Meik/LIAM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Share workflow runtime with diagnostics tool

Browse Source
This commit is contained in:
Meik
2026-03-13 15:14:03 +01:00
parent 55ff17c4b4
commit 4909c93bef
5 changed files with 705 additions and 528 deletions
Download Patch File Download Diff File Expand all files Collapse all files

185
LiamWorkflowActivities/C4IT.LIAM.WorkflowActivities.cs
View File

@@ -449,23 +449,18 @@ namespace C4IT.LIAM.Activities
EnsureDataProviders(context);
var result = cloneTeam(ConfigID.Get(context), TeamId.Get(context), Name.Get(context), Description.Get(context), Visibility.Get(context), PartsToClone.Get(context), AdditionalMembers.Get(context), AdditionalOwners.Get(context)).GetAwaiter().GetResult();
Success.Set(context, result != null);
if (result?.Result?.targetResourceId != null)
{
string idString = result.Result.targetResourceId.ToString();
if (Guid.TryParse(idString, out Guid teamGuid))
{
CreatedTeamId.Set(context, teamGuid);
}
else
{
LogEntry($"targetResourceId '{idString}' is not a valid Guid.", LogLevels.Warning);
// Optional: alternativ hier einen Fehler werfen oder Guid.Empty zuweisen
CreatedTeamId.Set(context, Guid.Empty);
}
}
var providerEntry = getDataProvider(ConfigID.Get(context));
var result = LiamWorkflowRuntime.CloneTeamAsync(
providerEntry?.Provider,
TeamId.Get(context),
Name.Get(context),
Description.Get(context),
Visibility.Get(context),
PartsToClone.Get(context),
AdditionalMembers.Get(context),
AdditionalOwners.Get(context)).GetAwaiter().GetResult();
Success.Set(context, result != null && result.Success);
CreatedTeamId.Set(context, result?.CreatedTeamId ?? Guid.Empty);
}
catch (Exception E)
{
@@ -606,45 +601,17 @@ namespace C4IT.LIAM.Activities
ErrorMessage.Set(context, string.Empty);
var entry = getDataProvider(ConfigID.Get(context));
if (entry != null && entry.Provider is cLiamProviderExchange ex)
{
var result = ex.exchangeManager.CreateDistributionGroupWithOwnershipGroups(
Name.Get(context),
Alias.Get(context),
DistributionListDisplayName.Get(context),
PrimarySmtpAddress.Get(context),
out string errorCode,
out string errorMessage
);
ErrorCode.Set(context, errorCode);
ErrorMessage.Set(context, errorMessage);
if (result != null)
{
Success.Set(context, true);
ObjectGuid.Set(context, result.Item1);
CreatedGroups.Set(context, result.Item2);
LogEntry(
$"Distribution group creation succeeded. ObjectGuid='{result.Item1}', CreatedGroups='{result.Item2?.Count ?? 0}'",
LogLevels.Info);
}
else
{
Success.Set(context, false);
LogEntry(
$"Distribution group creation failed [{errorCode}] {errorMessage}",
LogLevels.Error);
}
}
else
{
Success.Set(context, false);
ErrorCode.Set(context, "WF_PROVIDER_INVALID");
ErrorMessage.Set(context, $"Provider is not a cLiamProviderExchange for config '{ConfigID.Get(context)}'.");
LogEntry(
$"Distribution group creation failed [WF_PROVIDER_INVALID] Provider is not a cLiamProviderExchange for config '{ConfigID.Get(context)}'.",
LogLevels.Error);
}
var result = LiamWorkflowRuntime.CreateDistributionGroup(
entry?.Provider,
Name.Get(context),
Alias.Get(context),
DistributionListDisplayName.Get(context),
PrimarySmtpAddress.Get(context));
Success.Set(context, result.Success);
ObjectGuid.Set(context, result.ObjectGuid);
CreatedGroups.Set(context, result.CreatedGroups);
ErrorCode.Set(context, result.ErrorCode);
ErrorMessage.Set(context, result.ErrorMessage);
}
catch (Exception e)
{
@@ -729,45 +696,17 @@ namespace C4IT.LIAM.Activities
ErrorMessage.Set(context, string.Empty);
var entry = getDataProvider(ConfigID.Get(context));
if (entry != null && entry.Provider is cLiamProviderExchange ex)
{
var result = ex.exchangeManager.CreateSharedMailboxWithOwnershipGroups(
Name.Get(context),
Alias.Get(context),
MailboxDisplayName.Get(context),
PrimarySmtpAddress.Get(context),
out string errorCode,
out string errorMessage
);
ErrorCode.Set(context, errorCode);
ErrorMessage.Set(context, errorMessage);
if (result != null)
{
Success.Set(context, true);
ObjectGuid.Set(context, result.Item1);
CreatedGroups.Set(context, result.Item2);
LogEntry(
$"Shared mailbox creation succeeded. ObjectGuid='{result.Item1}', CreatedGroups='{result.Item2?.Count ?? 0}'",
LogLevels.Info);
}
else
{
Success.Set(context, false);
LogEntry(
$"Shared mailbox creation failed [{errorCode}] {errorMessage}",
LogLevels.Error);
}
}
else
{
Success.Set(context, false);
ErrorCode.Set(context, "WF_PROVIDER_INVALID");
ErrorMessage.Set(context, $"Provider is not a cLiamProviderExchange for config '{ConfigID.Get(context)}'.");
LogEntry(
$"Shared mailbox creation failed [WF_PROVIDER_INVALID] Provider is not a cLiamProviderExchange for config '{ConfigID.Get(context)}'.",
LogLevels.Error);
}
var result = LiamWorkflowRuntime.CreateSharedMailbox(
entry?.Provider,
Name.Get(context),
Alias.Get(context),
MailboxDisplayName.Get(context),
PrimarySmtpAddress.Get(context));
Success.Set(context, result.Success);
ObjectGuid.Set(context, result.ObjectGuid);
CreatedGroups.Set(context, result.CreatedGroups);
ErrorCode.Set(context, result.ErrorCode);
ErrorMessage.Set(context, result.ErrorMessage);
}
catch (Exception e)
{
@@ -892,15 +831,16 @@ namespace C4IT.LIAM.Activities
var ownerList = OwnerSids.Expression != null ? OwnerSids.Get(context) : null;
var memberList = MemberSids.Expression != null ? MemberSids.Get(context) : null;
var groups = adProv.CreateServiceGroups(
var result = LiamWorkflowRuntime.CreateAdServiceGroups(
adProv,
svcName,
desc,
scopeEnum,
typeEnum,
ownerList,
memberList);
Success.Set(context, groups != null);
CreatedGroups.Set(context, groups);
Success.Set(context, result.Success);
CreatedGroups.Set(context, result.CreatedGroups);
}
else
{
@@ -937,9 +877,9 @@ namespace C4IT.LIAM.Activities
{
EnsureDataProviders(context);
var cfgId = ConfigID.Get(context);
var provider = getDataProvider(cfgId).Provider as cLiamProviderNtfs;
// evtl. CustomTags, OwnerSIDs etc. aus Activity-Inputs holen
var res = provider.CreateDataAreaAsync(
var provider = getDataProvider(cfgId)?.Provider;
var result = LiamWorkflowRuntime.CreateDataAreaAsync(
provider,
NewFolderPath.Get(context),
ParentFolderPath.Get(context),
/*customTags*/null,
@@ -947,7 +887,7 @@ namespace C4IT.LIAM.Activities
/*readerSids*/null,
/*writerSids*/null
).GetAwaiter().GetResult();
ResultToken.Set(context, JsonValue.Parse(JsonConvert.SerializeObject(res)));
ResultToken.Set(context, JsonValue.Parse(JsonConvert.SerializeObject(result.ResultToken)));
}
private void EnsureDataProviders(NativeActivityContext context)
{
@@ -1002,45 +942,22 @@ namespace C4IT.LIAM.Activities
EnsureDataProviders(context);
var cfgId = ConfigID.Get(context);
var providerEntry = getDataProvider(cfgId);
var provider = providerEntry?.Provider as cLiamProviderNtfs;
var folderPath = FolderPath.Get(context);
if (provider == null || string.IsNullOrWhiteSpace(folderPath))
{
Success.Set(context, false);
ResultToken.Set(context, JsonValue.Parse(JsonConvert.SerializeObject(new ResultToken(GetType().Name)
{
resultErrorId = 1,
resultMessage = provider == null ? "Configured provider is not NTFS or not initialized." : "Folder path is missing."
})));
return;
}
var ownerSids = OwnerSids.Expression != null ? OwnerSids.Get(context) : null;
var readerSids = ReaderSids.Expression != null ? ReaderSids.Get(context) : null;
var writerSids = WriterSids.Expression != null ? WriterSids.Get(context) : null;
var result = provider.EnsureMissingPermissionGroupsAsync(
folderPath,
var providerEntry = getDataProvider(cfgId);
var result = LiamWorkflowRuntime.EnsureNtfsPermissionGroupsAsync(
providerEntry?.Provider,
FolderPath.Get(context),
null,
NormalizeSidList(ownerSids),
NormalizeSidList(readerSids),
NormalizeSidList(writerSids),
ownerSids,
readerSids,
writerSids,
EnsureTraverse.Get(context)).GetAwaiter().GetResult();
Success.Set(context, result != null && result.resultErrorId == 0);
ResultToken.Set(context, JsonValue.Parse(JsonConvert.SerializeObject(result)));
}
private IEnumerable<string> NormalizeSidList(IEnumerable<string> rawSids)
{
if (rawSids == null)
return Enumerable.Empty<string>();
return rawSids
.Select(i => i?.Trim())
.Where(i => !string.IsNullOrWhiteSpace(i))
.Distinct(StringComparer.OrdinalIgnoreCase);
Success.Set(context, result.Success);
ResultToken.Set(context, JsonValue.Parse(JsonConvert.SerializeObject(result.ResultToken)));
}
private void EnsureDataProviders(NativeActivityContext context)

180
LiamWorkflowActivities/C4IT.LIAM.WorkflowactivityBase.cs
View File

@@ -435,52 +435,20 @@ namespace LiamWorkflowActivities
return null;
}
var lstSecurityGroups = await ProviderEntry.Provider.getSecurityGroupsAsync(ProviderEntry.Provider.GroupFilter);
if (lstSecurityGroups == null)
var result = await LiamWorkflowRuntime.GetSecurityGroupsFromProviderAsync(ProviderEntry.Provider);
if (!result.Success)
{
SetOperationErrorFromProvider(
ProviderEntry.Provider,
"WF_GET_SECURITYGROUPS_PROVIDER_CALL_FAILED",
"Provider returned null while reading security groups.");
SetOperationError(result.ErrorCode, result.ErrorMessage);
return null;
}
if (lstSecurityGroups.Count == 0)
if (result.SecurityGroups.Count == 0)
{
LogEntry($"No security groups found for Provider config class with ID {ProviderConfigClassID}", LogLevels.Warning);
return new List<SecurityGroupEntry>();
}
var SGs = new List<SecurityGroupEntry>();
foreach (var sg in lstSecurityGroups)
{
var entry = new SecurityGroupEntry
{
DisplayName = sg.TechnicalName,
TechnicalName = sg.UID,
TargetType = ((int)sg.Provider.ProviderType).ToString()
};
switch (sg)
{
case cLiamAdGroup adGroup:
entry.UID = adGroup.dn;
entry.Scope = adGroup.scope;
break;
case cLiamAdGroup2 adGroup:
entry.UID = adGroup.dn;
entry.Scope = adGroup.scope;
break;
case cLiamExchangeSecurityGroup exGroup:
entry.UID = exGroup.dn; // SID der Exchange-Gruppe
//entry.Scope = exGroup.dn; // Distinguished Name der Exchange-Gruppe
break;
}
SGs.Add(entry);
}
return SGs;
return result.SecurityGroups;
}
catch (Exception E)
{
@@ -518,95 +486,22 @@ namespace LiamWorkflowActivities
return null;
}
var lstDataAreas = await ProviderEntry.Provider.getDataAreasAsync(ProviderEntry.Provider.MaxDepth);
if (lstDataAreas == null)
var result = await LiamWorkflowRuntime.GetDataAreasFromProviderAsync(
ProviderEntry.Provider,
ProviderEntry.ObjectID.ToString());
if (!result.Success)
{
SetOperationErrorFromProvider(
ProviderEntry.Provider,
"WF_GET_DATAAREAS_PROVIDER_CALL_FAILED",
"Provider returned null while reading data areas.");
SetOperationError(result.ErrorCode, result.ErrorMessage);
return null;
}
if (lstDataAreas.Count <= 0)
if (result.DataAreas.Count <= 0)
{
LogEntry($"No data areas found for Provider config class with ID {ProviderConfigClassID}", LogLevels.Warning);
return new List<DataAreaEntry>();
}
if (!await EnsureNtfsPermissionGroupsIfConfiguredAsync(ProviderEntry, lstDataAreas))
return null;
return lstDataAreas
.Select(DataArea =>
{
var ntfsPermissionArea = DataArea as cLiamNtfsPermissionDataAreaBase;
var adGrp = DataArea as cLiamAdGroupAsDataArea;
var exchMB = DataArea as cLiamExchangeSharedMailbox;
var exchDL = DataArea as cLiamExchangeDistributionGroup;
// 1) Owner
// - Shared Mailbox: OwnerGroupIdentifier
// - Distribution Group: OwnerGroupIdentifier
// - AD-Group: ManagedBySID
// - NTFS-Folder: OwnerGroupIdentifier
string owner = exchMB?.OwnerGroupIdentifier
?? exchDL?.OwnerGroupIdentifier
?? adGrp?.ManagedBySID
?? ntfsPermissionArea?.OwnerGroupIdentifier
?? string.Empty;
// 2) WriteSID
// - Shared Mailbox: FullAccessGroupSid
// - Distribution Group: MemberGroupSid
// - AD-Group: UID
// - NTFS-Folder: WriteGroupIdentifier
string write = exchMB != null
? exchMB.FullAccessGroupSid
: exchDL != null
? exchDL.MemberGroupSid
: adGrp?.UID
?? ntfsPermissionArea?.WriteGroupIdentifier
?? string.Empty;
// 3) ReadSID
// - Shared Mailbox: SendAsGroupSid
// - Distribution Group: (nicht verwendet)
// - NTFS-Folder: ReadGroupIdentifier
string read = exchMB != null
? exchMB.SendAsGroupSid
: ntfsPermissionArea?.ReadGroupIdentifier
?? string.Empty;
// 4) Traverse nur NTFS-Objekte
string traverse = ntfsPermissionArea?.TraverseGroupIdentifier ?? string.Empty;
// 5) CreatedDate nur NTFS-Objekte
string created = ntfsPermissionArea?.CreatedDate ?? DateTime.MinValue.ToString("o");
// 6) Description: nur AD-Group
string desc = adGrp?.Description ?? string.Empty;
return new DataAreaEntry
{
DisplayName = DataArea.DisplayName ?? string.Empty,
UID = DataArea.UID,
TechnicalName = DataArea.TechnicalName,
Description = desc,
TargetType = ((int)DataArea.Provider.ProviderType).ToString(),
ParentUID = DataArea.ParentUID ?? string.Empty,
Level = DataArea.Level.ToString(),
ConfigurationId = ProviderEntry.ObjectID.ToString(),
DataAreaType = DataArea.DataType.ToString(),
Owner = owner,
Write = write,
Read = read,
Traverse = traverse,
CreatedDate = created,
};
})
.ToList();
return result.DataAreas;
}
catch (Exception E)
{
@@ -620,57 +515,6 @@ namespace LiamWorkflowActivities
}
}
private async Task<bool> EnsureNtfsPermissionGroupsIfConfiguredAsync(ProviderCacheEntry providerEntry, List<cLiamDataAreaBase> dataAreas)
{
if (!(providerEntry?.Provider is cLiamProviderNtfs ntfsProvider))
return true;
if (!IsAdditionalConfigurationEnabled(providerEntry.Provider, "EnsureNtfsPermissionGroups"))
return true;
foreach (var ntfsArea in dataAreas.OfType<cLiamNtfsFolder>())
{
var folderPath = ntfsArea.TechnicalName;
if (string.IsNullOrWhiteSpace(folderPath))
continue;
if (!Directory.Exists(folderPath))
{
LogEntry($"Skipping automatic NTFS permission group ensure for '{folderPath}' because the directory does not exist.", LogLevels.Warning);
continue;
}
var result = await ntfsProvider.EnsureMissingPermissionGroupsAsync(
folderPath,
null,
null,
null,
null,
false);
if (result == null)
{
SetOperationError(
"WF_GET_DATAAREAS_ENSURE_NTFS_GROUPS_FAILED",
$"Automatic NTFS permission group ensure failed for '{folderPath}' because the provider returned no result.");
return false;
}
if (result.resultErrorId != 0)
{
SetOperationError(
"WF_GET_DATAAREAS_ENSURE_NTFS_GROUPS_FAILED",
$"Automatic NTFS permission group ensure failed for '{folderPath}': {result.resultMessage}");
return false;
}
await ntfsArea.ResolvePermissionGroupsAsync(folderPath);
}
return true;
}
private async Task<cLiamDataAreaBase> getDataAreaFromUID(string UID)
{
var CM = MethodBase.GetCurrentMethod();

3
LiamWorkflowActivities/LiamWorkflowActivities.csproj
View File

@@ -85,6 +85,7 @@
</Compile>
<Compile Include="C4IT.LIAM.WorkflowactivityBase.cs" />
<Compile Include="C4IT.LIAM.WorkflowActivities.cs" />
<Compile Include="LiamWorkflowRuntime.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup>
@@ -122,4 +123,4 @@
<None Include="SignSourceFiles.cmd" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
</Project>
</Project>

570
LiamWorkflowActivities/LiamWorkflowRuntime.cs Normal file
View File

@@ -0,0 +1,570 @@
using C4IT.LIAM;
using C4IT.Logging;
using C4IT.MsGraph;
using C4IT_IAM_Engine;
using LiamAD;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using static C4IT.Logging.cLogManager;
using static LiamAD.ADServiceGroupCreator;
namespace LiamWorkflowActivities
{
public class GetDataAreasOperationResult
{
public bool Success { get; set; }
public string ErrorCode { get; set; } = string.Empty;
public string ErrorMessage { get; set; } = string.Empty;
public List<DataAreaEntry> DataAreas { get; set; } = new List<DataAreaEntry>();
}
public class GetSecurityGroupsOperationResult
{
public bool Success { get; set; }
public string ErrorCode { get; set; } = string.Empty;
public string ErrorMessage { get; set; } = string.Empty;
public List<SecurityGroupEntry> SecurityGroups { get; set; } = new List<SecurityGroupEntry>();
}
public class NtfsOperationResult
{
public bool Success { get; set; }
public ResultToken ResultToken { get; set; }
}
public class AdServiceGroupOperationResult
{
public bool Success { get; set; }
public string ErrorCode { get; set; } = string.Empty;
public string ErrorMessage { get; set; } = string.Empty;
public List<Tuple<string, string, string, string>> CreatedGroups { get; set; } = new List<Tuple<string, string, string, string>>();
}
public class ExchangeProvisionOperationResult
{
public bool Success { get; set; }
public Guid ObjectGuid { get; set; } = Guid.Empty;
public List<Tuple<string, string, string, string>> CreatedGroups { get; set; } = new List<Tuple<string, string, string, string>>();
public string ErrorCode { get; set; } = string.Empty;
public string ErrorMessage { get; set; } = string.Empty;
}
public class CloneTeamOperationResult
{
public bool Success { get; set; }
public Guid CreatedTeamId { get; set; } = Guid.Empty;
public cMsGraphResultBase Result { get; set; }
public string ErrorCode { get; set; } = string.Empty;
public string ErrorMessage { get; set; } = string.Empty;
}
public static class LiamWorkflowRuntime
{
public static async Task<GetDataAreasOperationResult> GetDataAreasFromProviderAsync(cLiamProviderBase provider, string configurationId = null)
{
var result = new GetDataAreasOperationResult();
if (provider == null)
{
result.ErrorCode = "WF_GET_DATAAREAS_PROVIDER_NOT_FOUND";
result.ErrorMessage = "Configured provider is not initialized.";
return result;
}
try
{
var dataAreas = await provider.getDataAreasAsync(provider.MaxDepth);
if (dataAreas == null)
{
SetErrorFromProvider(result, provider, "WF_GET_DATAAREAS_PROVIDER_CALL_FAILED", "Provider returned null while reading data areas.");
return result;
}
if (!await EnsureNtfsPermissionGroupsIfConfiguredAsync(provider, dataAreas, result))
return result;
result.DataAreas = dataAreas
.Select(dataArea => MapDataAreaEntry(dataArea, configurationId))
.ToList();
result.Success = true;
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_GET_DATAAREAS_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
public static async Task<GetSecurityGroupsOperationResult> GetSecurityGroupsFromProviderAsync(cLiamProviderBase provider)
{
var result = new GetSecurityGroupsOperationResult();
if (provider == null)
{
result.ErrorCode = "WF_GET_SECURITYGROUPS_PROVIDER_NOT_FOUND";
result.ErrorMessage = "Configured provider is not initialized.";
return result;
}
try
{
var securityGroups = await provider.getSecurityGroupsAsync(provider.GroupFilter);
if (securityGroups == null)
{
SetErrorFromProvider(result, provider, "WF_GET_SECURITYGROUPS_PROVIDER_CALL_FAILED", "Provider returned null while reading security groups.");
return result;
}
result.SecurityGroups = securityGroups
.Select(MapSecurityGroupEntry)
.ToList();
result.Success = true;
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_GET_SECURITYGROUPS_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
public static async Task<NtfsOperationResult> CreateDataAreaAsync(
cLiamProviderBase provider,
string newFolderPath,
string parentFolderPath,
IDictionary<string, string> customTags,
IEnumerable<string> ownerSids,
IEnumerable<string> readerSids,
IEnumerable<string> writerSids)
{
var result = new NtfsOperationResult();
if (!(provider is cLiamProviderNtfs ntfsProvider))
{
result.ResultToken = CreateInvalidNtfsResultToken("Configured provider is not NTFS or not initialized.");
return result;
}
var token = await ntfsProvider.CreateDataAreaAsync(
newFolderPath,
parentFolderPath,
customTags,
NormalizeIdentifierList(ownerSids),
NormalizeIdentifierList(readerSids),
NormalizeIdentifierList(writerSids));
if (token == null)
token = CreateInvalidNtfsResultToken(ntfsProvider.GetLastErrorMessage() ?? "Provider returned no result while creating the data area.");
result.ResultToken = token;
result.Success = token != null && token.resultErrorId == 0;
return result;
}
public static async Task<NtfsOperationResult> EnsureNtfsPermissionGroupsAsync(
cLiamProviderBase provider,
string folderPath,
IDictionary<string, string> customTags,
IEnumerable<string> ownerSids,
IEnumerable<string> readerSids,
IEnumerable<string> writerSids,
bool ensureTraverseGroups)
{
var result = new NtfsOperationResult();
if (!(provider is cLiamProviderNtfs ntfsProvider) || string.IsNullOrWhiteSpace(folderPath))
{
result.ResultToken = CreateInvalidNtfsResultToken(provider is cLiamProviderNtfs
? "Folder path is missing."
: "Configured provider is not NTFS or not initialized.");
return result;
}
var token = await ntfsProvider.EnsureMissingPermissionGroupsAsync(
folderPath,
customTags,
NormalizeIdentifierList(ownerSids),
NormalizeIdentifierList(readerSids),
NormalizeIdentifierList(writerSids),
ensureTraverseGroups);
if (token == null)
token = CreateInvalidNtfsResultToken(ntfsProvider.GetLastErrorMessage() ?? "Provider returned no result while ensuring NTFS permission groups.");
result.ResultToken = token;
result.Success = token != null && token.resultErrorId == 0;
return result;
}
public static AdServiceGroupOperationResult CreateAdServiceGroups(
cLiamProviderBase provider,
string serviceName,
string description,
eLiamAccessRoleScopes scope,
ADGroupType groupType,
IEnumerable<string> ownerSids,
IEnumerable<string> memberSids)
{
var result = new AdServiceGroupOperationResult();
if (!(provider is cLiamProviderAD adProvider))
{
result.ErrorCode = "WF_PROVIDER_INVALID";
result.ErrorMessage = "Configured provider is not Active Directory or not initialized.";
return result;
}
try
{
var groups = adProvider.CreateServiceGroups(
serviceName,
description,
scope,
groupType,
NormalizeIdentifierList(ownerSids),
NormalizeIdentifierList(memberSids));
result.Success = groups != null;
result.CreatedGroups = groups ?? new List<Tuple<string, string, string, string>>();
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_ACTIVITY_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
public static async Task<CloneTeamOperationResult> CloneTeamAsync(
cLiamProviderBase provider,
string teamId,
string name,
string description,
int visibility,
int partsToClone,
string additionalMembers,
string additionalOwners)
{
var result = new CloneTeamOperationResult();
if (!(provider is cLiamProviderMsTeams msTeamsProvider))
{
result.ErrorCode = "WF_PROVIDER_INVALID";
result.ErrorMessage = "Configured provider is not MsTeams or not initialized.";
return result;
}
try
{
var cloneResult = await msTeamsProvider.cloneTeam(teamId, name, description, visibility, partsToClone, additionalMembers, additionalOwners);
result.Result = cloneResult;
result.Success = cloneResult != null;
if (cloneResult?.Result?.targetResourceId != null)
{
var idString = cloneResult.Result.targetResourceId.ToString();
if (Guid.TryParse(idString, out var createdTeamId))
{
result.CreatedTeamId = createdTeamId;
}
else
{
LogEntry($"targetResourceId '{idString}' is not a valid Guid.", LogLevels.Warning);
}
}
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_ACTIVITY_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
public static ExchangeProvisionOperationResult CreateDistributionGroup(
cLiamProviderBase provider,
string name,
string alias,
string displayName,
string primarySmtpAddress)
{
var result = new ExchangeProvisionOperationResult();
if (!(provider is cLiamProviderExchange exchangeProvider))
{
result.ErrorCode = "WF_PROVIDER_INVALID";
result.ErrorMessage = "Configured provider is not Exchange or not initialized.";
return result;
}
try
{
var created = exchangeProvider.exchangeManager.CreateDistributionGroupWithOwnershipGroups(
name,
alias,
displayName,
primarySmtpAddress,
out string errorCode,
out string errorMessage);
result.ErrorCode = errorCode ?? string.Empty;
result.ErrorMessage = errorMessage ?? string.Empty;
if (created != null)
{
result.Success = true;
result.ObjectGuid = created.Item1;
result.CreatedGroups = created.Item2 ?? new List<Tuple<string, string, string, string>>();
}
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_ACTIVITY_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
public static ExchangeProvisionOperationResult CreateSharedMailbox(
cLiamProviderBase provider,
string name,
string alias,
string displayName,
string primarySmtpAddress)
{
var result = new ExchangeProvisionOperationResult();
if (!(provider is cLiamProviderExchange exchangeProvider))
{
result.ErrorCode = "WF_PROVIDER_INVALID";
result.ErrorMessage = "Configured provider is not Exchange or not initialized.";
return result;
}
try
{
var created = exchangeProvider.exchangeManager.CreateSharedMailboxWithOwnershipGroups(
name,
alias,
displayName,
primarySmtpAddress,
out string errorCode,
out string errorMessage);
result.ErrorCode = errorCode ?? string.Empty;
result.ErrorMessage = errorMessage ?? string.Empty;
if (created != null)
{
result.Success = true;
result.ObjectGuid = created.Item1;
result.CreatedGroups = created.Item2 ?? new List<Tuple<string, string, string, string>>();
}
return result;
}
catch (Exception ex)
{
LogException(ex);
result.ErrorCode = "WF_ACTIVITY_EXCEPTION";
result.ErrorMessage = ex.Message;
return result;
}
}
private static ResultToken CreateInvalidNtfsResultToken(string message)
{
return new ResultToken("LiamWorkflowRuntime")
{
resultErrorId = 1,
resultMessage = message ?? string.Empty
};
}
private static IEnumerable<string> NormalizeIdentifierList(IEnumerable<string> identifiers)
{
if (identifiers == null)
return Enumerable.Empty<string>();
return identifiers
.Select(i => i?.Trim())
.Where(i => !string.IsNullOrWhiteSpace(i))
.Distinct(StringComparer.OrdinalIgnoreCase)
.ToList();
}
private static async Task<bool> EnsureNtfsPermissionGroupsIfConfiguredAsync(cLiamProviderBase provider, List<cLiamDataAreaBase> dataAreas, GetDataAreasOperationResult result)
{
if (!(provider is cLiamProviderNtfs ntfsProvider))
return true;
if (!IsAdditionalConfigurationEnabled(provider, "EnsureNtfsPermissionGroups"))
return true;
foreach (var ntfsArea in dataAreas.OfType<cLiamNtfsFolder>())
{
var folderPath = ntfsArea.TechnicalName;
if (string.IsNullOrWhiteSpace(folderPath))
continue;
if (!Directory.Exists(folderPath))
{
LogEntry($"Skipping automatic NTFS permission group ensure for '{folderPath}' because the directory does not exist.", LogLevels.Warning);
continue;
}
var ensureResult = await ntfsProvider.EnsureMissingPermissionGroupsAsync(
folderPath,
null,
null,
null,
null,
false);
if (ensureResult == null)
{
result.ErrorCode = "WF_GET_DATAAREAS_ENSURE_NTFS_GROUPS_FAILED";
result.ErrorMessage = $"Automatic NTFS permission group ensure failed for '{folderPath}' because the provider returned no result.";
return false;
}
if (ensureResult.resultErrorId != 0)
{
result.ErrorCode = "WF_GET_DATAAREAS_ENSURE_NTFS_GROUPS_FAILED";
result.ErrorMessage = $"Automatic NTFS permission group ensure failed for '{folderPath}': {ensureResult.resultMessage}";
return false;
}
await ntfsArea.ResolvePermissionGroupsAsync(folderPath);
}
return true;
}
private static bool IsAdditionalConfigurationEnabled(cLiamProviderBase provider, string key)
{
if (provider?.AdditionalConfiguration == null || string.IsNullOrWhiteSpace(key))
return false;
if (!provider.AdditionalConfiguration.TryGetValue(key, out var rawValue) || string.IsNullOrWhiteSpace(rawValue))
return false;
return rawValue.Equals("true", StringComparison.OrdinalIgnoreCase)
|| rawValue.Equals("1", StringComparison.OrdinalIgnoreCase)
|| rawValue.Equals("yes", StringComparison.OrdinalIgnoreCase);
}
private static void SetErrorFromProvider(GetDataAreasOperationResult result, cLiamProviderBase provider, string fallbackCode, string fallbackMessage)
{
var error = ExtractProviderError(provider, fallbackCode, fallbackMessage);
result.ErrorCode = error.Item1;
result.ErrorMessage = error.Item2;
}
private static void SetErrorFromProvider(GetSecurityGroupsOperationResult result, cLiamProviderBase provider, string fallbackCode, string fallbackMessage)
{
var error = ExtractProviderError(provider, fallbackCode, fallbackMessage);
result.ErrorCode = error.Item1;
result.ErrorMessage = error.Item2;
}
private static Tuple<string, string> ExtractProviderError(cLiamProviderBase provider, string fallbackCode, string fallbackMessage)
{
if (provider is cLiamProviderExchange exchangeProvider)
{
var code = exchangeProvider.GetLastErrorCode();
var message = exchangeProvider.GetLastErrorMessage();
if (!string.IsNullOrWhiteSpace(code) || !string.IsNullOrWhiteSpace(message))
{
return Tuple.Create(
string.IsNullOrWhiteSpace(code) ? fallbackCode : code,
string.IsNullOrWhiteSpace(message) ? fallbackMessage : message);
}
}
var providerMessage = provider?.GetLastErrorMessage();
return Tuple.Create(
fallbackCode,
string.IsNullOrWhiteSpace(providerMessage) ? fallbackMessage : providerMessage);
}
private static DataAreaEntry MapDataAreaEntry(cLiamDataAreaBase dataArea, string configurationId)
{
var ntfsPermissionArea = dataArea as cLiamNtfsPermissionDataAreaBase;
var ntfsFolder = dataArea as cLiamNtfsFolder;
var adGroup = dataArea as cLiamAdGroupAsDataArea;
var exchangeMailbox = dataArea as cLiamExchangeSharedMailbox;
var exchangeDistribution = dataArea as cLiamExchangeDistributionGroup;
var owner = exchangeMailbox?.OwnerGroupIdentifier
?? exchangeDistribution?.OwnerGroupIdentifier
?? adGroup?.ManagedBySID
?? ntfsPermissionArea?.OwnerGroupIdentifier
?? string.Empty;
var write = exchangeMailbox != null
? exchangeMailbox.FullAccessGroupSid
: exchangeDistribution != null
? exchangeDistribution.MemberGroupSid
: adGroup?.UID
?? ntfsPermissionArea?.WriteGroupIdentifier
?? string.Empty;
var read = exchangeMailbox != null
? exchangeMailbox.SendAsGroupSid
: ntfsPermissionArea?.ReadGroupIdentifier
?? string.Empty;
var traverse = ntfsPermissionArea?.TraverseGroupIdentifier ?? string.Empty;
var created = ntfsPermissionArea?.CreatedDate ?? DateTime.MinValue.ToString("o");
var description = adGroup?.Description ?? string.Empty;
return new DataAreaEntry
{
DisplayName = dataArea.DisplayName ?? string.Empty,
UID = dataArea.UID ?? string.Empty,
TechnicalName = dataArea.TechnicalName ?? string.Empty,
Description = description,
TargetType = ((int)dataArea.Provider.ProviderType).ToString(),
ParentUID = dataArea.ParentUID ?? string.Empty,
Level = dataArea.Level.ToString(),
Owner = owner,
Write = write,
Read = read,
Traverse = traverse,
CreatedDate = created,
ConfigurationId = configurationId ?? string.Empty,
BaseFolder = ntfsFolder?.Share?.TechnicalName ?? dataArea.Provider?.RootPath ?? string.Empty,
UniqueId = dataArea.UID ?? string.Empty,
DataAreaType = dataArea.DataType.ToString()
};
}
private static SecurityGroupEntry MapSecurityGroupEntry(cLiamDataAreaBase securityGroup)
{
var entry = new SecurityGroupEntry
{
DisplayName = securityGroup.TechnicalName,
TechnicalName = securityGroup.UID,
TargetType = ((int)securityGroup.Provider.ProviderType).ToString()
};
switch (securityGroup)
{
case cLiamAdGroup adGroup:
entry.UID = adGroup.dn;
entry.Scope = adGroup.scope;
break;
case cLiamAdGroup2 adGroup2:
entry.UID = adGroup2.dn;
entry.Scope = adGroup2.scope;
break;
case cLiamExchangeSecurityGroup exchangeGroup:
entry.UID = exchangeGroup.dn;
break;
}
return entry;
}
}
}