFound, displayName)); } else if (groupList != null && groupList.Count() == 1) { // Only one group was found. Get the group display name and object id group = groupList.First(); // Only support Security Groups if (group.SecurityEnabled.HasValue && !group.SecurityEnabled.Value) { throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.InvalidADGroupNotSecurity, displayName)); } } // Lookup for serviceprincipals ODataQuery <ServicePrincipal> odataQueryFilter; if ((objectId != null && objectId != Guid.Empty)) { var applicationIdString = objectId.ToString(); odataQueryFilter = new Rest.Azure.OData.ODataQuery <ServicePrincipal>(a => a.AppId == applicationIdString); } else { odataQueryFilter = new Rest.Azure.OData.ODataQuery <ServicePrincipal>(a => a.DisplayName == displayName); } var servicePrincipalList = ActiveDirectoryClient.FilterServicePrincipals(odataQueryFilter); if (servicePrincipalList != null && servicePrincipalList.Count() > 1) { // More than one service principal was found. throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADApplicationMoreThanOneFound, displayName)); } else if (servicePrincipalList != null && servicePrincipalList.Count() == 1) { // Only one user was found. Get the user display name and object id PSADServicePrincipal app = servicePrincipalList.First(); if (displayName != null && string.CompareOrdinal(displayName, app.DisplayName) != 0) { throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADApplicationDisplayNameMismatch, displayName, app.DisplayName)); } if (group != null) { throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADDuplicateGroupAndApplicationFound, displayName)); } return(new ServerExternalAdministrator() { Login = displayName, Sid = app.ApplicationId, TenantId = tenantId, PrincipalType = "Application", AzureADOnlyAuthentication = adOnlyAuth }); } if (group != null) { return(new ServerExternalAdministrator() { Login = group.DisplayName, Sid = group.Id, TenantId = tenantId, PrincipalType = "Group", AzureADOnlyAuthentication = adOnlyAuth }); } // No group or service principal was found. Check for a user filter = new ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of user from Azure Active Directory var userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); // No user was found. Check if the display name is a UPN if (userList == null || userList.Count() == 0) { // Check if the display name is the UPN filter = new ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, UPN = displayName, Paging = true, }; userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.UserPrincipalName, displayName, StringComparison.OrdinalIgnoreCase)); } // No user was found. Check if the display name is a guest user. if (userList == null || userList.Count() == 0) { // Check if the display name is the UPN filter = new ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, Mail = displayName, Paging = true, }; userList = ActiveDirectoryClient.FilterUsers(filter); } // No user was found if (userList == null || userList.Count() == 0) { throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADObjectNotFound, displayName)); } else if (userList.Count() > 1) { // More than one user was found. throw new ArgumentException(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.ADUserMoreThanOneFound, displayName)); } else { // Only one user was found. Get the user display name and object id var obj = userList.First(); return(new ServerExternalAdministrator() { Login = displayName, Sid = obj.Id, TenantId = tenantId, PrincipalType = "User", AzureADOnlyAuthentication = adOnlyAuth }); } }