private static void SmartGroupInclude(List <string> smartGrpIncludes, List <string> smartGrpExcludes, IdentityStoreObject lGroup, Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute lMember) { KeyValuePair <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > keyValuePair; if ((smartGrpExcludes == null || smartGrpExcludes.Count <= 0 ? false : smartGrpExcludes.Contains(lMember.get_Value()))) { keyValuePair = lGroup.get_AttributesBusinessObject().get_AttributesCollection().FirstOrDefault <KeyValuePair <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > >((KeyValuePair <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > e) => StringUtility.EqualsIgnoreCase(e.Key, "IMSGExcludes")); keyValuePair.Value.FirstOrDefault <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute>((Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute z) => z.get_Value().Equals(lMember.get_Value())).set_Action(2); } if ((smartGrpIncludes == null || smartGrpIncludes.Count <= 0 ? !lGroup.get_AttributesBusinessObject().get_AttributesCollection().ContainsKey("IMSGIncludes") : false)) { Dictionary <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > attributesCollection = lGroup.get_AttributesBusinessObject().get_AttributesCollection(); List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> attributes = new List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute>(); Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute attribute = new Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute(); attribute.set_Action(1); attribute.set_Value(lMember.get_Value()); attributes.Add(attribute); attributesCollection.Add("IMSGIncludes", attributes); } else { keyValuePair = lGroup.get_AttributesBusinessObject().get_AttributesCollection().FirstOrDefault <KeyValuePair <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > >((KeyValuePair <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > e) => StringUtility.EqualsIgnoreCase(e.Key, "IMSGIncludes")); List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> value = keyValuePair.Value; Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute attribute1 = new Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute(); attribute1.set_Action(1); attribute1.set_Value(lMember.get_Value()); value.Add(attribute1); } }
public virtual bool ShouldExpireSecurityGroup(IdentityStoreObject group) { bool flag; if (!Helper.AppConfiguration.get_IsSecurityGroupExpirationEnabled()) { Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute attribute = this.GetAttributeValue("groupType", group.get_AttributesBusinessObject()); attribute.set_Value(attribute.get_Value() ?? string.Empty); flag = (attribute.get_Value() == "4" || attribute.get_Value() == "2" ? true : attribute.get_Value() == "8"); } else { flag = true; } return(flag); }
public virtual string GetUpdatedDisplayName(IdentityStoreObject group) { Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute displayName = this.GetAttributeValue(Helper.KnownProviderAttributes.get_DisplayName(), group.get_AttributesBusinessObject()); if (StringUtility.IsBlank(displayName.get_Value())) { displayName = this.GetAttributeValue(Helper.KnownProviderAttributes.get_Name(), group.get_AttributesBusinessObject()); } displayName.set_Value(displayName.get_Value() ?? string.Empty); string updatedDisplayName = displayName.get_Value(); if (updatedDisplayName.StartsWith("Expired_")) { updatedDisplayName = updatedDisplayName.Remove(0, "Expired_".Length); } if (!updatedDisplayName.StartsWith("Deleted_")) { updatedDisplayName = string.Concat("Deleted_", updatedDisplayName); } return(updatedDisplayName); }
public virtual bool ExtendGroupLife(int days, IdentityStoreObject group) { DateTime expirationDate; bool flag; Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute expirationDateDto = this.GetAttributeValue("XGroupExpirationDate", group.get_AttributesBusinessObject()); if (StringUtility.IsBlank(expirationDateDto.get_Value())) { flag = false; } else if (DateTime.TryParse(expirationDateDto.get_Value(), out expirationDate)) { expirationDate = expirationDate.AddDays((double)days).Date; expirationDateDto.set_Value(expirationDate.ToString("yyyy MMMM dd HH:mm:ss")); flag = true; } else { flag = false; } return(flag); }
protected virtual bool ExtendLifeForGUS(IdentityStoreObject grp) { bool flag; DateTime today; if ((!Helper.AppConfiguration.get_GUSIsLifecycleEnabled() || !Helper.AppConfiguration.get_GUSExtendGroupsLife() ? true : !grp.get_AttributesBusinessObject().HasValue(Helper.KnownProviderAttributes.get_Alias()))) { flag = false; } else if (!Helper.AppConfiguration.get_IsGroupAttestationEnabled()) { try { string lastUsed = this.GetAttributeValue("IMGLastUsed", grp.get_AttributesBusinessObject()).get_Value(); if (string.IsNullOrEmpty(lastUsed)) { flag = false; return(flag); } else { DateTime lastUsedDate = Helper.ParseDateTime(lastUsed); if (lastUsedDate == DateTime.MinValue) { GroupsProcessor.logger.ErrorFormat("ExtendLifeForGUS: Invalid date format {0}", lastUsedDate); flag = false; return(flag); } else if ((DateTime.Now - lastUsedDate).Days > Helper.AppConfiguration.get_GUSUsedGroupsTime()) { flag = false; return(flag); } else { Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute policyDto = this.GetAttributeValue("XGroupExpirationPolicy", grp.get_AttributesBusinessObject()); int policy = -1; DateTime extendedDate = DateTime.MaxValue.Date; if (!int.TryParse(policyDto.get_Value() ?? string.Empty, out policy)) { policy = Helper.AppConfiguration.get_DefaultExpirationPolicy(); if (policy != 0) { today = DateTime.Today; today = today.AddDays((double)policy); extendedDate = today.Date; } } else if (policy != 0) { today = DateTime.Today; today = today.AddDays((double)policy); extendedDate = today.Date; } this.SetAttributeValue("XGroupExpirationDate", extendedDate.ToString("yyyy MMMM dd HH:mm:ss"), grp.get_AttributesBusinessObject()); today = DateTime.Now; this.SetAttributeValue("IMGLastRenewedDate", today.ToString(), grp.get_AttributesBusinessObject()); flag = true; return(flag); } } } catch (Exception exception) { Exception ex = exception; LogExtension.LogException(GroupsProcessor.logger, string.Format("An Error occured while performing GLM Extend life operation on group: {0} Reason: {1}", this.GetAttributeValue(Helper.KnownProviderAttributes.get_DisplayName(), grp.get_AttributesBusinessObject()).get_Value() ?? string.Empty, ex.Message), ex); } flag = false; } else { flag = false; } return(flag); }
public virtual List <IdentityStoreObject> PrepareGroupsForExtensions(List <IdentityStoreObject> groupsToExtend, ref List <string> reducedGroupsToNotify) { DateTime expirationDate; List <IdentityStoreObject> groupsToUpdate = new List <IdentityStoreObject>(); foreach (IdentityStoreObject group in groupsToExtend) { try { if (!this.IsGroup(group)) { GroupsProcessor.logger.DebugFormat("PrepareGroupsForExtensions. Object {0} is not a group.", this.GetAttributeValue(Helper.KnownProviderAttributes.get_Name(), group.get_AttributesBusinessObject()).get_Value() ?? string.Empty); continue; } else if (this.IsSystemGroup(group)) { GroupsProcessor.logger.DebugFormat("PrepareGroupsForExtensions. Object {0} is a system group.", this.GetAttributeValue(Helper.KnownProviderAttributes.get_Name(), group.get_AttributesBusinessObject()).get_Value() ?? string.Empty); continue; } else if (this.IsGlmBlankGroup(group)) { GroupsProcessor.logger.DebugFormat("PrepareGroupsForExtensions. Object {0} is glm blank group.", this.GetAttributeValue(Helper.KnownProviderAttributes.get_Name(), group.get_AttributesBusinessObject()).get_Value() ?? string.Empty); continue; } else if (!this.ShouldExpireSecurityGroup(group)) { GroupsProcessor.logger.DebugFormat("PrepareGroupsForExtensions. Object {0} is a security group.", this.GetAttributeValue(Helper.KnownProviderAttributes.get_Name(), group.get_AttributesBusinessObject()).get_Value() ?? string.Empty); continue; } else if (!this.IsGroupInExcludedContainer(group)) { Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute expirationDateDto = this.GetAttributeValue("XGroupExpirationDate", group.get_AttributesBusinessObject()); if (DateTime.TryParse(expirationDateDto.get_Value() ?? string.Empty, out expirationDate)) { if (DateTime.Now.Date.Subtract(expirationDate.Date).Days > 0) { } } if (this.ReduceLifeForGUS(group)) { groupsToUpdate.Add(group); reducedGroupsToNotify.Add(group.get_ObjectIdFromIdentityStore()); } if (this.ExtendLifeForGUS(group)) { groupsToUpdate.Add(group); this.ExtendedGroups.Add(group.get_ObjectIdFromIdentityStore()); } } else { Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute policyDto = this.GetAttributeValue("XGroupExpirationPolicy", group.get_AttributesBusinessObject()); int policy = -1; if (int.TryParse(policyDto.get_Value() ?? string.Empty, out policy)) { if (policy != 0) { int num = 0; this.SetAttributeValue("XGroupExpirationPolicy", num.ToString(), group.get_AttributesBusinessObject()); DateTime date = DateTime.MaxValue.Date; this.SetAttributeValue("XGroupExpirationDate", date.ToString(), group.get_AttributesBusinessObject()); groupsToUpdate.Add(group); } } } } catch (Exception exception) { Exception Ex = exception; LogExtension.LogException(GroupsProcessor.logger, string.Format("An error ocurred while expiring groups: {0}", Ex.Message), Ex); } } return(groupsToUpdate); }
public void ProcessJob(TaskScheduling task) { List <User> ownerUsers = new List <User>(); List <IdentityStoreObject> orphanGrps = this.GetOrphanGroups(null); IStoreTypeHelper storeHelper = Helper.GetStoreTypeHelper(Helper.CurrentTask.get_IdentityStoreId()); ILookup <string, User> addOwnersLookup = null; List <string> supportedObjectTypes = new List <string>(); if (storeHelper != null) { supportedObjectTypes = storeHelper.GetSupportedObjectTypes(Helper.KnownProviderAttributes.get_Owner()); if (supportedObjectTypes.Count > 0) { List <string> strs1 = new List <string>(); orphanGrps.ForEach((IdentityStoreObject g) => { List <string> strs = strs1; List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> values = g.get_AttributesBusinessObject().GetValues("XAdditionalOwner"); Func <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute, string> u003cu003e9_12 = OrphanGroupProcessor.< > c.< > 9__1_2; if (u003cu003e9_12 == null) { u003cu003e9_12 = (Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute o) => o.get_Value(); OrphanGroupProcessor.< > c.< > 9__1_2 = u003cu003e9_12; } strs.AddRange(values.Select <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute, string>(u003cu003e9_12)); }); ServicesUserServiceClient serviceUser = new ServicesUserServiceClient(false); List <User> owners = serviceUser.Get(Helper.CurrentTask.get_IdentityStoreId(), strs1, new List <string>()); addOwnersLookup = owners.ToLookup <User, string>((User o) => o.get_ObjectIdFromIdentityStore(), StringComparer.OrdinalIgnoreCase); } } List <IdentityStoreObject> orphansList = new List <IdentityStoreObject>(); foreach (IdentityStoreObject oGrp in orphanGrps) { if (oGrp.get_AttributesBusinessObject().IsIn(Helper.KnownProviderAttributes.get_Container())) { oGrp.get_AttributesBusinessObject().Remove(Helper.KnownProviderAttributes.get_Container()); } if (oGrp.get_AttributesBusinessObject().IsIn(Helper.KnownProviderAttributes.get_DisplayName())) { oGrp.get_AttributesBusinessObject().Remove(Helper.KnownProviderAttributes.get_DisplayName()); } if (oGrp.get_AttributesBusinessObject().IsIn(Helper.KnownProviderAttributes.get_DistinguishedName())) { oGrp.get_AttributesBusinessObject().Remove(Helper.KnownProviderAttributes.get_DistinguishedName()); } if (oGrp.get_AttributesBusinessObject().IsIn(Helper.KnownProviderAttributes.get_CommonName())) { oGrp.get_AttributesBusinessObject().Remove(Helper.KnownProviderAttributes.get_CommonName()); } Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute additionalOwner = this.GetAdditionalOwnerToPromote(oGrp.get_AttributesBusinessObject().GetValues("XAdditionalOwner"), addOwnersLookup, supportedObjectTypes); if (additionalOwner != null) { ServicesUserServiceClient serviceUser = new ServicesUserServiceClient(false); User additionaOwnerDN = serviceUser.Get(Helper.CurrentTask.get_IdentityStoreId(), additionalOwner.get_Value(), new List <string>() { Helper.KnownProviderAttributes.get_DistinguishedName(), Helper.KnownProviderAttributes.get_EmailAddress(), Helper.KnownProviderAttributes.get_DisplayName() }, false); if ((additionaOwnerDN == null ? false : additionaOwnerDN.get_AttributesBusinessObject().HasValue(Helper.KnownProviderAttributes.get_DistinguishedName()))) { oGrp.set_ObjectName(additionalOwner.get_Value()); ownerUsers.Add(additionaOwnerDN); additionaOwnerDN.set_ObjectIdFromIdentityStore(additionalOwner.get_Value()); additionalOwner.set_Action(2); string dnValue = additionaOwnerDN.get_AttributesBusinessObject().get_AttributesCollection()[Helper.KnownProviderAttributes.get_DistinguishedName()][0].get_Value(); if (oGrp.get_AttributesBusinessObject().HasValue(Helper.KnownProviderAttributes.get_Owner())) { oGrp.get_AttributesBusinessObject().get_AttributesCollection()[Helper.KnownProviderAttributes.get_Owner()][0].set_Value(dnValue); oGrp.get_AttributesBusinessObject().get_AttributesCollection()[Helper.KnownProviderAttributes.get_Owner()][0].set_Action(1); } else if (!oGrp.get_AttributesBusinessObject().IsIn(Helper.KnownProviderAttributes.get_Owner())) { Dictionary <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > attributesCollection = oGrp.get_AttributesBusinessObject().get_AttributesCollection(); string owner = Helper.KnownProviderAttributes.get_Owner(); List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> attributes = new List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute>(); Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute attribute = new Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute(); attribute.set_Action(1); attribute.set_Value(dnValue); attributes.Add(attribute); attributesCollection.Add(owner, attributes); } else { Dictionary <string, List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> > attributesCollection1 = oGrp.get_AttributesBusinessObject().get_AttributesCollection(); string str = Helper.KnownProviderAttributes.get_Owner(); List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute> attributes1 = new List <Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute>(); Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute attribute1 = new Imanami.GroupID.DataTransferObjects.DataContracts.Services.Attribute(); attribute1.set_Action(1); attribute1.set_Value(dnValue); attributes1.Add(attribute1); attributesCollection1[str] = attributes1; } orphansList.Add(oGrp); } } } if (orphansList.Count > 0) { ServicesGroupServiceClient groupServiceClient = new ServicesGroupServiceClient(false); string cData = DataCompressionHelper.CompressObjects <List <IdentityStoreObject> >(orphansList); if (groupServiceClient.UpdateManyWithCompression(Helper.CurrentTask.get_IdentityStoreId(), cData, typeof(IdentityStoreObject).FullName).get_Status() == 0) { List <IdentityStoreObject> idObjectsList = Helper.PrepareCompressedData(orphansList); groupServiceClient.SendOwnerUpdateNotification(Helper.CurrentTask.get_IdentityStoreId(), idObjectsList, ownerUsers); } } }