static void RevokeOperationRight(string operation, string path, string name) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); Uri uri = ServiceBusEnvironment.CreateServiceUri("http", @namespace, path); AccessControlList list = NamespaceAccessControl.GetAccessControlList(uri, settings); IdentityReference identityReference = IdentityReference.CreateServiceIdentityReference(name); if (operation.Equals("Send", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Send)); if (existing != null) { if (existing.Inherited) { Console.Error.WriteLine("Cannot revoke inherited rules."); return; } list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else if (operation.Equals("Listen", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Listen)); if (existing != null) { list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else if (operation.Equals("Manage", StringComparison.OrdinalIgnoreCase)) { AccessControlRule existing = list.FirstOrDefault((r) => r.Condition.Equals(identityReference) && r.Right.Equals(ServiceBusRight.Manage)); if (existing != null) { list.RemoveRule(existing); list.SaveChanges(); } else { Console.Error.WriteLine("The right '{0}' on '{1}' has not been granted to identity '{2}'", operation, path, name); } } else { Console.Error.WriteLine("Unknown operation '{0}'", operation); } }
static void ShowRights(string path) { AccessControlSettings settings = new AccessControlSettings(@namespace, managementKey); Uri uri = ServiceBusEnvironment.CreateServiceUri("http", @namespace, path); AccessControlList list = NamespaceAccessControl.GetAccessControlList(uri, settings); Console.WriteLine("Path {0}", path); Console.WriteLine("------------------------------------------"); Console.WriteLine("{0,-6} {1,-25} {2,-4}", "Right", "Assigned To", "Inherited"); Console.WriteLine("------------------------------------------"); foreach (AccessControlRule rule in list) { Console.WriteLine("{0,-6} {1,-25} {2,-4}", rule.Right.ClaimValue, rule.Condition.ClaimValue, rule.Inherited); } }