Feature #49: Active Directory Managed Groups
Document Template Attachments, Device Batches, Device Profiles and User Flags can be associated with an Active Directory group. This AD group is then automatically synchronized with relevant User/Machine accounts. Contains various other UI tweaks and configuration enhancements.
This commit is contained in:
Gary Sharp
@@ -55,7 +55,7 @@ namespace Disco.Services.Devices.Exporting
|
||||
TaskStatus.ProgressMultiplier = 20 / 100;
|
||||
TaskStatus.ProgressOffset = 40;
|
||||
|
||||
Interop.ActiveDirectory.ADTaskUpdateNetworkLogonDates.UpdateLastNetworkLogonDates(Database, TaskStatus);
|
||||
Interop.ActiveDirectory.ADNetworkLogonDatesUpdateTask.UpdateLastNetworkLogonDates(Database, TaskStatus);
|
||||
Database.SaveChanges();
|
||||
|
||||
TaskStatus.IgnoreCurrentProcessChanges = false;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using Disco.Data.Repository;
|
||||
using Disco.Models.Repository;
|
||||
using Disco.Models.Services.Devices.Importing;
|
||||
using Disco.Services.Interop.ActiveDirectory;
|
||||
using Disco.Services.Users;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
@@ -34,8 +35,7 @@ namespace Disco.Services.Devices.Importing.Fields
|
||||
{
|
||||
parsedValue = Value.Trim();
|
||||
|
||||
if (!parsedValue.Contains('\\'))
|
||||
parsedValue = string.Format(@"{0}\{1}", Interop.ActiveDirectory.ActiveDirectory.Context.PrimaryDomain.NetBiosName, parsedValue);
|
||||
parsedValue = ActiveDirectory.ParseDomainAccountId(parsedValue);
|
||||
|
||||
friendlyValue = parsedValue;
|
||||
|
||||
|
||||
@@ -0,0 +1,186 @@
|
||||
using Disco.Data.Repository;
|
||||
using Disco.Data.Repository.Monitor;
|
||||
using Disco.Models.Repository;
|
||||
using Disco.Models.Services.Interop.ActiveDirectory;
|
||||
using Disco.Services.Interop.ActiveDirectory;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reactive.Linq;
|
||||
|
||||
namespace Disco.Services.Devices.ManagedGroups
|
||||
{
|
||||
public class DeviceBatchAssignedUsersManagedGroup : ADManagedGroup
|
||||
{
|
||||
private const string KeyFormat = "DeviceBatch_{0}_AssignedUsers";
|
||||
private const string DescriptionFormat = "Devices within the {0} Batch will have their assigned users added to this Active Directory group.";
|
||||
private const string CategoryDescriptionFormat = "Assigned Users Linked Group";
|
||||
private const string GroupDescriptionFormat = "{0} [Device Batch Assigned Users]";
|
||||
|
||||
private static Lazy<IObservable<RepositoryMonitorEvent>> RepositoryEvents;
|
||||
|
||||
private IDisposable repositorySubscription;
|
||||
private int DeviceBatchId;
|
||||
private string DeviceBatchName;
|
||||
|
||||
public override string Description { get { return string.Format(DescriptionFormat, DeviceBatchName); } }
|
||||
public override string CategoryDescription { get { return CategoryDescriptionFormat; } }
|
||||
public override string GroupDescription { get { return string.Format(GroupDescriptionFormat, DeviceBatchName); } }
|
||||
public override bool IncludeFilterBeginDate { get { return false; } }
|
||||
|
||||
static DeviceBatchAssignedUsersManagedGroup()
|
||||
{
|
||||
RepositoryEvents =
|
||||
new Lazy<IObservable<RepositoryMonitorEvent>>(() =>
|
||||
RepositoryMonitor.StreamBeforeCommit.Where(e =>
|
||||
e.EntityType == typeof(Device) && (
|
||||
(e.EventType == RepositoryMonitorEventType.Added &&
|
||||
((Device)e.Entity).AssignedUserId != null) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified &&
|
||||
(e.ModifiedProperties.Contains("DeviceBatchId") || e.ModifiedProperties.Contains("AssignedUserId"))) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Deleted &&
|
||||
((Device)e.Entity).AssignedUserId != null))
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
private DeviceBatchAssignedUsersManagedGroup(string Key, ADManagedGroupConfiguration Configuration, DeviceBatch DeviceBatch)
|
||||
: base(Key, Configuration)
|
||||
{
|
||||
this.DeviceBatchId = DeviceBatch.Id;
|
||||
this.DeviceBatchName = DeviceBatch.Name;
|
||||
}
|
||||
|
||||
public override void Initialize()
|
||||
{
|
||||
// Subscribe to changes
|
||||
repositorySubscription = RepositoryEvents.Value
|
||||
.Where(e =>
|
||||
(((Device)e.Entity).DeviceBatchId == DeviceBatchId) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified && e.GetPreviousPropertyValue<int>("DeviceBatchId") == DeviceBatchId))
|
||||
.Subscribe(ProcessRepositoryEvent);
|
||||
}
|
||||
|
||||
public static string GetKey(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return string.Format(KeyFormat, DeviceBatch.Id);
|
||||
}
|
||||
public static string GetDescription(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return string.Format(DescriptionFormat, DeviceBatch.Name);
|
||||
}
|
||||
public static string GetCategoryDescription(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return CategoryDescriptionFormat;
|
||||
}
|
||||
|
||||
public static bool TryGetManagedGroup(DeviceBatch DeviceBatch, out DeviceBatchAssignedUsersManagedGroup ManagedGroup)
|
||||
{
|
||||
ADManagedGroup managedGroup;
|
||||
string key = GetKey(DeviceBatch);
|
||||
|
||||
if (ActiveDirectory.Context.ManagedGroups.TryGetValue(key, out managedGroup))
|
||||
{
|
||||
ManagedGroup = (DeviceBatchAssignedUsersManagedGroup)managedGroup;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
ManagedGroup = null;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public static DeviceBatchAssignedUsersManagedGroup Initialize(DeviceBatch DeviceBatch)
|
||||
{
|
||||
if (DeviceBatch.Id > 0)
|
||||
{
|
||||
var key = GetKey(DeviceBatch);
|
||||
|
||||
if (!string.IsNullOrEmpty(DeviceBatch.AssignedUsersLinkedGroup))
|
||||
{
|
||||
var config = ADManagedGroup.ConfigurationFromJson(DeviceBatch.AssignedUsersLinkedGroup);
|
||||
|
||||
if (config != null && !string.IsNullOrWhiteSpace(config.GroupId))
|
||||
{
|
||||
var group = new DeviceBatchAssignedUsersManagedGroup(
|
||||
key,
|
||||
config,
|
||||
DeviceBatch);
|
||||
|
||||
// Add to AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.AddOrUpdate(group);
|
||||
|
||||
return group;
|
||||
}
|
||||
}
|
||||
|
||||
// Remove from AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.Remove(key);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public override IEnumerable<string> DetermineMembers(DiscoDataContext Database)
|
||||
{
|
||||
return Database.Devices
|
||||
.Where(d => d.DeviceBatchId == this.DeviceBatchId)
|
||||
.Where(d => d.AssignedUserId != null)
|
||||
.Select(d => d.AssignedUserId);
|
||||
}
|
||||
|
||||
private void ProcessRepositoryEvent(RepositoryMonitorEvent Event)
|
||||
{
|
||||
var device = (Device)Event.Entity;
|
||||
string previousUserId = Event.GetPreviousPropertyValue<string>("AssignedUserId");
|
||||
|
||||
Event.ExecuteAfterCommit(e =>
|
||||
{
|
||||
switch (e.EventType)
|
||||
{
|
||||
case RepositoryMonitorEventType.Added:
|
||||
AddMember(device.AssignedUserId);
|
||||
break;
|
||||
case RepositoryMonitorEventType.Modified:
|
||||
if (device.DeviceBatchId == this.DeviceBatchId)
|
||||
{
|
||||
if (device.AssignedUserId != null)
|
||||
AddMember(device.AssignedUserId);
|
||||
|
||||
if (e.ModifiedProperties.Contains("AssignedUserId"))
|
||||
{
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceBatchId == this.DeviceBatchId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceBatchId == this.DeviceBatchId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
}
|
||||
break;
|
||||
case RepositoryMonitorEventType.Deleted:
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceBatchId == this.DeviceBatchId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
break;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public override void Dispose()
|
||||
{
|
||||
if (repositorySubscription != null)
|
||||
repositorySubscription.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,186 @@
|
||||
using Disco.Data.Repository;
|
||||
using Disco.Data.Repository.Monitor;
|
||||
using Disco.Models.Repository;
|
||||
using Disco.Models.Services.Interop.ActiveDirectory;
|
||||
using Disco.Services.Interop.ActiveDirectory;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reactive.Linq;
|
||||
|
||||
namespace Disco.Services.Devices.ManagedGroups
|
||||
{
|
||||
public class DeviceBatchDevicesManagedGroup : ADManagedGroup
|
||||
{
|
||||
private const string KeyFormat = "DeviceBatch_{0}_Devices";
|
||||
private const string DescriptionFormat = "Devices within the {0} Batch will be added to this Active Directory group.";
|
||||
private const string CategoryDescriptionFormat = "Devices Linked Group";
|
||||
private const string GroupDescriptionFormat = "{0} [Device Batch Devices]";
|
||||
private static Lazy<IObservable<RepositoryMonitorEvent>> RepositoryEvents;
|
||||
|
||||
private IDisposable repositorySubscription;
|
||||
private int DeviceBatchId;
|
||||
private string DeviceBatchName;
|
||||
|
||||
public override string Description { get { return string.Format(DescriptionFormat, DeviceBatchName); } }
|
||||
public override string CategoryDescription { get { return CategoryDescriptionFormat; } }
|
||||
public override string GroupDescription { get { return string.Format(GroupDescriptionFormat, DeviceBatchName); } }
|
||||
public override bool IncludeFilterBeginDate { get { return false; } }
|
||||
|
||||
static DeviceBatchDevicesManagedGroup()
|
||||
{
|
||||
RepositoryEvents =
|
||||
new Lazy<IObservable<RepositoryMonitorEvent>>(() =>
|
||||
RepositoryMonitor.StreamBeforeCommit.Where(e =>
|
||||
e.EntityType == typeof(Device) && (
|
||||
(e.EventType == RepositoryMonitorEventType.Added &&
|
||||
ActiveDirectory.IsValidDomainAccountId(((Device)e.Entity).DeviceDomainId)) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified &&
|
||||
(e.ModifiedProperties.Contains("DeviceBatchId") || e.ModifiedProperties.Contains("DeviceDomainId"))) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Deleted)
|
||||
)
|
||||
));
|
||||
}
|
||||
|
||||
private DeviceBatchDevicesManagedGroup(string Key, ADManagedGroupConfiguration Configuration, DeviceBatch DeviceBatch)
|
||||
: base(Key, Configuration)
|
||||
{
|
||||
this.DeviceBatchId = DeviceBatch.Id;
|
||||
this.DeviceBatchName = DeviceBatch.Name;
|
||||
}
|
||||
|
||||
public override void Initialize()
|
||||
{
|
||||
// Subscribe to changes
|
||||
repositorySubscription = RepositoryEvents.Value
|
||||
.Where(e =>
|
||||
(((Device)e.Entity).DeviceBatchId == DeviceBatchId) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified && e.GetPreviousPropertyValue<int>("DeviceBatchId") == DeviceBatchId))
|
||||
.Subscribe(ProcessRepositoryEvent);
|
||||
}
|
||||
|
||||
public static string GetKey(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return string.Format(KeyFormat, DeviceBatch.Id);
|
||||
}
|
||||
public static string GetDescription(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return string.Format(DescriptionFormat, DeviceBatch.Name);
|
||||
}
|
||||
public static string GetCategoryDescription(DeviceBatch DeviceBatch)
|
||||
{
|
||||
return CategoryDescriptionFormat;
|
||||
}
|
||||
|
||||
public static bool TryGetManagedGroup(DeviceBatch DeviceBatch, out DeviceBatchDevicesManagedGroup ManagedGroup)
|
||||
{
|
||||
ADManagedGroup managedGroup;
|
||||
string key = GetKey(DeviceBatch);
|
||||
|
||||
if (ActiveDirectory.Context.ManagedGroups.TryGetValue(key, out managedGroup))
|
||||
{
|
||||
ManagedGroup = (DeviceBatchDevicesManagedGroup)managedGroup;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
ManagedGroup = null;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public static DeviceBatchDevicesManagedGroup Initialize(DeviceBatch DeviceBatch)
|
||||
{
|
||||
if (DeviceBatch.Id > 0)
|
||||
{
|
||||
var key = GetKey(DeviceBatch);
|
||||
|
||||
if (!string.IsNullOrEmpty(DeviceBatch.DevicesLinkedGroup))
|
||||
{
|
||||
var config = ADManagedGroup.ConfigurationFromJson(DeviceBatch.DevicesLinkedGroup);
|
||||
|
||||
if (config != null && !string.IsNullOrWhiteSpace(config.GroupId))
|
||||
{
|
||||
var group = new DeviceBatchDevicesManagedGroup(
|
||||
key,
|
||||
config,
|
||||
DeviceBatch);
|
||||
|
||||
// Add to AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.AddOrUpdate(group);
|
||||
|
||||
return group;
|
||||
}
|
||||
}
|
||||
|
||||
// Remove from AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.Remove(key);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public override IEnumerable<string> DetermineMembers(DiscoDataContext Database)
|
||||
{
|
||||
return Database.Devices
|
||||
.Where(d => d.DeviceBatchId == this.DeviceBatchId)
|
||||
.Where(d => d.DeviceDomainId != null)
|
||||
.Select(d => d.DeviceDomainId)
|
||||
.ToList()
|
||||
.Where(ActiveDirectory.IsValidDomainAccountId)
|
||||
.Select(id => id + "$");
|
||||
}
|
||||
|
||||
private void ProcessRepositoryEvent(RepositoryMonitorEvent Event)
|
||||
{
|
||||
var device = (Device)Event.Entity;
|
||||
string previousDeviceDomainId = Event.GetPreviousPropertyValue<string>("DeviceDomainId");
|
||||
|
||||
Event.ExecuteAfterCommit(e =>
|
||||
{
|
||||
switch (e.EventType)
|
||||
{
|
||||
case RepositoryMonitorEventType.Added:
|
||||
AddMember(device.DeviceDomainId + "$");
|
||||
break;
|
||||
case RepositoryMonitorEventType.Modified:
|
||||
if (device.DeviceBatchId == this.DeviceBatchId)
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(device.DeviceDomainId))
|
||||
AddMember(device.DeviceDomainId + "$");
|
||||
|
||||
if (e.ModifiedProperties.Contains("DeviceDomainId"))
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (e.ModifiedProperties.Contains("DeviceDomainId"))
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
}
|
||||
else
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(device.DeviceDomainId))
|
||||
RemoveMember(device.DeviceDomainId + "$");
|
||||
}
|
||||
}
|
||||
break;
|
||||
case RepositoryMonitorEventType.Deleted:
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
break;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public override void Dispose()
|
||||
{
|
||||
if (repositorySubscription != null)
|
||||
repositorySubscription.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,31 @@
|
||||
using Disco.Data.Repository;
|
||||
using System.Linq;
|
||||
|
||||
namespace Disco.Services.Devices.ManagedGroups
|
||||
{
|
||||
public static class DeviceManagedGroups
|
||||
{
|
||||
public static void Initialize(DiscoDataContext Database)
|
||||
{
|
||||
// Device Profiles
|
||||
Database.DeviceProfiles
|
||||
.Where(dp => dp.DevicesLinkedGroup != null || dp.AssignedUsersLinkedGroup != null)
|
||||
.ToList()
|
||||
.ForEach(dp =>
|
||||
{
|
||||
DeviceProfileDevicesManagedGroup.Initialize(dp);
|
||||
DeviceProfileAssignedUsersManagedGroup.Initialize(dp);
|
||||
});
|
||||
|
||||
// Device Batches
|
||||
Database.DeviceBatches
|
||||
.Where(db => db.DevicesLinkedGroup != null || db.AssignedUsersLinkedGroup != null)
|
||||
.ToList()
|
||||
.ForEach(db =>
|
||||
{
|
||||
DeviceBatchDevicesManagedGroup.Initialize(db);
|
||||
DeviceBatchAssignedUsersManagedGroup.Initialize(db);
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,186 @@
|
||||
using Disco.Data.Repository;
|
||||
using Disco.Data.Repository.Monitor;
|
||||
using Disco.Models.Repository;
|
||||
using Disco.Models.Services.Interop.ActiveDirectory;
|
||||
using Disco.Services.Interop.ActiveDirectory;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reactive.Linq;
|
||||
|
||||
namespace Disco.Services.Devices.ManagedGroups
|
||||
{
|
||||
public class DeviceProfileAssignedUsersManagedGroup : ADManagedGroup
|
||||
{
|
||||
private const string KeyFormat = "DeviceProfile_{0}_AssignedUsers";
|
||||
private const string DescriptionFormat = "Devices within the {0} Profile will have their assigned users added to this Active Directory group.";
|
||||
private const string CategoryDescriptionFormat = "Assigned Users Linked Group";
|
||||
private const string GroupDescriptionFormat = "{0} [Device Profile Assigned Users]";
|
||||
|
||||
private static Lazy<IObservable<RepositoryMonitorEvent>> RepositoryEvents;
|
||||
|
||||
private IDisposable repositorySubscription;
|
||||
private int DeviceProfileId;
|
||||
private string DeviceProfileName;
|
||||
|
||||
public override string Description { get { return string.Format(DescriptionFormat, DeviceProfileName); } }
|
||||
public override string CategoryDescription { get { return CategoryDescriptionFormat; } }
|
||||
public override string GroupDescription { get { return string.Format(GroupDescriptionFormat, DeviceProfileName); } }
|
||||
public override bool IncludeFilterBeginDate { get { return false; } }
|
||||
|
||||
static DeviceProfileAssignedUsersManagedGroup()
|
||||
{
|
||||
RepositoryEvents =
|
||||
new Lazy<IObservable<RepositoryMonitorEvent>>(() =>
|
||||
RepositoryMonitor.StreamBeforeCommit.Where(e =>
|
||||
e.EntityType == typeof(Device) && (
|
||||
(e.EventType == RepositoryMonitorEventType.Added &&
|
||||
((Device)e.Entity).AssignedUserId != null) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified &&
|
||||
(e.ModifiedProperties.Contains("DeviceProfileId") || e.ModifiedProperties.Contains("AssignedUserId"))) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Deleted &&
|
||||
((Device)e.Entity).AssignedUserId != null))
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
private DeviceProfileAssignedUsersManagedGroup(string Key, ADManagedGroupConfiguration Configuration, DeviceProfile DeviceProfile)
|
||||
: base(Key, Configuration)
|
||||
{
|
||||
this.DeviceProfileId = DeviceProfile.Id;
|
||||
this.DeviceProfileName = DeviceProfile.Name;
|
||||
}
|
||||
|
||||
public override void Initialize()
|
||||
{
|
||||
// Subscribe to changes
|
||||
repositorySubscription = RepositoryEvents.Value
|
||||
.Where(e =>
|
||||
(((Device)e.Entity).DeviceProfileId == DeviceProfileId) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified && e.GetPreviousPropertyValue<int>("DeviceProfileId") == DeviceProfileId))
|
||||
.Subscribe(ProcessRepositoryEvent);
|
||||
}
|
||||
|
||||
public static string GetKey(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return string.Format(KeyFormat, DeviceProfile.Id);
|
||||
}
|
||||
public static string GetDescription(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return string.Format(DescriptionFormat, DeviceProfile.Name);
|
||||
}
|
||||
public static string GetCategoryDescription(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return CategoryDescriptionFormat;
|
||||
}
|
||||
|
||||
public static bool TryGetManagedGroup(DeviceProfile DeviceProfile, out DeviceProfileAssignedUsersManagedGroup ManagedGroup)
|
||||
{
|
||||
ADManagedGroup managedGroup;
|
||||
string key = GetKey(DeviceProfile);
|
||||
|
||||
if (ActiveDirectory.Context.ManagedGroups.TryGetValue(key, out managedGroup))
|
||||
{
|
||||
ManagedGroup = (DeviceProfileAssignedUsersManagedGroup)managedGroup;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
ManagedGroup = null;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public static DeviceProfileAssignedUsersManagedGroup Initialize(DeviceProfile DeviceProfile)
|
||||
{
|
||||
if (DeviceProfile.Id > 0)
|
||||
{
|
||||
var key = GetKey(DeviceProfile);
|
||||
|
||||
if (!string.IsNullOrEmpty(DeviceProfile.AssignedUsersLinkedGroup))
|
||||
{
|
||||
var config = ADManagedGroup.ConfigurationFromJson(DeviceProfile.AssignedUsersLinkedGroup);
|
||||
|
||||
if (config != null && !string.IsNullOrWhiteSpace(config.GroupId))
|
||||
{
|
||||
var group = new DeviceProfileAssignedUsersManagedGroup(
|
||||
key,
|
||||
config,
|
||||
DeviceProfile);
|
||||
|
||||
// Add to AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.AddOrUpdate(group);
|
||||
|
||||
return group;
|
||||
}
|
||||
}
|
||||
|
||||
// Remove from AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.Remove(key);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public override IEnumerable<string> DetermineMembers(DiscoDataContext Database)
|
||||
{
|
||||
return Database.Devices
|
||||
.Where(d => d.DeviceProfileId == this.DeviceProfileId)
|
||||
.Where(d => d.AssignedUserId != null)
|
||||
.Select(d => d.AssignedUserId);
|
||||
}
|
||||
|
||||
private void ProcessRepositoryEvent(RepositoryMonitorEvent Event)
|
||||
{
|
||||
var device = (Device)Event.Entity;
|
||||
string previousUserId = Event.GetPreviousPropertyValue<string>("AssignedUserId");
|
||||
|
||||
Event.ExecuteAfterCommit(e =>
|
||||
{
|
||||
switch (e.EventType)
|
||||
{
|
||||
case RepositoryMonitorEventType.Added:
|
||||
AddMember(device.AssignedUserId);
|
||||
break;
|
||||
case RepositoryMonitorEventType.Modified:
|
||||
if (device.DeviceProfileId == this.DeviceProfileId)
|
||||
{
|
||||
if (device.AssignedUserId != null)
|
||||
AddMember(device.AssignedUserId);
|
||||
|
||||
if (e.ModifiedProperties.Contains("AssignedUserId"))
|
||||
{
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceProfileId == this.DeviceProfileId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceProfileId == this.DeviceProfileId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
}
|
||||
break;
|
||||
case RepositoryMonitorEventType.Deleted:
|
||||
if (previousUserId != null)
|
||||
RemoveMember(previousUserId, (database) =>
|
||||
!database.Devices.Any(d => d.DeviceProfileId == this.DeviceProfileId && d.AssignedUserId == previousUserId)
|
||||
? new string[] { previousUserId }
|
||||
: null);
|
||||
break;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public override void Dispose()
|
||||
{
|
||||
if (repositorySubscription != null)
|
||||
repositorySubscription.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,187 @@
|
||||
using Disco.Data.Repository;
|
||||
using Disco.Data.Repository.Monitor;
|
||||
using Disco.Models.Repository;
|
||||
using Disco.Models.Services.Interop.ActiveDirectory;
|
||||
using Disco.Services.Interop.ActiveDirectory;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reactive.Linq;
|
||||
|
||||
namespace Disco.Services.Devices.ManagedGroups
|
||||
{
|
||||
public class DeviceProfileDevicesManagedGroup : ADManagedGroup
|
||||
{
|
||||
private const string KeyFormat = "DeviceProfile_{0}_Devices";
|
||||
private const string DescriptionFormat = "Devices within the {0} Profile will be added to this Active Directory group.";
|
||||
private const string CategoryDescriptionFormat = "Devices Linked Group";
|
||||
private const string GroupDescriptionFormat = "{0} [Device Profile Devices]";
|
||||
|
||||
private static Lazy<IObservable<RepositoryMonitorEvent>> RepositoryEvents;
|
||||
|
||||
private IDisposable repositorySubscription;
|
||||
private int DeviceProfileId;
|
||||
private string DeviceProfileName;
|
||||
|
||||
public override string Description { get { return string.Format(DescriptionFormat, DeviceProfileName); } }
|
||||
public override string CategoryDescription { get { return CategoryDescriptionFormat; } }
|
||||
public override string GroupDescription { get { return string.Format(GroupDescriptionFormat, DeviceProfileName); } }
|
||||
public override bool IncludeFilterBeginDate { get { return false; } }
|
||||
|
||||
static DeviceProfileDevicesManagedGroup()
|
||||
{
|
||||
RepositoryEvents =
|
||||
new Lazy<IObservable<RepositoryMonitorEvent>>(() =>
|
||||
RepositoryMonitor.StreamBeforeCommit.Where(e =>
|
||||
e.EntityType == typeof(Device) && (
|
||||
(e.EventType == RepositoryMonitorEventType.Added &&
|
||||
ActiveDirectory.IsValidDomainAccountId(((Device)e.Entity).DeviceDomainId)) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified &&
|
||||
(e.ModifiedProperties.Contains("DeviceProfileId") || e.ModifiedProperties.Contains("DeviceDomainId"))) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Deleted)
|
||||
)
|
||||
));
|
||||
}
|
||||
|
||||
private DeviceProfileDevicesManagedGroup(string Key, ADManagedGroupConfiguration Configuration, DeviceProfile DeviceProfile)
|
||||
: base(Key, Configuration)
|
||||
{
|
||||
this.DeviceProfileId = DeviceProfile.Id;
|
||||
this.DeviceProfileName = DeviceProfile.Name;
|
||||
}
|
||||
|
||||
public override void Initialize()
|
||||
{
|
||||
// Subscribe to changes
|
||||
repositorySubscription = RepositoryEvents.Value
|
||||
.Where(e =>
|
||||
(((Device)e.Entity).DeviceProfileId == DeviceProfileId) ||
|
||||
(e.EventType == RepositoryMonitorEventType.Modified && e.GetPreviousPropertyValue<int>("DeviceProfileId") == DeviceProfileId))
|
||||
.Subscribe(ProcessRepositoryEvent);
|
||||
}
|
||||
|
||||
public static string GetKey(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return string.Format(KeyFormat, DeviceProfile.Id);
|
||||
}
|
||||
public static string GetDescription(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return string.Format(DescriptionFormat, DeviceProfile.Name);
|
||||
}
|
||||
public static string GetCategoryDescription(DeviceProfile DeviceProfile)
|
||||
{
|
||||
return CategoryDescriptionFormat;
|
||||
}
|
||||
|
||||
public static bool TryGetManagedGroup(DeviceProfile DeviceProfile, out DeviceProfileDevicesManagedGroup ManagedGroup)
|
||||
{
|
||||
ADManagedGroup managedGroup;
|
||||
string key = GetKey(DeviceProfile);
|
||||
|
||||
if (ActiveDirectory.Context.ManagedGroups.TryGetValue(key, out managedGroup))
|
||||
{
|
||||
ManagedGroup = (DeviceProfileDevicesManagedGroup)managedGroup;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
ManagedGroup = null;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public static DeviceProfileDevicesManagedGroup Initialize(DeviceProfile DeviceProfile)
|
||||
{
|
||||
if (DeviceProfile.Id > 0)
|
||||
{
|
||||
var key = GetKey(DeviceProfile);
|
||||
|
||||
if (!string.IsNullOrEmpty(DeviceProfile.DevicesLinkedGroup))
|
||||
{
|
||||
var config = ADManagedGroup.ConfigurationFromJson(DeviceProfile.DevicesLinkedGroup);
|
||||
|
||||
if (config != null && !string.IsNullOrWhiteSpace(config.GroupId))
|
||||
{
|
||||
var group = new DeviceProfileDevicesManagedGroup(
|
||||
key,
|
||||
config,
|
||||
DeviceProfile);
|
||||
|
||||
// Add to AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.AddOrUpdate(group);
|
||||
|
||||
return group;
|
||||
}
|
||||
}
|
||||
|
||||
// Remove from AD Context
|
||||
ActiveDirectory.Context.ManagedGroups.Remove(key);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public override IEnumerable<string> DetermineMembers(DiscoDataContext Database)
|
||||
{
|
||||
return Database.Devices
|
||||
.Where(d => d.DeviceProfileId == this.DeviceProfileId)
|
||||
.Where(d => d.DeviceDomainId != null)
|
||||
.Select(d => d.DeviceDomainId)
|
||||
.ToList()
|
||||
.Where(ActiveDirectory.IsValidDomainAccountId)
|
||||
.Select(id => id + "$");
|
||||
}
|
||||
|
||||
private void ProcessRepositoryEvent(RepositoryMonitorEvent Event)
|
||||
{
|
||||
var device = (Device)Event.Entity;
|
||||
string previousDeviceDomainId = Event.GetPreviousPropertyValue<string>("DeviceDomainId");
|
||||
|
||||
Event.ExecuteAfterCommit(e =>
|
||||
{
|
||||
switch (e.EventType)
|
||||
{
|
||||
case RepositoryMonitorEventType.Added:
|
||||
AddMember(device.DeviceDomainId + "$");
|
||||
break;
|
||||
case RepositoryMonitorEventType.Modified:
|
||||
if (device.DeviceProfileId == this.DeviceProfileId)
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(device.DeviceDomainId))
|
||||
AddMember(device.DeviceDomainId + "$");
|
||||
|
||||
if (e.ModifiedProperties.Contains("DeviceDomainId"))
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (e.ModifiedProperties.Contains("DeviceDomainId"))
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
}
|
||||
else
|
||||
{
|
||||
if (ActiveDirectory.IsValidDomainAccountId(device.DeviceDomainId))
|
||||
RemoveMember(device.DeviceDomainId + "$");
|
||||
}
|
||||
}
|
||||
break;
|
||||
case RepositoryMonitorEventType.Deleted:
|
||||
if (ActiveDirectory.IsValidDomainAccountId(previousDeviceDomainId))
|
||||
RemoveMember(previousDeviceDomainId + "$");
|
||||
break;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public override void Dispose()
|
||||
{
|
||||
if (repositorySubscription != null)
|
||||
repositorySubscription.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user