Exemplo n.º 1
0
            private Task <SecurityPolicyResult> EvaluateAsync(string userTenantId)
            {
                var credentialBuilder = new CredentialBuilder();
                var fakes             = new Fakes();

                if (!string.IsNullOrEmpty(userTenantId))
                {
                    fakes.User.Credentials.Add(
                        credentialBuilder.CreateExternalCredential(
                            issuer: "AzureActiveDirectory",
                            value: "value",
                            identity: "identity",
                            tenantId: userTenantId));
                }

                foreach (var policy in RequireOrganizationTenantPolicy.Create(TenantId).Policies)
                {
                    fakes.Organization.SecurityPolicies.Add(policy);
                }

                var context = new UserSecurityPolicyEvaluationContext(
                    fakes.Organization.SecurityPolicies,
                    sourceAccount: fakes.Organization,
                    targetAccount: fakes.User
                    );

                return(RequireOrganizationTenantPolicy
                       .Create()
                       .EvaluateAsync(context));
            }
            private Task <SecurityPolicyResult> EvaluateAsync(string userTenantId)
            {
                var credentialBuilder = new CredentialBuilder();
                var fakes             = new Fakes();

                if (!string.IsNullOrEmpty(userTenantId))
                {
                    // We can only have a single AAD account, remove previous one if present.
                    var aadCredential = fakes.User.Credentials.Single(c => c.Type.Contains(CredentialTypes.External.AzureActiveDirectoryAccount));
                    if (aadCredential != null)
                    {
                        fakes.User.Credentials.Remove(aadCredential);
                    }

                    // Add the new AAD credential
                    fakes.User.Credentials.Add(
                        credentialBuilder.CreateExternalCredential(
                            issuer: "AzureActiveDirectory",
                            value: "value",
                            identity: "identity",
                            tenantId: userTenantId));
                }

                foreach (var policy in RequireOrganizationTenantPolicy.Create(TenantId).Policies)
                {
                    fakes.Organization.SecurityPolicies.Add(policy);
                }

                var context = new UserSecurityPolicyEvaluationContext(
                    fakes.Organization.SecurityPolicies,
                    sourceAccount: fakes.Organization,
                    targetAccount: fakes.User
                    );

                return(RequireOrganizationTenantPolicy
                       .Create()
                       .EvaluateAsync(context));
            }