/// <summary>
/// Deletes role specified by site and group identifier.
/// </summary>
/// <param name="siteInfo">Site info object</param>
/// <param name="groupGuid">AD group identifier</param>
private static void DeleteRole(SiteInfo siteInfo, Guid groupGuid)
{
// Try to get role by GUID and site id
RoleInfo role = RoleInfoProvider.GetRoleInfoByGUID(groupGuid, siteInfo.SiteID);
// If role is domain role
if ((role != null) && role.RoleIsDomain)
{
MessageLog.LogEvent(ResHelper.GetString("Log_DeletingRole", role.RoleDisplayName));
// Delete role
RoleInfoProvider.DeleteRoleInfo(role);
}
}
/// <summary>
/// Determines whether to preselect new group (that does not exist in CMS).
/// </summary>
/// <param name="groupGuid">Group to preselect</param>
/// <returns>TRUE if group should be preselected (group does not exist in at least one site)</returns>
public static bool RoleExists(Guid groupGuid)
{
// Preselect roles
foreach (string siteName in ImportProfile.Sites.Keys)
{
// If role is missing in any site, select it
SiteInfo siteInfo = SiteInfoProvider.GetSiteInfo(siteName);
if (siteInfo != null)
{
RoleInfo roleInfo = RoleInfoProvider.GetRoleInfoByGUID(groupGuid, siteInfo.SiteID);
if (roleInfo != null)
{
return(true);
}
}
}
return(true);
}
/// <summary>
/// Assigns CMS and AD roles to user.
/// </summary>
/// <param name="user">AD user</param>
/// <param name="userInfo">CMS user</param>
/// <param name="userRoles">Collection of <see cref="RoleInfo"/> objects user is in – infos are supposed to contain RoleGUID.</param>
/// <param name="site">CMS roles</param>
/// <param name="siteInfo">Site info object</param>
private static void SetMemberships(IPrincipalObject user, UserInfo userInfo, SiteInfo siteInfo, ICollection <RoleInfo> userRoles, KeyValuePair <string, List <Guid> > site)
{
var roleGuids = Enumerable.Empty <Guid>()
.Union(site.Value) // CMS role GUIDs user should be in
.Union(user.Groups); // AD role GUIDs user should be in (groups in which the user participates in AD and are imported to CMS)
foreach (RoleInfo roleInfo in roleGuids
.Except(userRoles.Select(userRole => userRole.RoleGUID))
.Select(groupId => RoleInfoProvider.GetRoleInfoByGUID(groupId, siteInfo.SiteID))
.Where(roleInfo => (roleInfo != null)))
{
// Add user to the role
UserRoleInfoProvider.AddUserToRole(userInfo, roleInfo);
// Update collection of user roles (to reflect real roles user is in)
userRoles.Add(roleInfo);
MessageLog.LogEvent(ResHelper.GetString("Log_AssigningUserToRole", userInfo.UserName, roleInfo.RoleDisplayName));
}
}
/// <summary>
/// Imports role to CMS.
/// </summary>
/// <param name="roleName">Name of role</param>
/// <param name="displayName">Display name of role</param>
/// <param name="siteId">ID of site</param>
/// <param name="roleDescription">Role description</param>
/// <param name="roleGuid">GUID of role</param>
/// <param name="updateExistingObject">Determines whether update object if already exists</param>
/// <param name="rolesChanged">Records added and updated roles for CMS event log</param>
private static void ImportRole(string roleName, string displayName, int siteId, string roleDescription, Guid roleGuid, bool updateExistingObject, CumulatedChanges rolesChanged)
{
// Try to get role info by GUID, by GUID in code name, by name
var roleInfo = RoleInfoProvider.GetRoleInfoByGUID(roleGuid, siteId)
?? RoleInfoProvider.GetRoleInfoByGUID(ValidationHelper.GetGuid(roleName, Guid.Empty), siteId)
?? RoleInfoProvider.GetRoleInfo(roleName, siteId);
var newRole = roleInfo == null;
if (newRole)
{
// Create new instance of role
roleInfo = new RoleInfo();
// Set new role properties
roleInfo.SiteID = siteId;
// Mark role as domain role
roleInfo.RoleIsDomain = true;
}
else
{
// Don't update object
if (!updateExistingObject)
{
return;
}
}
if (roleInfo.RoleIsDomain)
{
// Set role name
roleInfo.RoleName = roleName;
// Set display name
roleInfo.RoleDisplayName = displayName;
// Set description
roleInfo.RoleDescription = roleDescription;
// Set GUID
roleInfo.RoleGUID = roleGuid;
try
{
if (!roleInfo.ChangedColumns().Any())
{
return;
}
// Store created/updated role ID for EventLog
rolesChanged.Add(roleInfo.RoleGUID, roleInfo.RoleDisplayName, newRole ? ChangeActionEnum.Created : ChangeActionEnum.Updated);
// Store role into database
RoleInfoProvider.SetRoleInfo(roleInfo);
}
catch (CodeNameNotUniqueException)
{
MessageLog.LogEvent(ResHelper.GetString("Log_RoleNameNotUnique", roleName));
warnings++;
}
}
else
{
MessageLog.LogEvent(ResHelper.GetString("Log_RoleIsNotDomain", roleInfo.RoleDisplayName));
warnings++;
}
}