public RenameAllOccurences(ISharePointClient iSharePointClient, string baseRelativeUrl, string oldFolderName, string newFolderName)
{
Sharepoint = iSharePointClient;
BaseRelativeUrl = baseRelativeUrl;
OldFolderName = oldFolderName;
NewFolderName = newFolderName;
}
public override async Task <string> RemoveUserAsync(string username)
{
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("Username cannot be null or empty", nameof(username));
}
_logger.LogDebug("Removing access for {Username}", username);
var user = await _userSearchService.SearchAsync(username);
if (string.IsNullOrEmpty(user?.UserPrincipalName))
{
_logger.LogInformation("Cannot locate UPN for for {Username}, cannot remove users access", username);
return("User not found");
}
// format the SharePoint login name format
string loginName = Constants.LoginNamePrefix + user.UserPrincipalName;
ISharePointClient restClient = await GetSharePointRestClientForUpdate();
var groups = await restClient.GetSiteGroupsAsync();
var siteGroups = groups.Data.Results;
StringBuilder response = new StringBuilder();
foreach (var siteGroup in siteGroups)
{
var getUsersResponse = await restClient.GetUsersInGroupAsync(siteGroup.Id);
var users = getUsersResponse.Data.Results.Where(_ => LoginNameComparer.Equals(_.LoginName, loginName));
foreach (var sharePointUser in users)
{
_logger.LogInformation("Removing {@User} from site group {@SiteGroup}", sharePointUser, siteGroup);
try
{
await restClient.RemoveUserFromSiteGroupAsync(siteGroup.Id, sharePointUser.Id);
}
catch (ApiException e)
{
var errorResponse = await e.GetContentAsAsync <SharePointErrorResponse>();
_logger.LogWarning(e, "Error removing user from Sharepoint group {@Error}", errorResponse);
response.Append(response.Length != 0 ? ", " : "Error removing user from site group(s): ");
response.Append(siteGroup.Title);
}
}
}
return(response.ToString());
}
public HighTrustSharePointContext(
IHttpContextAccessor httpContextAccessor,
ISharePointClient sharePointClient,
ITokenIssuer tokenIssuer,
IOptions <HighTrustSharePointOptions> options) : base(httpContextAccessor)
{
_sharePointClient = sharePointClient;
_tokenIssuer = tokenIssuer;
_options = options.Value ?? throw new ArgumentNullException(nameof(HighTrustSharePointOptions));
}
public override async Task <bool> UserHasAccessAsync(string username, CancellationToken cancellationToken)
{
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("Username cannot be null or empty", nameof(username));
}
Logger.Debug("Checking {Username} has access to project", username);
var user = await _userSearchService.SearchAsync(username);
if (string.IsNullOrEmpty(user?.UserPrincipalName))
{
Logger.Information("Cannot locate UPN for for {Username}, cannot check users access", username);
return(false);
}
// format the SharePoint login name format
string loginName = Constants.LoginNamePrefix + user.UserPrincipalName;
ISharePointClient restClient = await GetSharePointRestClient();
var groups = await restClient.GetSiteGroupsAsync(cancellationToken);
var siteGroups = groups.Data.Results;
// service account does not have permission to view membership of "Excel Services Viewers"
// TODO: make this configurable
foreach (var siteGroup in siteGroups)
{
try
{
var getUsersResponse = await restClient.GetUsersInGroupAsync(siteGroup.Id, cancellationToken);
var groupMember = getUsersResponse.Data.Results.Any(_ => LoginNameComparer.Equals(_.LoginName, loginName));
if (groupMember)
{
Logger.Debug("{@User} has access because they are in site group {@SiteGroup}", user, siteGroup);
return(true);
}
}
catch (ApiException e) when(e.StatusCode == HttpStatusCode.Forbidden)
{
// we dont have access to all site groups
Logger.Debug(e, "No access to {@SiteGroup}, unable to check access", siteGroup);
}
}
return(false);
}
public LowTrustSharePointContext(
IHttpContextAccessor httpContextAccessor,
ISharePointClient sharePointClient,
IAcsClient acsClient,
IOptions <LowTrustSharePointOptions> options) : base(httpContextAccessor)
{
_options = options.Value ?? throw new ArgumentNullException(nameof(LowTrustSharePointOptions));
_sharePointClient = sharePointClient;
_acsClient = acsClient;
_tokenHandler = new JwtSecurityTokenHandler();
}
public override async Task <bool> UserHasAccessAsync(string username)
{
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("Username cannot be null or empty", nameof(username));
}
var user = await _userSearchService.SearchAsync(username);
if (string.IsNullOrEmpty(user?.UserPrincipalName))
{
_logger.LogInformation("Cannot locate UPN for for {Username}, cannot check users access", username);
return(false);
}
// format the SharePoint login name format
string loginName = Constants.LoginNamePrefix + user.UserPrincipalName;
ISharePointClient restClient = await GetSharePointRestClient();
var groups = await restClient.GetSiteGroupsAsync();
var siteGroups = groups.Data.Results;
foreach (var siteGroup in siteGroups)
{
var getUsersResponse = await restClient.GetUsersInGroupAsync(siteGroup.Id);
var groupMember = getUsersResponse.Data.Results.Any(_ => LoginNameComparer.Equals(_.LoginName, loginName));
if (groupMember)
{
_logger.LogInformation("{@User} has access because they are in site group {@SiteGroup}", user, siteGroup);
return(true);
}
}
return(false);
}
public override async Task <string> AddUserAsync(string username)
{
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("Username cannot be null or empty", nameof(username));
}
var user = await _userSearchService.SearchAsync(username);
if (string.IsNullOrEmpty(user?.UserPrincipalName))
{
_logger.LogInformation("Cannot locate UPN for for {Username}, cannot add users access", username);
return($"Unable to locate user's User Principal Name (UPN)");
}
ISharePointClient restClient = await GetSharePointRestClientForUpdate();
GetSharePointWebVerboseResponse web = await restClient.GetWebAsync();
if (string.IsNullOrEmpty(web?.Data?.Title))
{
_logger.LogWarning("Cannot get site group name for {Project} on resource {ResourceType}", Project.Name, ProjectResource.Type);
return($"Unable to get SharePoint site group name");
}
// we always add users to '<site-group> Members'
var siteGroupTitle = web.Data.Title + " Members";
GetSiteGroupsVerboseResponse siteGroups = await restClient.GetSiteGroupsByTitleAsync(siteGroupTitle);
if (siteGroups.Data.Results.Count == 0)
{
_logger.LogInformation("Cannot find site group {@SiteGroup}", new SiteGroup {
Title = siteGroupTitle
});
return($"SharePoint site group '{siteGroupTitle}' not found");
}
var siteGroup = siteGroups.Data.Results[0];
_logger.LogInformation("Adding {Username} to site collection {@SiteGroup} for {Project} on resource {ResourceType}",
username,
siteGroup,
Project.Name,
ProjectResource.Type);
string logonName = Constants.LoginNamePrefix + user.UserPrincipalName;
try
{
await restClient.AddUserToGroupAsync(siteGroup.Id, new User { LoginName = logonName });
return(string.Empty);
}
catch (ApiException e)
{
var errorResponse = await e.GetContentAsAsync <SharePointErrorResponse>();
_logger.LogWarning(e, "Error adding user to Sharepoint group {@Error}", errorResponse);
return($"Error occuring adding user to SharePoint site group '{siteGroupTitle}'");
}
}
public SharePointPostCreator(ISharePointClient sharePointClient, IFileService fileService)
{
_sharePointClient = sharePointClient;
_fileService = fileService;
}
