private async Task SubscribeOrganizationToTenantPolicyIfTenantIdIsSupported(User organization, User adminUser, bool commitChanges = true)
{
var tenantId = adminUser.Credentials.GetAzureActiveDirectoryCredential()?.TenantId;
if (string.IsNullOrWhiteSpace(tenantId) ||
!ContentObjectService.LoginDiscontinuationConfiguration.IsTenantIdPolicySupportedForOrganization(organization.EmailAddress ?? organization.UnconfirmedEmailAddress, tenantId))
{
return;
}
var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId);
await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges);
}
private async Task <bool> SubscribeOrganizationToTenantPolicy(User organization, User adminUser, bool commitChanges = true)
{
var tenantId = GetAzureActiveDirectoryCredentialTenant(adminUser);
if (string.IsNullOrWhiteSpace(tenantId))
{
return(false);
}
var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId);
if (!await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges))
{
return(false);
}
return(true);
}
private async Task SubscribeOrganizationToTenantPolicyIfTenantIdIsSupported(User organization, User adminUser, bool commitChanges = true)
{
var tenantId = adminUser.Credentials.GetAzureActiveDirectoryCredential()?.TenantId;
if (string.IsNullOrEmpty(tenantId))
{
DiagnosticsSource.LogInformation("Will not apply tenant policy to organization because admin user does not have an AAD credential.");
return;
}
if (!ContentObjectService.LoginDiscontinuationConfiguration.IsTenantIdPolicySupportedForOrganization(
organization.EmailAddress ?? organization.UnconfirmedEmailAddress,
tenantId))
{
DiagnosticsSource.LogInformation("Will not apply tenant policy to organization because policy is not supported for email-tenant pair.");
return;
}
DiagnosticsSource.LogInformation("Applying tenant policy to organization.");
var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId);
await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges);
}
