using library_spo_utils.Interfaces.Services; using Microsoft.Extensions.Logging; using Microsoft.SharePoint.Client; namespace library_spo_utils.Services { internal class RightsService : IRightsService { private readonly ILogger logger; public RightsService(ILogger logger) { this.logger = logger; } #region Rights public void DomainGroupRights(ClientContext ctx, string tenantName, string docLibName = "") { #region Groups & Privileges var itsAdGroupDictionary = new Dictionary() { { "ITS-SPO-PROJ-OWNER", "Full Control" }, { "ITS-SPO-PROJ-DESIGN", "Design" }, { "ITS-SPO-PROJ-MODIFY", "Edit" }, { "ITS-SPO-PROJ-COLLABORATE", "Contribute" }, { "ITS-SPO-PROJ-READ", "Read" } }; var itsAdGruopSalesRole = new Dictionary() { { "ITS-SPO-PROJ-OWNER", "Full Control" }, { "ITS-SPO-PROJ-SALES-MODIFY", "Edit" }, { "ITS-SPO-PROJ-SALES-READ", "Read" } }; var itsAdGruopNCRole = new Dictionary() { { "ITS-SPO-NC-OWNER", "Full Control" }, { "ITS-SPO-NC-MODIFY", "Edit" }, { "ITS-SPO-NC-READ", "Read" } }; #endregion logger.LogInformation("> Inizializzata la fase di assegnazione dei ruoli."); try { if (tenantName.Contains("Commesse")) { #region Site Permission Create var web = ctx.Web; foreach (var role in itsAdGroupDictionary) { var adGroup = web.EnsureUser(role.Key); ctx.Load(adGroup); var roleD = web.RoleDefinitions.GetByName(role.Value); var roleDb = new RoleDefinitionBindingCollection(ctx) { roleD }; web.RoleAssignments.Add(adGroup, roleDb); web.Update(); } ctx.ExecuteQuery(); logger.LogInformation("> Completata la fase di assegnazione dei ruoli."); #endregion } else if (tenantName.Contains("Offerte")) { #region Site Permission Quotation var web = ctx.Web; foreach (var role in itsAdGruopSalesRole) { var adGroup = web.EnsureUser(role.Key); ctx.Load(adGroup); var roleD = web.RoleDefinitions.GetByName(role.Value); var roleDb = new RoleDefinitionBindingCollection(ctx) { roleD }; web.RoleAssignments.Add(adGroup, roleDb); web.Update(); } ctx.ExecuteQuery(); logger.LogInformation("> Completata la fase di assegnazione dei ruoli."); #endregion } else if (tenantName.Contains("Conformità")) { #region Site Permission Quotation var web = ctx.Web; foreach (var role in itsAdGruopNCRole) { var adGroup = web.EnsureUser(role.Key); ctx.Load(adGroup); var roleD = web.RoleDefinitions.GetByName(role.Value); var roleDb = new RoleDefinitionBindingCollection(ctx) { roleD }; web.RoleAssignments.Add(adGroup, roleDb); web.Update(); } ctx.ExecuteQuery(); logger.LogInformation("> Completata la fase di assegnazione dei ruoli."); #endregion } else if (!string.IsNullOrEmpty(docLibName)) { #region DocLib Permission var web = ctx.Web; var list = web.Lists.GetByTitle(docLibName); ctx.Load(list); list.BreakRoleInheritance(false, true); ctx.ExecuteQuery(); foreach (var role in itsAdGruopSalesRole) { var adGroup = web.EnsureUser(role.Key); ctx.Load(adGroup); var roleD = web.RoleDefinitions.GetByName(role.Value); var roleDb = new RoleDefinitionBindingCollection(ctx) { roleD }; list.RoleAssignments.Add(adGroup, roleDb); list.Update(); } ctx.ExecuteQuery(); logger.LogInformation($"> Completata la fase di assegnazione dei ruoli in {docLibName}."); #endregion } } catch (Exception ex) { logger.LogError("Rights Service", ex); } } #endregion } }