AD code changes

Author: cormacpayne

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/ActiveDirectoryBaseCmdlet.cs

@@ -74,11 +74,11 @@ private void HandleException(Exception exception)
                 throw exception;
             }
         }
-        
+
 
         private Exception ParseResponse(GraphErrorException graphEx) {
             int exceptionMessageIndex = graphEx.Response.Content.IndexOf("\"value\":", StringComparison.CurrentCultureIgnoreCase);
-            if (exceptionMessageIndex > 0) 
+            if (exceptionMessageIndex > 0)
             {
                 string substring = graphEx.Response.Content.Substring(exceptionMessageIndex+9);
                 // the start index is added 9, so as to remove the delimiter \"value\":\

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/ActiveDirectoryClient.cs

@@ -59,7 +59,8 @@ public static PSADObject ToPSADObject(this AADObject obj)
                     DisplayName = obj.DisplayName,
                     Type = obj.ObjectType,
                     Id = new Guid(obj.ObjectId),
-                    SecurityEnabled = obj.SecurityEnabled
+                    SecurityEnabled = obj.SecurityEnabled,
+                    MailNickname = obj.Mail
                 };
 
             }
@@ -111,7 +112,8 @@ public static PSADGroup ToPSADGroup(this ADGroup group)
                 DisplayName = group.DisplayName,
                 Id = new Guid(group.ObjectId),
                 SecurityEnabled = group.SecurityEnabled,
-                Type = group.ObjectType
+                Type = group.ObjectType,
+                MailNickname = group.Mail
             };
         }
 

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/ActiveDirectoryClientExtensions.cs

@@ -24,6 +24,6 @@ public class PSADCredential
 
         public string KeyId { get; set; }
 
-        public string Type { get; set; }        
+        public string Type { get; set; }
     }
 }

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/PSADCredential.cs

@@ -17,5 +17,7 @@ namespace Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory
     public class PSADGroup : PSADObject
     {
         public bool? SecurityEnabled { get; set; }
+
+        public string MailNickname { get; set; }
     }
 }

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/PSADGroup.cs

@@ -20,6 +20,8 @@ public static class ParameterSet
 
         public const string UPN = "UPNParameterSet";
 
+        public const string UPNOrObjectId = "UPNOrObjectIdParameterSet";
+
         public const string SPN = "SPNParameterSet";
 
         public const string SignInName = "SignInNameParameterSet";
@@ -28,6 +30,10 @@ public static class ParameterSet
 
         public const string ObjectId = "ObjectIdParameterSet";
 
+        public const string GroupObject = "GroupObjectParameterSet";
+
+        public const string ServicePrincipalObject = "ServicePrincipalObjectParameterSet";
+
         public const string Scope = "ScopeParameterSet";
 
         public const string ScopeWithSPN = "ScopeWithSPNParameterSet";
@@ -62,10 +68,24 @@ public static class ParameterSet
 
         public const string ApplicationWithKeyCredential = "ApplicationWithKeyCredentialParameterSet";
 
+        public const string ApplicationObjectWithoutCredential = "ApplicationObjectWithoutCredentialParameterSet";
+
+        public const string ApplicationObjectWithPasswordPlain = "ApplicationObjectWithPasswordPlainParameterSet";
+
+        public const string ApplicationObjectWithPasswordCredential = "ApplicationObjectWithPasswordCredentialParameterSet";
+
+        public const string ApplicationObjectWithKeyPlain = "ApplicationObjectWithKeyPlainParameterSet";
+
+        public const string ApplicationObjectWithKeyCredential = "ApplicationObjectWithKeyCredentialParameterSet";
+
         public const string ApplicationObjectIdWithPassword = "ApplicationObjectIdWithPasswordParameterSet";
 
         public const string ApplicationObjectIdWithCertValue = "ApplicationObjectIdWithCertValueParameterSet";
 
+        public const string ApplicationObjectWithPassword = "ApplicationObjectWithPasswordParameterSet";
+
+        public const string ApplicationObjectWithCertValue = "ApplicationObjectWithCertValueParameterSet";
+
         public const string ApplicationIdWithPassword = "ApplicationIdWithPasswordParameterSet";
 
         public const string ApplicationIdWithCertValue = "ApplicationIdWithCertValueParameterSet";
@@ -74,6 +94,10 @@ public static class ParameterSet
 
         public const string InputFile = "InputFileParameterSet";
 
+        public const string InputObject = "InputObjectParameterSet";
+
+        public const string InputObjectWithUpdateParams = "InputObjectWithUpdateParamsParameterSet";
+
         public const string RoleDefinition = "RoleDefinitionParameterSet";
 
         public const string RoleDefinitionName = "RoleDefinitionNameParameterSet";
@@ -86,6 +110,10 @@ public static class ParameterSet
 
         public const string ApplicationObjectId = "ApplicationObjectIdParameterSet";
 
+        public const string ApplicationObject = "ApplicationObjectParameterSet";
+
+        public const string ApplicationObjectWithKeyId = "ApplicationObjectWithKeyIdParameterSet";
+
         public const string ApplicationId = "ApplicationIdParameterSet";
 
         public const string ApplicationDisplayName = "ApplicationDisplayNameParameterSet";
@@ -108,6 +136,10 @@ public static class ParameterSet
 
         public const string SPNWithPassword = "SPNWithPasswordParameterSet";
 
+        public const string ServicePrincipalObjectWithCertValue = "ServicePrincipalObjectWithCertValueParameterSet";
+
+        public const string ServicePrincipalObjectWithPassword = "ServicePrincipalObjectWithPasswordParameterSet";
+
         public const string ObjectIdWithKeyId = "ObjectIdWithKeyIdParameterSet";
 
         public const string ObjectIdWithAll = "ObjectIdWithAllParameterSet";
@@ -116,6 +148,8 @@ public static class ParameterSet
 
         public const string SPNWithAll = "SPNWithAllParameterSet";
 
+        public const string SPNObject = "SPNObjectParameterSet";
+
         public const string ApplicationObjectIdWithUpdateParams = "ApplicationObjectIdWithUpdateParamsParameterSet";
 
         public const string ApplicationIdWithUpdateParams = "ApplicationIdWithUpdateParamsParameterSet";
@@ -132,8 +166,14 @@ public static class ParameterSet
 
         public const string SpObjectIdWithDisplayName = "SpObjectIdWithDisplayNameParameterSet";
 
+        public const string SpApplicationIdWithDisplayName = "SpApplicationIdWithDisplayNameParameterSet";
+
+        public const string InputObjectWithDisplayName = "InputObjectWithDisplayNameParameterSet";
+
         public const string SPNWithDisplayName = "SPNWithDisplayNameParameterSet";
 
 		public const string RoleAssignment = "RoleAssignmentParameterSet";
+
+        public const string Explicit = "ExplicitParameterSet";
 	}
 }

src/Common/Commands.Common.Graph.RBAC/ActiveDirectory/ParameterSet.cs

@@ -141,6 +141,9 @@
   <data name="ServicePrincipalDoesntExist" xml:space="preserve">
     <value>Service principal with object id '{0}' does not exist.</value>
   </data>
+  <data name="ServicePrincipalWithAppIdDoesntExist" xml:space="preserve">
+    <value>Service principal with AppId '{0}' does not exist.</value>
+  </data>
   <data name="ServicePrincipalWithSPNDoesntExist" xml:space="preserve">
     <value>Service principal with SPN '{0}' does not exist.</value>
   </data>

src/Common/Commands.Common.Graph.RBAC/Properties/Resources.Designer.cs

@@ -265,7 +265,8 @@ private string GetObjectIdBySpn(string spn)
             if (!string.IsNullOrWhiteSpace(spn))
             {
 #if NETSTANDARD
-                var servicePrincipal = ActiveDirectoryClient.FilterServicePrincipals(new ADObjectFilterOptions() { SPN = spn }).SingleOrDefault();
+                var odataQuery = new Rest.Azure.OData.ODataQuery<Graph.RBAC.Version1_6.Models.ServicePrincipal>(s => s.ServicePrincipalNames.Contains(spn));
+                var servicePrincipal = ActiveDirectoryClient.FilterServicePrincipals(odataQuery).SingleOrDefault();
                 objId = servicePrincipal?.Id.ToString();
 #else
                 var servicePrincipal = ActiveDirectoryClient.ServicePrincipals.Where(s =>

src/Common/Commands.Common.Graph.RBAC/Properties/Resources.resx

@@ -113,7 +113,8 @@ public static string GetDisplayNameForADObject(string objectId, ActiveDirectoryC
                     }
                     else if (obj.Type.Equals("serviceprincipal", StringComparison.InvariantCultureIgnoreCase))
                     {
-                        var servicePrincipal = adClient.FilterServicePrincipals(new ADObjectFilterOptions { Id = objectId }).FirstOrDefault();
+                        var odataQuery = new Rest.Azure.OData.ODataQuery<Graph.RBAC.Version1_6.Models.ServicePrincipal>(s => s.ObjectId == objectId);
+                        var servicePrincipal = adClient.FilterServicePrincipals(odataQuery).FirstOrDefault();
                         displayName = servicePrincipal.DisplayName;
                         upnOrSpn = servicePrincipal.ServicePrincipalNames.FirstOrDefault();
                     }

src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs

@@ -0,0 +1,75 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
+using Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory;
+using Microsoft.Azure.Graph.RBAC.Version1_6.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.ActiveDirectory
+{
+    /// <summary>
+    /// Adds a user to a group.
+    /// </summary>
+    [Cmdlet(VerbsCommon.Add, "AzureRmADGroupMember", SupportsShouldProcess = true, DefaultParameterSetName = ParameterSet.Explicit), OutputType(typeof(bool))]
+    public class AddAzureADGroupMemberCommand : ActiveDirectoryBaseCmdlet
+    {
+        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Explicit, HelpMessage = "The object id of the member.")]
+        [Parameter(Mandatory = true, ParameterSetName = ParameterSet.GroupObject, HelpMessage = "The object id of the member.")]
+        [ValidateNotNullOrEmpty]
+        public Guid MemberObjectId { get; set; }
+
+        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Explicit, HelpMessage = "The object id of the group to add the member to.")]
+        [ValidateNotNullOrEmpty]
+        public Guid GroupObjectId { get; set; }
+
+        [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = ParameterSet.GroupObject, HelpMessage = "The object representation of the group to add the member to.")]
+        [ValidateNotNullOrEmpty]
+        public PSADGroup GroupObject { get; set; }
+
+        [Parameter(Mandatory = true)]
+        public SwitchParameter PassThru { get; set; }
+
+        public override void ExecuteCmdlet()
+        {
+            ExecutionBlock(() =>
+            {
+                if (this.IsParameterBound(c => GroupObject))
+                {
+                    GroupObjectId = GroupObject.Id;
+                }
+
+                var groupAddMemberParams = new GroupAddMemberParameters()
+                {
+                    Url = string.Format("{0}/{1}/directoryObjects/{2}",
+                                            AzureEnvironmentConstants.AzureGraphEndpoint,
+                                            AzureRmProfileProvider.Instance.Profile.DefaultContext.Tenant,
+                                            MemberObjectId)
+                };
+
+                if (ShouldProcess(target: MemberObjectId.ToString(), action: string.Format("Adding user with object id '{0}' to group with object id '{1}'.", MemberObjectId, GroupObjectId)))
+                {
+                    ActiveDirectoryClient.AddGroupMember(GroupObjectId.ToString(), groupAddMemberParams);
+                }
+
+                if (PassThru.IsPresent)
+                {
+                    WriteObject(true);
+                }
+            });
+        }
+    }
+}

src/ResourceManager/KeyVault/Commands.KeyVault/Models/ModelExtensions.cs

@@ -13,6 +13,8 @@
 // ----------------------------------------------------------------------------------
 
 using Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System;
 using System.Management.Automation;
 
 namespace Microsoft.Azure.Commands.ActiveDirectory
@@ -25,19 +27,27 @@ public class GetAzureADAppCredentialCommand : ActiveDirectoryBaseCmdlet
     {
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationObjectId, HelpMessage = "The application object id.")]
         [ValidateNotNullOrEmpty]
-        public string ObjectId { get; set; }
+        public Guid ObjectId { get; set; }
 
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationId, HelpMessage = "The application id.")]
         [ValidateNotNullOrEmpty]
-        public string ApplicationId { get; set; }
+        public Guid ApplicationId { get; set; }
+
+        [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = ParameterSet.ApplicationObject, HelpMessage = "The application object.")]
+        [ValidateNotNullOrEmpty]
+        public PSADApplication ApplicationObject { get; set; }
 
         public override void ExecuteCmdlet()
         {
             ExecutionBlock(() =>
             {
-                if (!string.IsNullOrEmpty(ApplicationId))
+                if (this.IsParameterBound(c => c.ApplicationObject))
+                {
+                    ObjectId = ApplicationObject.ObjectId;
+                }
+                else if (this.IsParameterBound(c => c.ApplicationId))
                 {
-                    ObjectId = ActiveDirectoryClient.GetObjectIdFromApplicationId(ApplicationId);
+                    ObjectId = ActiveDirectoryClient.GetAppObjectIdFromApplicationId(ApplicationId);
                 }
 
                 WriteObject(ActiveDirectoryClient.GetAppCredentials(ObjectId), enumerateCollection: true);

src/ResourceManager/Resources/Commands.Resources/ActiveDirectory/AddAzureADGroupMemberCommand.cs

@@ -15,6 +15,7 @@
 using Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory;
 using Microsoft.Azure.Graph.RBAC.Version1_6.Models;
 using Microsoft.WindowsAzure.Commands.Common;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using System;
 using System.Collections.Generic;
 using System.Management.Automation;
@@ -24,7 +25,7 @@ namespace Microsoft.Azure.Commands.ActiveDirectory
     /// <summary>
     /// Gets the AD application.
     /// </summary>
-    [Cmdlet(VerbsCommon.Get, "AzureRmADApplication", DefaultParameterSetName = ParameterSet.Empty), OutputType(typeof(List<PSADApplication>))]
+    [Cmdlet(VerbsCommon.Get, "AzureRmADApplication", DefaultParameterSetName = ParameterSet.Empty, SupportsPaging = true), OutputType(typeof(List<PSADApplication>))]
     public class GetAzureADApplicationCommand : ActiveDirectoryBaseCmdlet
     {
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationObjectId, HelpMessage = "The application object id.")]
@@ -47,29 +48,31 @@ public override void ExecuteCmdlet()
         {
             ExecutionBlock(() =>
             {
-                if (ObjectId != Guid.Empty)
+                if (this.IsParameterBound(c => c.ObjectId))
                 {
-                    WriteObject(ActiveDirectoryClient.GetApplication(ObjectId.ToString()));
+                    WriteObject(ActiveDirectoryClient.GetApplication(ObjectId));
                 }
                 else
                 {
                     Rest.Azure.OData.ODataQuery<Application> odataQueryFilter = new Rest.Azure.OData.ODataQuery<Application>();
 
-                    if (ApplicationId != Guid.Empty)
+                    if (this.IsParameterBound(c => c.ApplicationId))
                     {
                         string appId = ApplicationId.ToString();
                         odataQueryFilter = new Rest.Azure.OData.ODataQuery<Application>(a => a.AppId == appId);
                     }
-                    else if (!string.IsNullOrEmpty(DisplayNameStartWith))
+                    else if (this.IsParameterBound(c => c.DisplayNameStartWith))
                     {
                         odataQueryFilter = new Rest.Azure.OData.ODataQuery<Application>(a => a.DisplayName.StartsWith(DisplayNameStartWith));
                     }
-                    else if (!string.IsNullOrEmpty(IdentifierUri))
+                    else if (this.IsParameterBound(c => c.IdentifierUri))
                     {
                         odataQueryFilter = new Rest.Azure.OData.ODataQuery<Application>(a => a.IdentifierUris.Contains(IdentifierUri));
                     }
 
-                    WriteObject(ActiveDirectoryClient.GetApplicationWithFilters(odataQueryFilter), enumerateCollection: true);
+                    ulong first = MyInvocation.BoundParameters.ContainsKey("First") ? this.PagingParameters.First : ulong.MaxValue;
+                    ulong skip = MyInvocation.BoundParameters.ContainsKey("Skip") ? this.PagingParameters.Skip : 0;
+                    WriteObject(ActiveDirectoryClient.GetApplicationWithFilters(odataQueryFilter, first, skip), enumerateCollection: true);
                 }
             });
         }

src/ResourceManager/Resources/Commands.Resources/ActiveDirectory/GetAzureADAppCredentialCommand.cs

@@ -22,7 +22,7 @@ namespace Microsoft.Azure.Commands.ActiveDirectory
     /// <summary>
     /// Get AD groups.
     /// </summary>
-    [Cmdlet(VerbsCommon.Get, "AzureRmADGroup", DefaultParameterSetName = ParameterSet.Empty), OutputType(typeof(List<PSADGroup>))]
+    [Cmdlet(VerbsCommon.Get, "AzureRmADGroup", DefaultParameterSetName = ParameterSet.Empty, SupportsPaging = true), OutputType(typeof(List<PSADGroup>))]
     public class GetAzureADGroupCommand : ActiveDirectoryBaseCmdlet
     {
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.SearchString,
@@ -48,11 +48,9 @@ public override void ExecuteCmdlet()
                     Paging = true
                 };
 
-                do
-                {
-                    WriteObject(ActiveDirectoryClient.FilterGroups(options), true);
-                } while (!string.IsNullOrEmpty(options.NextLink));
-
+                ulong first = MyInvocation.BoundParameters.ContainsKey("First") ? this.PagingParameters.First : ulong.MaxValue;
+                ulong skip = MyInvocation.BoundParameters.ContainsKey("Skip") ? this.PagingParameters.Skip : 0;
+                WriteObject(ActiveDirectoryClient.FilterGroups(options, first, skip), true);
             });
         }
     }