jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feature #49: Active Directory Managed Groups

Browse Source 
Document Template Attachments, Device Batches, Device Profiles and User
Flags can be associated with an Active Directory group. This AD group is
then automatically synchronized with relevant User/Machine accounts.
Contains various other UI tweaks and configuration enhancements.
This commit is contained in:
Gary Sharp
2014-06-16 22:21:31 +10:00
parent ebf78dd08d
commit a819d2722a
119 changed files with 8349 additions and 2373 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.Web/Areas/API/Controllers/DeviceProfileController.cs
+109 -2
View File
@@ -1,17 +1,17 @@
using Disco.BI.Extensions;
using Disco.Models.Repository;
using Disco.Services.Authorization;
using Disco.Services.Devices.ManagedGroups;
using Disco.Services.Interop.ActiveDirectory;
using Disco.Services.Tasks;
using Disco.Services.Web;
using System;
using System.Linq;
using System.Web.Mvc;
namespace Disco.Web.Areas.API.Controllers
{
public partial class DeviceProfileController : AuthorizedDatabaseController
{
const string pDescription = "description";
const string pName = "name";
const string pShortName = "shortname";
@@ -25,6 +25,8 @@ namespace Disco.Web.Areas.API.Controllers
const string pProvisionADAccount = "provisionadaccount";
const string pAssignedUserLocalAdmin = "assigneduserlocaladmin";
const string pAllowUntrustedReimageJobEnrolment = "allowuntrustedreimagejobrnrolment";
const string pDevicesLinkedGroup = "deviceslinkedgroup";
const string pAssignedUsersLinkedGroup = "assigneduserslinkedgroup";
[DiscoAuthorize(Claims.Config.DeviceProfile.Configure)]
public virtual ActionResult Update(int id, string key, string value = null, Nullable<bool> redirect = null)
@@ -82,6 +84,12 @@ namespace Disco.Web.Areas.API.Controllers
case pAllowUntrustedReimageJobEnrolment:
UpdateAllowUntrustedReimageJobEnrolment(deviceProfile, value);
break;
case pDevicesLinkedGroup:
UpdateDevicesLinkedGroup(deviceProfile, value);
break;
case pAssignedUsersLinkedGroup:
UpdateAssignedUsersLinkedGroup(deviceProfile, value);
break;
default:
throw new Exception("Invalid Update Key");
}
@@ -183,6 +191,71 @@ namespace Disco.Web.Areas.API.Controllers
{
return Update(id, pAllowUntrustedReimageJobEnrolment, AllowUntrustedReimageJobEnrolment, redirect);
}
[DiscoAuthorize(Claims.Config.DeviceProfile.Configure)]
public virtual ActionResult UpdateDevicesLinkedGroup(int id, string GroupId = null, bool redirect = false)
{
try
{
if (id < 0)
throw new ArgumentOutOfRangeException("id");
var deviceProfile = Database.DeviceProfiles.Find(id);
if (deviceProfile == null)
throw new ArgumentException("Invalid Device Profile Id", "id");
var syncTaskStatus = UpdateDevicesLinkedGroup(deviceProfile, GroupId);
if (redirect)
if (syncTaskStatus == null)
return RedirectToAction(MVC.Config.DeviceProfile.Index(deviceProfile.Id));
else
{
syncTaskStatus.SetFinishedUrl(Url.Action(MVC.Config.DeviceProfile.Index(deviceProfile.Id)));
return RedirectToAction(MVC.Config.Logging.TaskStatus(syncTaskStatus.SessionId));
}
else
return Json("OK", JsonRequestBehavior.AllowGet);
}
catch (Exception ex)
{
if (redirect)
throw;
else
return Json(string.Format("Error: {0}", ex.Message), JsonRequestBehavior.AllowGet);
}
}
[DiscoAuthorize(Claims.Config.DeviceProfile.Configure)]
public virtual ActionResult UpdateAssignedUsersLinkedGroup(int id, string GroupId = null, bool redirect = false)
{
try
{
if (id < 0)
throw new ArgumentOutOfRangeException("id");
var deviceProfile = Database.DeviceProfiles.Find(id);
if (deviceProfile == null)
throw new ArgumentException("Invalid Device Profile Id", "id");
var syncTaskStatus = UpdateAssignedUsersLinkedGroup(deviceProfile, GroupId);
if (redirect)
if (syncTaskStatus == null)
return RedirectToAction(MVC.Config.DeviceProfile.Index(deviceProfile.Id));
else
{
syncTaskStatus.SetFinishedUrl(Url.Action(MVC.Config.DeviceProfile.Index(deviceProfile.Id)));
return RedirectToAction(MVC.Config.Logging.TaskStatus(syncTaskStatus.SessionId));
}
else
return Json("OK", JsonRequestBehavior.AllowGet);
}
catch (Exception ex)
{
if (redirect)
throw;
else
return Json(string.Format("Error: {0}", ex.Message), JsonRequestBehavior.AllowGet);
}
}
#endregion
#region Update Properties
@@ -365,6 +438,40 @@ namespace Disco.Web.Areas.API.Controllers
}
throw new Exception("Invalid Boolean Value");
}
private ScheduledTaskStatus UpdateDevicesLinkedGroup(DeviceProfile DeviceProfile, string DevicesLinkedGroup)
{
var configJson = ADManagedGroup.ValidConfigurationToJson(DeviceProfileDevicesManagedGroup.GetKey(DeviceProfile), DevicesLinkedGroup, null);
if (DeviceProfile.DevicesLinkedGroup != configJson)
{
DeviceProfile.DevicesLinkedGroup = configJson;
Database.SaveChanges();
var managedGroup = DeviceProfileDevicesManagedGroup.Initialize(DeviceProfile);
if (managedGroup != null) // Sync Group
return ADManagedGroupsSyncTask.ScheduleSync(managedGroup);
}
return null;
}
private ScheduledTaskStatus UpdateAssignedUsersLinkedGroup(DeviceProfile DeviceProfile, string AssignedUsersLinkedGroup)
{
var configJson = ADManagedGroup.ValidConfigurationToJson(DeviceProfileAssignedUsersManagedGroup.GetKey(DeviceProfile), AssignedUsersLinkedGroup, null);
if (DeviceProfile.AssignedUsersLinkedGroup != configJson)
{
DeviceProfile.AssignedUsersLinkedGroup = configJson;
Database.SaveChanges();
var managedGroup = DeviceProfileAssignedUsersManagedGroup.Initialize(DeviceProfile);
if (managedGroup != null) // Sync Group
return ADManagedGroupsSyncTask.ScheduleSync(managedGroup);
}
return null;
}
#endregion
#region Actions