private void AddSignInName(User user, string signInType, string signInValue)
{
var signInName = new SignInName()
{
Type = signInType,
Value = signInValue
};
if (user.SignInNames == null)
{
user.AdditionalData.Add("signInNames", signInName);
}
else
{
var current = user.SignInNames.FirstOrDefault(x => x.Type == signInType);
if (current == null)
{
user.SignInNames.Add(signInName);
}
else
{
current.Value = signInValue;
}
}
}
public HttpResponseMessage UpdateUser(UpdateUserParameters parameters)
{
try
{
if (!bool.Parse(Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "EnableUpdate", "True")))
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "You are not allowed to update users"));
}
var settings = new AzureConfig(AzureConfig.ServiceName, PortalSettings.PortalId);
var graphClient = new GraphClient(settings.AADApplicationId, settings.AADApplicationKey, settings.TenantId);
var portalUserMapping = UserMappingsRepository.Instance.GetUserMapping("PortalId", settings.UseGlobalSettings ? -1 : PortalSettings.PortalId);
// Validate permissions
var user = graphClient.GetUser(parameters.user.ObjectId);
string portalUserMappingB2cCustomClaimName = portalUserMapping?.GetB2cCustomClaimName();
if (!UserInfo.IsSuperUser && portalUserMapping != null && !string.IsNullOrEmpty(portalUserMappingB2cCustomClaimName))
{
if (!user.AdditionalData.ContainsKey(portalUserMapping.GetB2cCustomClaimName()) ||
(int)(long)user.AdditionalData[portalUserMapping.GetB2cCustomClaimName()] != PortalSettings.PortalId)
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "You are not allowed to modify this user"));
}
}
// Update user
user.DisplayName = parameters.user.DisplayName;
user.GivenName = parameters.user.GivenName;
user.Surname = parameters.user.Surname;
// WORKAROUND: "A stream property was found in a JSON Light request payload. Stream properties are only supported in responses."
// ==> Patch only the PortalId extension
user.AdditionalData.Clear();
if (user.UserPrincipalName.StartsWith("cpim_")) // Is a federated user?
{
// Can't modify this properties on federated users
user.UserIdentities = null;
user.SignInNames = null;
}
else
{
var signInName = new SignInName()
{
Type = "emailAddress",
Value = parameters.user.Mail
};
if (user.SignInNames == null)
{
user.AdditionalData.Add("signInNames", signInName);
}
else if (user.SignInNames.Count() == 0)
{
user.SignInNames.Add(signInName);
}
else
{
user.SignInNames[0] = signInName;
}
}
user.OtherMails = new string[] { parameters.user.Mail };
// Custom Attributes
var customAttributes = Utils.GetTabModuleSetting(ActiveModule.TabModuleID, "CustomFields").Replace(" ", "");
if (!string.IsNullOrEmpty(customAttributes))
{
string[] attr = customAttributes.Split(',');
foreach (var key in parameters.user.AdditionalData.Keys)
{
if (key.StartsWith("extension_") && attr.Any(x => key.EndsWith(x)))
{
user.AdditionalData.Add(key, parameters.user.AdditionalData[key]);
}
}
}
graphClient.UpdateUser(user);
// Update group membership
UpdateGroupMemberShip(graphClient, user, parameters.groups);
return(Request.CreateResponse(HttpStatusCode.OK, user));
}
catch (Exception ex)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
private static string GetSignInNameValue(SignInName name) => name?.Value;