private async Task SubscribeOrganizationToTenantPolicyIfTenantIdIsSupported(User organization, User adminUser, bool commitChanges = true) { var tenantId = adminUser.Credentials.GetAzureActiveDirectoryCredential()?.TenantId; if (string.IsNullOrWhiteSpace(tenantId) || !ContentObjectService.LoginDiscontinuationConfiguration.IsTenantIdPolicySupportedForOrganization(organization.EmailAddress ?? organization.UnconfirmedEmailAddress, tenantId)) { return; } var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId); await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges); }
private async Task <bool> SubscribeOrganizationToTenantPolicy(User organization, User adminUser, bool commitChanges = true) { var tenantId = GetAzureActiveDirectoryCredentialTenant(adminUser); if (string.IsNullOrWhiteSpace(tenantId)) { return(false); } var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId); if (!await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges)) { return(false); } return(true); }
private async Task SubscribeOrganizationToTenantPolicyIfTenantIdIsSupported(User organization, User adminUser, bool commitChanges = true) { var tenantId = adminUser.Credentials.GetAzureActiveDirectoryCredential()?.TenantId; if (string.IsNullOrEmpty(tenantId)) { DiagnosticsSource.LogInformation("Will not apply tenant policy to organization because admin user does not have an AAD credential."); return; } if (!ContentObjectService.LoginDiscontinuationConfiguration.IsTenantIdPolicySupportedForOrganization( organization.EmailAddress ?? organization.UnconfirmedEmailAddress, tenantId)) { DiagnosticsSource.LogInformation("Will not apply tenant policy to organization because policy is not supported for email-tenant pair."); return; } DiagnosticsSource.LogInformation("Applying tenant policy to organization."); var tenantPolicy = RequireOrganizationTenantPolicy.Create(tenantId); await SecurityPolicyService.SubscribeAsync(organization, tenantPolicy, commitChanges); }