protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID, int maxCount, SPProviderHierarchyTree searchTree)
{
if (!this.SetSPTrustInCurrentContext(context))
{
return;
}
SPProviderHierarchyNode matchNode = null;
SPSecurity.RunWithElevatedPrivileges(delegate
{
this.InitializeAuth0Client();
var consolidatedResults = this.ResolveInputBulk(searchPattern, hierarchyNodeID);
if (consolidatedResults != null)
{
if (string.IsNullOrEmpty(searchPattern))
{
// All users from specific connection(s)
var results = this.CreateAllUsersResults(hierarchyNodeID);
results.ToList().ForEach(
r => consolidatedResults.Add(r));
}
else if (this.alwaysResolveValue &&
Utils.ValidEmail(searchPattern) &&
!consolidatedResults.Any(
r => r.Auth0User.Email.Equals(searchPattern, StringComparison.OrdinalIgnoreCase) &&
r.Attribute.PeoplePickerAttributeHierarchyNodeId == hierarchyNodeID))
{
// Specific email from specific connection
var result = this.CreateUniqueResult(searchPattern, UsersNode);
consolidatedResults.Add(result);
}
if (consolidatedResults.Count > 0)
{
foreach (var consolidatedResult in consolidatedResults)
{
// Add current PickerEntity to the corresponding attribute in the hierarchy
if (!searchTree.HasChild(UsersNode))
{
matchNode = new SPProviderHierarchyNode(
ProviderInternalName,
consolidatedResult.Attribute.PeoplePickerAttributeDisplayName,
consolidatedResult.Attribute.PeoplePickerAttributeHierarchyNodeId,
true);
searchTree.AddChild(matchNode);
}
matchNode.AddEntity(consolidatedResult.PickerEntity);
}
return;
}
}
});
}
/// <summary>
/// A method used to do a depth first traverse in a given Provider Hierarchy tree to
/// gather provider names and save them in the list of providerNames.
/// </summary>
/// <param name="node">A parameter represents a provider hierarchy node.</param>
/// <param name="providerNames">A parameter represents a list of provider names.</param>
public void DepthFirstTraverse(SPProviderHierarchyNode node, ref ArrayOfString providerNames)
{
providerNames.Add(node.ProviderName);
if (node.IsLeaf == true)
{
return;
}
foreach (SPProviderHierarchyNode c in node.Children)
{
this.DepthFirstTraverse(c, ref providerNames);
}
}
protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID, int maxCount, Microsoft.SharePoint.WebControls.SPProviderHierarchyTree searchTree)
{
//Make sure search is asking for the type of entity we return; site collection admin won't for example.
if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole))
{
return;
}
//Counter to track what node we are in.
int teamNode = -1;
//Nodes where we will stick our matches.
Microsoft.SharePoint.WebControls.SPProviderHierarchyNode matchNode = null;
//Look to see if the value that is typed in matches any of our teams.
foreach (string team in ourTeams)
{
//Increment team node tracker.
teamNode += 1;
if (team.ToLower().StartsWith(searchPattern.ToLower()))
{
//We have a match, create a matching entity.
PickerEntity pe = GetPickerEntity(team);
//Add the team node where it should be displayed too.
if (!searchTree.HasChild(teamKeys[teamNode]))
{
//Create the node so we can show our match in there too.
matchNode = new
SPProviderHierarchyNode(SqlClaims.ProviderInternalName,
teamLabels[teamNode],
teamKeys[teamNode],
true);
//Add it to the tree.
searchTree.AddChild(matchNode);
}
else
{
//Get the node for this team.
matchNode = searchTree.Children.Where(theNode =>
theNode.HierarchyNodeID == teamKeys[teamNode]).First();
}
//Add the match to our node.
matchNode.AddEntity(pe);
}
}
}
protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID, int maxCount, Microsoft.SharePoint.WebControls.SPProviderHierarchyTree searchTree)
{
if (!entityTypes.Contains(SPClaimEntityTypes.Trusted))
{
return;
}
var organizationMatches = SearchOrganizations(searchPattern);
if (organizationMatches.Count() > 0)
{
var matchNode = new SPProviderHierarchyNode(
ProviderInternalName,
filters[OrganizationKey],
OrganizationKey,
true);
searchTree.AddChild(matchNode);
foreach (var match in organizationMatches)
{
PickerEntity pe = GetPickerEntity(match, OrganizationClaimType, filters[OrganizationKey]);
matchNode.AddEntity(pe);
}
}
var roleMatches = SearchRoles(searchPattern);
if (roleMatches.Count() > 0)
{
var matchNode = new SPProviderHierarchyNode(
ProviderInternalName,
filters[RoleKey],
RoleKey,
true);
searchTree.AddChild(matchNode);
foreach (var match in roleMatches)
{
PickerEntity pe = GetPickerEntity(match, Microsoft.IdentityModel.Claims.ClaimTypes.Role, filters[RoleKey]);
matchNode.AddEntity(pe);
}
}
}
/// <summary>
/// A method used to do a depth first traverse in a given Provider Hierarchy tree to
/// gather provider names and save them in the list of providerNames.
/// </summary>
/// <param name="node">A parameter represents a provider hierarchy node.</param>
/// <param name="providerNames">A parameter represents a list of provider names.</param>
public void DepthFirstTraverse(SPProviderHierarchyNode node, ref ArrayOfString providerNames)
{
providerNames.Add(node.ProviderName);
if (node.IsLeaf == true)
{
return;
}
foreach (SPProviderHierarchyNode c in node.Children)
{
this.DepthFirstTraverse(c, ref providerNames);
}
}
protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID, int maxCount, SPProviderHierarchyTree searchTree)
{
if (!this.SetSPTrustInCurrentContext(context))
{
return;
}
SPProviderHierarchyNode matchNode = null;
SPSecurity.RunWithElevatedPrivileges(delegate
{
this.InitializeAuth0Client();
var consolidatedResults = this.ResolveInputBulk(searchPattern, hierarchyNodeID);
if (consolidatedResults != null)
{
if (string.IsNullOrEmpty(searchPattern))
{
// All users from specific connection(s)
var results = this.CreateAllUsersResults(hierarchyNodeID);
results.ToList().ForEach(
r => consolidatedResults.Add(r));
}
else if (this.alwaysResolveValue &&
Utils.ValidEmail(searchPattern) &&
!consolidatedResults.Any(
r => r.Auth0User.Email.Equals(searchPattern, StringComparison.OrdinalIgnoreCase) &&
r.Attribute.PeoplePickerAttributeHierarchyNodeId == hierarchyNodeID))
{
// Specific email from specific connection
var result = this.CreateUniqueResult(searchPattern, UsersNode);
consolidatedResults.Add(result);
}
if (consolidatedResults.Count > 0)
{
foreach (var consolidatedResult in consolidatedResults)
{
// Add current PickerEntity to the corresponding attribute in the hierarchy
if (!searchTree.HasChild(UsersNode))
{
matchNode = new SPProviderHierarchyNode(
ProviderInternalName,
consolidatedResult.Attribute.PeoplePickerAttributeDisplayName,
consolidatedResult.Attribute.PeoplePickerAttributeHierarchyNodeId,
true);
searchTree.AddChild(matchNode);
}
matchNode.AddEntity(consolidatedResult.PickerEntity);
}
return;
}
}
});
}
public void MSCPSWS_S05_TC03_SearchAll()
{
// Get the provider names of all the providers from the hierarchy
ArrayOfString providerNames = new ArrayOfString();
SPProviderHierarchyTree[] responseOfGetHierarchyAllResult = TestSuiteBase.GetAllProviders();
providerNames.AddRange(responseOfGetHierarchyAllResult.Select(root => root.ProviderName));
foreach (SPProviderHierarchyNode node in responseOfGetHierarchyAllResult.SelectMany(root => root.Children))
{
this.DepthFirstTraverse(node, ref providerNames);
}
// Set search principal Type.
SPPrincipalType principalType = SPPrincipalType.SecurityGroup;
// Get the searchPattern string as SearchAll input
this.GenerateSearchAllInput_Valid();
// Get max count of matched entities allowed to return for this search.
int maxCount = Convert.ToInt32(Common.GetConfigurationPropertyValue("MaxCount", Site));
Site.Assume.IsNotNull(TestSuiteBase.SearchPattern, "The search pattern should not be null!");
// Search the first claims provider tree which has a child.
SPProviderHierarchyTree[] responseOfSearchResult = CPSWSAdapter.SearchAll(providerNames, principalType, TestSuiteBase.SearchPattern, maxCount);
// Requirement capture condition.
bool searchAllSuccess = false;
bool isMatchSearchSearchPattern = false;
foreach (SPProviderHierarchyTree providerTree in responseOfSearchResult)
{
if (providerTree.ProviderName.StartsWith(Common.GetConfigurationPropertyValue("HierarchyProviderPrefix", this.Site)))
{
if (providerNames.Contains(providerTree.ProviderName))
{
searchAllSuccess = true;
}
else
{
// Jump over the Hierarchy Provider tree that the server sees fit to return together with the result Claims provider trees.
continue;
}
}
else if (providerNames.Contains(providerTree.ProviderName))
{
searchAllSuccess = true;
}
else
{
Site.Assert.Fail("The provider names in the SearchAll result should be contained in the provider names in the input message!");
}
if (providerTree.ProviderName == "System")
{
SPProviderHierarchyNode children = providerTree.Children[0];
if (TestSuiteBase.SearchPattern == children.Nm)
{
isMatchSearchSearchPattern = true;
}
}
}
// Capture requirement 417 by matching the input provider name with the result claims provider name,
// The search input claims provider already satisfy the condition 1 and 3 in requirement 417 in test environment configuration.
Site.CaptureRequirementIfIsTrue(
searchAllSuccess,
417,
@"[In SearchAll] The protocol server MUST search across all claims providers that meet all the following criteria:
The claims providers are associated with the Web application (1) specified in the input message.
The claims providers are listed in the provider names in the input message.
The claims providers support search.");
Site.CaptureRequirementIfIsTrue(
isMatchSearchSearchPattern,
438,
@"[In SearchAllResponse] The protocol server MUST return one claims provider hierarchy tree for each claims provider that contains entities that match the search string.");
}
protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID, int maxCount, Microsoft.SharePoint.WebControls.SPProviderHierarchyTree searchTree)
{
AzureCPLogging.Log(String.Format("[{0}] FillSearch called, incoming input: \"{1}\"", ProviderInternalName, searchPattern),
TraceSeverity.VerboseEx, EventSeverity.Information, AzureCPLogging.Categories.Core);
SPSecurity.RunWithElevatedPrivileges(delegate ()
{
if (!Initialize(context, entityTypes))
return;
this.Lock_Config.EnterReadLock();
try
{
string input = searchPattern;
SPProviderHierarchyNode matchNode = null;
// List<T>.FindAll returns an empty list if no result found: http://msdn.microsoft.com/en-us/library/fh1w7y8z(v=vs.110).aspx
List<AzureADObject> azureObjects;
if (!String.IsNullOrEmpty(hierarchyNodeID))
{
// Restrict search to objects currently selected in the hierarchy (may return multiple results if identity claim type)
azureObjects = this.ProcessedAzureObjects.FindAll(x =>
String.Equals(x.ClaimType, hierarchyNodeID, StringComparison.InvariantCultureIgnoreCase) &&
entityTypes.Contains(x.ClaimEntityType));
}
else
{
azureObjects = this.ProcessedAzureObjects.FindAll(x => entityTypes.Contains(x.ClaimEntityType));
}
if (this.CurrentConfiguration.AlwaysResolveUserInput)
{
List<PickerEntity> entities = CreatePickerEntityForSpecificClaimTypes(
input,
azureObjects.FindAll(x => !x.CreateAsIdentityClaim),
false);
if (entities != null)
{
foreach (var entity in entities)
{
// Add current PickerEntity to the corresponding attribute in the hierarchy
// Use Claim type has key
string entityClaimType = entity.Claim.ClaimType;
// ClaimTypeMappingName cannot be null as it is value of SPClaimTypeMapping.IncomingClaimTypeDisplayName, which is mandatory
string ClaimTypeMappingName = azureObjects
.First(x =>
!x.CreateAsIdentityClaim &&
String.Equals(x.ClaimType, entityClaimType, StringComparison.InvariantCultureIgnoreCase))
.ClaimTypeMappingName;
if (searchTree.HasChild(entityClaimType))
{
matchNode = searchTree.Children.First(x => String.Equals(x.HierarchyNodeID, entityClaimType, StringComparison.InvariantCultureIgnoreCase));
}
else
{
matchNode = new SPProviderHierarchyNode(_ProviderInternalName, ClaimTypeMappingName, entityClaimType, true);
searchTree.AddChild(matchNode);
}
matchNode.AddEntity(entity);
AzureCPLogging.Log(String.Format("[{0}] Added permission created without AAD lookup because AzureCP configured to always resolve input: claim value: \"{1}\", claim type: \"{2}\" to the list of results.", ProviderInternalName, entity.Claim.Value, entity.Claim.ClaimType), TraceSeverity.Medium, EventSeverity.Information, AzureCPLogging.Categories.Claims_Picking);
}
}
return;
}
// Check if input starts with PrefixToBypassLookup in a AzureADObject
List<AzureADObject> objectsMatchingInputPrefix = azureObjects.FindAll(x =>
!String.IsNullOrEmpty(x.PrefixToBypassLookup) &&
input.StartsWith(x.PrefixToBypassLookup, StringComparison.InvariantCultureIgnoreCase));
if (objectsMatchingInputPrefix.Count > 0)
{
// Input has a prefix, so it should be validated with no lookup
AzureADObject objectMatchingInputPrefix = objectsMatchingInputPrefix.First();
if (objectsMatchingInputPrefix.Count > 1)
{
// Multiple objects have same prefix, which is bad
AzureCPLogging.Log(String.Format("[{0}] Multiple objects have same prefix {1}, which is bad.", ProviderInternalName, objectMatchingInputPrefix.PrefixToBypassLookup), TraceSeverity.Unexpected, EventSeverity.Error, AzureCPLogging.Categories.Claims_Picking);
return;
}
PickerEntity entity = CreatePickerEntityForSpecificClaimType(
input.Substring(objectMatchingInputPrefix.PrefixToBypassLookup.Length),
objectMatchingInputPrefix,
true);
if (searchTree.HasChild(objectMatchingInputPrefix.ClaimType))
{
matchNode = searchTree.Children.First(x => String.Equals(x.HierarchyNodeID, objectMatchingInputPrefix.ClaimType, StringComparison.InvariantCultureIgnoreCase));
}
else
{
matchNode = new SPProviderHierarchyNode(_ProviderInternalName, objectMatchingInputPrefix.ClaimTypeMappingName, objectMatchingInputPrefix.ClaimType, true);
searchTree.AddChild(matchNode);
}
matchNode.AddEntity(entity);
AzureCPLogging.Log(String.Format("[{0}] Added permission created without AAD lookup because input matches a keyword: claim value: \"{1}\", claim type: \"{2}\" to the list of results.", ProviderInternalName, entity.Claim.Value, entity.Claim.ClaimType), TraceSeverity.Medium, EventSeverity.Information, AzureCPLogging.Categories.Claims_Picking);
}
else
{
// Perform AAD lookup
// Claims provider is called by static methods in SPClaimProviderOperations class. As a consequence, results must be declared in the method (and not in the class) to ensure that each thread has it own unique collection
List<AzurecpResult> results = new List<AzurecpResult>();
BuildFilterAndProcessResults(
input,
azureObjects,
this.CurrentConfiguration.FilterExactMatchOnly,
context,
entityTypes,
ref results);
if (results != null && results.Count > 0)
{
foreach (var result in results)
{
// Add current PickerEntity to the corresponding attribute in the hierarchy
if (searchTree.HasChild(result.AzureObject.ClaimType))
{
matchNode = searchTree.Children.First(x => x.HierarchyNodeID == result.AzureObject.ClaimType);
}
else
{
matchNode = new SPProviderHierarchyNode(_ProviderInternalName, result.AzureObject.ClaimTypeMappingName, result.AzureObject.ClaimType, true);
searchTree.AddChild(matchNode);
}
matchNode.AddEntity(result.PickerEntity);
AzureCPLogging.Log(String.Format("[{0}] Added permission created with AAD lookup: claim value: \"{1}\", claim type: \"{2}\" to the list of results.", ProviderInternalName, result.PickerEntity.Claim.Value, result.PickerEntity.Claim.ClaimType), TraceSeverity.Medium, EventSeverity.Information, AzureCPLogging.Categories.Claims_Picking);
}
}
}
}
catch (Exception ex)
{
AzureCPLogging.LogException(ProviderInternalName, "in FillSearch", AzureCPLogging.Categories.Claims_Picking, ex);
}
finally
{
this.Lock_Config.ExitReadLock();
}
});
}
