public static IEnumerable<PSRoleAssignment> ToPSRoleAssignments(this IEnumerable<RoleAssignment> assignments, AuthorizationClient policyClient, ActiveDirectoryClient activeDirectoryClient, bool excludeAssignmentsForDeletedPrincipals = true) { List<PSRoleAssignment> psAssignments = new List<PSRoleAssignment>(); if(assignments ==null || !assignments.Any()) { return psAssignments; } List<string> objectIds = new List<string>(); objectIds.AddRange(assignments.Select(r => r.Properties.PrincipalId.ToString())); List<PSADObject> adObjects = activeDirectoryClient.GetObjectsByObjectId(objectIds); List<PSRoleDefinition> roleDefinitions; if (assignments.Count() == 1) { roleDefinitions = new List<PSRoleDefinition> { policyClient.GetRoleDefinition(assignments.Single().Properties.RoleDefinitionId) }; } else { roleDefinitions = policyClient.GetRoleDefinitions(); } foreach (RoleAssignment assignment in assignments) { assignment.Properties.RoleDefinitionId = assignment.Properties.RoleDefinitionId.GuidFromFullyQualifiedId(); PSADObject adObject = adObjects.SingleOrDefault(o => o.Id == assignment.Properties.PrincipalId) ?? new PSADObject() { Id = assignment.Properties.PrincipalId }; PSRoleDefinition roleDefinition = roleDefinitions.SingleOrDefault(r => r.Id == assignment.Properties.RoleDefinitionId) ?? new PSRoleDefinition() { Id = assignment.Properties.RoleDefinitionId }; if (adObject is PSADUser) { psAssignments.Add(new PSRoleAssignment() { RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, RoleDefinitionId = roleDefinition.Id, RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, SignInName = ((PSADUser)adObject).SignInName, ObjectId = adObject.Id, ObjectType = adObject.Type }); } else if (adObject is PSADGroup) { psAssignments.Add(new PSRoleAssignment() { RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, RoleDefinitionId = roleDefinition.Id, RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, ObjectType = adObject.Type }); } else if (adObject is PSADServicePrincipal) { psAssignments.Add(new PSRoleAssignment() { RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, RoleDefinitionId = roleDefinition.Id, RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, ObjectType = adObject.Type }); } else if (!excludeAssignmentsForDeletedPrincipals) { psAssignments.Add(new PSRoleAssignment() { RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, RoleDefinitionId = roleDefinition.Id, RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, }); } // Ignore the assignment if principal does not exists and excludeAssignmentsForDeletedPrincipals is set to true } return psAssignments; }