/// <summary> /// Deletes role specified by site and group identifier. /// </summary> /// <param name="siteInfo">Site info object</param> /// <param name="groupGuid">AD group identifier</param> private static void DeleteRole(SiteInfo siteInfo, Guid groupGuid) { // Try to get role by GUID and site id RoleInfo role = RoleInfoProvider.GetRoleInfoByGUID(groupGuid, siteInfo.SiteID); // If role is domain role if ((role != null) && role.RoleIsDomain) { MessageLog.LogEvent(ResHelper.GetString("Log_DeletingRole", role.RoleDisplayName)); // Delete role RoleInfoProvider.DeleteRoleInfo(role); } }
/// <summary> /// Determines whether to preselect new group (that does not exist in CMS). /// </summary> /// <param name="groupGuid">Group to preselect</param> /// <returns>TRUE if group should be preselected (group does not exist in at least one site)</returns> public static bool RoleExists(Guid groupGuid) { // Preselect roles foreach (string siteName in ImportProfile.Sites.Keys) { // If role is missing in any site, select it SiteInfo siteInfo = SiteInfoProvider.GetSiteInfo(siteName); if (siteInfo != null) { RoleInfo roleInfo = RoleInfoProvider.GetRoleInfoByGUID(groupGuid, siteInfo.SiteID); if (roleInfo != null) { return(true); } } } return(true); }
/// <summary> /// Assigns CMS and AD roles to user. /// </summary> /// <param name="user">AD user</param> /// <param name="userInfo">CMS user</param> /// <param name="userRoles">Collection of <see cref="RoleInfo"/> objects user is in – infos are supposed to contain RoleGUID.</param> /// <param name="site">CMS roles</param> /// <param name="siteInfo">Site info object</param> private static void SetMemberships(IPrincipalObject user, UserInfo userInfo, SiteInfo siteInfo, ICollection <RoleInfo> userRoles, KeyValuePair <string, List <Guid> > site) { var roleGuids = Enumerable.Empty <Guid>() .Union(site.Value) // CMS role GUIDs user should be in .Union(user.Groups); // AD role GUIDs user should be in (groups in which the user participates in AD and are imported to CMS) foreach (RoleInfo roleInfo in roleGuids .Except(userRoles.Select(userRole => userRole.RoleGUID)) .Select(groupId => RoleInfoProvider.GetRoleInfoByGUID(groupId, siteInfo.SiteID)) .Where(roleInfo => (roleInfo != null))) { // Add user to the role UserRoleInfoProvider.AddUserToRole(userInfo, roleInfo); // Update collection of user roles (to reflect real roles user is in) userRoles.Add(roleInfo); MessageLog.LogEvent(ResHelper.GetString("Log_AssigningUserToRole", userInfo.UserName, roleInfo.RoleDisplayName)); } }
/// <summary> /// Imports role to CMS. /// </summary> /// <param name="roleName">Name of role</param> /// <param name="displayName">Display name of role</param> /// <param name="siteId">ID of site</param> /// <param name="roleDescription">Role description</param> /// <param name="roleGuid">GUID of role</param> /// <param name="updateExistingObject">Determines whether update object if already exists</param> /// <param name="rolesChanged">Records added and updated roles for CMS event log</param> private static void ImportRole(string roleName, string displayName, int siteId, string roleDescription, Guid roleGuid, bool updateExistingObject, CumulatedChanges rolesChanged) { // Try to get role info by GUID, by GUID in code name, by name var roleInfo = RoleInfoProvider.GetRoleInfoByGUID(roleGuid, siteId) ?? RoleInfoProvider.GetRoleInfoByGUID(ValidationHelper.GetGuid(roleName, Guid.Empty), siteId) ?? RoleInfoProvider.GetRoleInfo(roleName, siteId); var newRole = roleInfo == null; if (newRole) { // Create new instance of role roleInfo = new RoleInfo(); // Set new role properties roleInfo.SiteID = siteId; // Mark role as domain role roleInfo.RoleIsDomain = true; } else { // Don't update object if (!updateExistingObject) { return; } } if (roleInfo.RoleIsDomain) { // Set role name roleInfo.RoleName = roleName; // Set display name roleInfo.RoleDisplayName = displayName; // Set description roleInfo.RoleDescription = roleDescription; // Set GUID roleInfo.RoleGUID = roleGuid; try { if (!roleInfo.ChangedColumns().Any()) { return; } // Store created/updated role ID for EventLog rolesChanged.Add(roleInfo.RoleGUID, roleInfo.RoleDisplayName, newRole ? ChangeActionEnum.Created : ChangeActionEnum.Updated); // Store role into database RoleInfoProvider.SetRoleInfo(roleInfo); } catch (CodeNameNotUniqueException) { MessageLog.LogEvent(ResHelper.GetString("Log_RoleNameNotUnique", roleName)); warnings++; } } else { MessageLog.LogEvent(ResHelper.GetString("Log_RoleIsNotDomain", roleInfo.RoleDisplayName)); warnings++; } }