private PowerShellResults <AdminRoleGroupRow> UpdateRoleAssignments(Delta <Identity> delta, Identity identity, SetAdminRoleGroupParameter properties, PowerShellResults <AdminRoleGroupRow> results) { ManagementScopeRow managementScopeRow = properties.ManagementScopeRow; ManagementRoleAssignments roleAssignmentsWebService = new ManagementRoleAssignments(); results = this.SetRoleAssignments(delta.UnchangedObjects, roleAssignmentsWebService, identity, managementScopeRow, properties.OrganizationalUnitRow, results); if (results.Failed) { return(results); } results = this.AddRoleAssignments(delta.AddedObjects, roleAssignmentsWebService, identity, managementScopeRow, properties.OrganizationalUnitRow, results); if (results.Failed) { return(results); } results = this.RemoveRoleAssignments(delta.RemovedObjects, roleAssignmentsWebService, identity, results); if (results.Failed) { return(results); } return(results); }
private void UpdateRoleAssignments(PowerShellResults <RoleAssignmentPolicy> result, SetRoleAssignmentPolicy properties) { RoleAssignmentPolicy value = result.Value; ManagementRoleAssignments managementRoleAssignments = new ManagementRoleAssignments(); Delta <Identity> delta = value.AssignedEndUserRoles.CalculateDelta(properties.AssignedEndUserRoles); if (delta.RemovedObjects != null && delta.RemovedObjects.Count > 0) { result.MergeErrors(this.RemoveRoleAssignments(delta.RemovedObjects, value, managementRoleAssignments)); if (result.Failed) { return; } } foreach (Identity role in delta.AddedObjects) { result.MergeErrors <ManagementRoleAssignment>(managementRoleAssignments.NewObject(new NewManagementRoleAssignment { Policy = value.Identity, Role = role })); } }
private PowerShellResults RemoveRoleAssignments(List <Identity> roles, RoleAssignmentPolicy policy, ManagementRoleAssignments service) { PowerShellResults <ManagementRoleAssignment> list = service.GetList(new ManagementRoleAssignmentFilter { RoleAssignee = policy.Identity }, null); if (list.Failed) { return(list); } List <Identity> list2 = new List <Identity>(); foreach (ManagementRoleAssignment managementRoleAssignment in list.Output) { if (roles.Contains(managementRoleAssignment.Role.ToIdentity())) { list2.Add(managementRoleAssignment.Identity); } } return(service.RemoveObjects(list2.ToArray(), null)); }
private PowerShellResults <ManagementRoleAssignment> GetRoleAssignments(Identity roleIdentity, Identity roleAssignee, ManagementRoleAssignments roleAssignmentsWebService) { return(roleAssignmentsWebService.GetList(new ManagementRoleAssignmentFilter { Role = roleIdentity, Delegating = false, RoleAssignee = roleAssignee }, null)); }
private PowerShellResults <AdminRoleGroupRow> SetRoleAssignments(IEnumerable <Identity> unchangedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, ManagementScopeRow scopeRow, ExtendedOrganizationalUnit ouRow, PowerShellResults <AdminRoleGroupRow> results) { if ((ouRow != null || scopeRow != null) && unchangedRoles != null) { foreach (Identity roleIdentity in unchangedRoles) { PowerShellResults <ManagementRoleAssignment> roleAssignments = this.GetRoleAssignments(roleIdentity, identity, roleAssignmentsWebService); if (roleAssignments.Failed) { results.MergeErrors <ManagementRoleAssignment>(roleAssignments); return(results); } SetManagementRoleAssignment properties = this.SetScopeInfoInParameter(roleIdentity, null, scopeRow, ouRow, results); if (results.Failed) { return(results); } ManagementRoleAssignment[] output = roleAssignments.Output; foreach (ManagementRoleAssignment managementRoleAssignment in output) { if (managementRoleAssignment.DelegationType == RoleAssignmentDelegationType.Regular) { results.MergeErrors <ManagementRoleAssignment>(roleAssignmentsWebService.SetObject(managementRoleAssignment.Identity, properties)); if (results.Failed) { return(results); } } } } return(results); } return(results); }
private PowerShellResults <AdminRoleGroupRow> RemoveRoleAssignments(IEnumerable <Identity> removedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, PowerShellResults <AdminRoleGroupRow> results) { if (removedRoles != null) { foreach (Identity roleIdentity in removedRoles) { PowerShellResults <ManagementRoleAssignment> roleAssignments = this.GetRoleAssignments(roleIdentity, identity, roleAssignmentsWebService); if (roleAssignments.Failed) { results.MergeErrors <ManagementRoleAssignment>(roleAssignments); return(results); } if (roleAssignments != null && roleAssignments.Output != null) { ManagementRoleAssignment[] output = roleAssignments.Output; IEnumerable <Identity> source = from entry in output where entry.DelegationType == RoleAssignmentDelegationType.Regular select entry.Identity; results.MergeErrors(roleAssignmentsWebService.RemoveObjects(source.ToArray <Identity>(), null)); if (results.Failed) { return(results); } } } return(results); } return(results); }
private PowerShellResults <AdminRoleGroupRow> AddRoleAssignments(IEnumerable <Identity> addedRoles, ManagementRoleAssignments roleAssignmentsWebService, Identity identity, ManagementScopeRow scopeRow, ExtendedOrganizationalUnit ouRow, PowerShellResults <AdminRoleGroupRow> results) { if (addedRoles != null) { foreach (Identity identity2 in addedRoles) { NewManagementRoleAssignment newManagementRoleAssignment = new NewManagementRoleAssignment(); newManagementRoleAssignment.Role = identity2; newManagementRoleAssignment.SecurityGroup = identity.RawIdentity; this.SetScopeInfoInParameter(identity2, newManagementRoleAssignment, scopeRow, ouRow, results); if (results.Failed) { return(results); } results.MergeErrors <ManagementRoleAssignment>(roleAssignmentsWebService.NewObject(newManagementRoleAssignment)); } return(results); } return(results); }