зеркало из https://github.com/Azure/AzureGraph.git
refactor to use base object class
This commit is contained in:
Родитель
dc94d2f1a6
Коммит
f509ea503c
|
@ -2,6 +2,7 @@
|
|||
|
||||
export(az_app)
|
||||
export(az_group)
|
||||
export(az_object)
|
||||
export(az_service_principal)
|
||||
export(az_user)
|
||||
export(call_graph_endpoint)
|
||||
|
|
54
R/az_app.r
54
R/az_app.r
|
@ -13,6 +13,8 @@
|
|||
#' - `delete(confirm=TRUE)`: Delete an app. By default, ask for confirmation first.
|
||||
#' - `update(...)`: Update the app data in Azure Active Directory. For what properties can be updated, consult the REST API documentation link below.
|
||||
#' - `sync_fields()`: Synchronise the R object with the app data in Azure Active Directory.
|
||||
#' - `list_group_memberships()`: Return the IDs of all groups this app is a member of.
|
||||
#' - `list_object_memberships()`: Return the IDs of all groups, administrative units and directory roles this app is a member of.
|
||||
#' - `create_service_principal(...)`: Create a service principal for this app, by default in the current tenant.
|
||||
#' - `get_service_principal()`: Get the service principal for this app.
|
||||
#' - `delete_service_principal(confirm=TRUE)`: Delete the service principal for this app. By default, ask for confirmation first.
|
||||
|
@ -25,7 +27,7 @@
|
|||
#' [REST API reference](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta)
|
||||
#'
|
||||
#' @seealso
|
||||
#' [ms_graph], [az_service_principal], [az_user], [az_group]
|
||||
#' [ms_graph], [az_service_principal], [az_user], [az_group], [az_object]
|
||||
#'
|
||||
#' @examples
|
||||
#' \dontrun{
|
||||
|
@ -56,41 +58,19 @@
|
|||
#' app$update(displayName="MyRenamedApp")
|
||||
#'
|
||||
#' }
|
||||
#' @format An R6 object of class `az_app`.
|
||||
#' @format An R6 object of class `az_app`, inheriting from `az_object`.
|
||||
#' @export
|
||||
az_app <- R6::R6Class("az_app",
|
||||
az_app <- R6::R6Class("az_app", inherit=az_object,
|
||||
|
||||
public=list(
|
||||
|
||||
token=NULL,
|
||||
tenant=NULL,
|
||||
|
||||
# app data from server
|
||||
properties=NULL,
|
||||
|
||||
password=NULL,
|
||||
|
||||
initialize=function(token, tenant=NULL, properties=NULL, password=NULL)
|
||||
{
|
||||
self$token <- token
|
||||
self$tenant <- tenant
|
||||
self$properties <- properties
|
||||
self$type <- "application"
|
||||
self$password <- password
|
||||
},
|
||||
|
||||
delete=function(confirm=TRUE)
|
||||
{
|
||||
if(confirm && interactive())
|
||||
{
|
||||
msg <- paste0("Do you really want to delete the app '", self$properties$displayName, "'? (y/N) ")
|
||||
yn <- readline(msg)
|
||||
if(tolower(substr(yn, 1, 1)) != "y")
|
||||
return(invisible(NULL))
|
||||
}
|
||||
|
||||
op <- file.path("applications", self$properties$id)
|
||||
self$graph_op(op, http_verb="DELETE")
|
||||
invisible(NULL)
|
||||
super$initialize(token, tenant, properties)
|
||||
},
|
||||
|
||||
update_password=function(password=NULL, name="key1", password_duration=1)
|
||||
|
@ -122,21 +102,6 @@ public=list(
|
|||
password
|
||||
},
|
||||
|
||||
update=function(...)
|
||||
{
|
||||
op <- file.path("applications", self$properties$id)
|
||||
self$graph_op(op, body=list(...), encode="json", http_verb="PATCH")
|
||||
self$properties <- self$graph_op(op)
|
||||
self
|
||||
},
|
||||
|
||||
sync_fields=function()
|
||||
{
|
||||
op <- file.path("applications", self$properties$id)
|
||||
self$properties <- self$graph_op(op)
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
create_service_principal=function(...)
|
||||
{
|
||||
properties <- modifyList(list(...), list(appId=self$properties$appId))
|
||||
|
@ -169,10 +134,5 @@ public=list(
|
|||
cat(" directory id:", self$properties$id, "\n")
|
||||
cat(" domain:", self$properties$publisherDomain, "\n")
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
graph_op=function(op="", ...)
|
||||
{
|
||||
call_graph_endpoint(self$token, op, ...)
|
||||
}
|
||||
))
|
||||
|
|
82
R/az_group.R
82
R/az_group.R
|
@ -11,80 +11,51 @@
|
|||
#' - `new(...)`: Initialize a new group object. Do not call this directly; see 'Initialization' below.
|
||||
#' - `delete(confirm=TRUE)`: Delete a group. By default, ask for confirmation first.
|
||||
#' - `update(...)`: Update the group information in Azure Active Directory.
|
||||
#' - `sync_fields()`: Synchronise the R object with the app data in Azure Active Directory.
|
||||
#' - `list_group_memberships()`: Return the IDs of all groups this group is a member of.
|
||||
#' - `list_object_memberships()`: Return the IDs of all groups, administrative units and directory roles this group is a member of.
|
||||
#' - `list_members()`: Return a list of all members of this group.
|
||||
#' - `list_owners()`: Return a list of all owners of this group.
|
||||
#' - `sync_fields()`: Synchronise the R object with the app data in Azure Active Directory.
|
||||
#'
|
||||
#' @section Initialization:
|
||||
#' Creating new objects of this class should be done via the `create_group` and `get_group` methods of the [ms_graph] and [az_app] classes. Calling the `new()` method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual group.
|
||||
#'
|
||||
#' @seealso
|
||||
#' [ms_graph], [az_app], [az_user]
|
||||
#' [ms_graph], [az_app], [az_user], [az_object]
|
||||
#'
|
||||
#' [Microsoft Graph overview](https://docs.microsoft.com/en-us/graph/overview),
|
||||
#' [REST API reference](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta)
|
||||
#'
|
||||
#' @format An R6 object of class `az_group`.
|
||||
#' @examples
|
||||
#' \dontrun{
|
||||
#'
|
||||
#' gr <- get_graph_login()
|
||||
#' usr <- gr$get_user("myname@aadtenant.com")
|
||||
#'
|
||||
#' grps <- usr$list_direct_memberships()
|
||||
#' grp <- grp[[1]]
|
||||
#'
|
||||
#' grp$list_members()
|
||||
#' grp$list_owners()
|
||||
#'
|
||||
#' }
|
||||
#' @format An R6 object of class `az_group`, inheriting from `az_object`.
|
||||
#' @export
|
||||
az_group <- R6::R6Class("az_group",
|
||||
az_group <- R6::R6Class("az_group", inherit=az_object,
|
||||
|
||||
public=list(
|
||||
|
||||
token=NULL,
|
||||
tenant=NULL,
|
||||
|
||||
# app data from server
|
||||
properties=NULL,
|
||||
|
||||
initialize=function(token, tenant=NULL, properties=NULL)
|
||||
{
|
||||
self$token <- token
|
||||
self$tenant <- tenant
|
||||
self$properties <- properties
|
||||
},
|
||||
|
||||
update=function(...)
|
||||
{
|
||||
op <- file.path("groups", self$properties$id)
|
||||
self$graph_op(op, body=list(...), encode="json", http_verb="PATCH")
|
||||
self$properties <- self$graph_op(op)
|
||||
self
|
||||
},
|
||||
|
||||
sync_fields=function()
|
||||
{
|
||||
op <- file.path("groups", self$properties$id)
|
||||
self$properties <- self$graph_op(op)
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
delete=function(confirm=TRUE)
|
||||
{
|
||||
if(confirm && interactive())
|
||||
{
|
||||
msg <- paste0("Do you really want to delete the group '", self$properties$displayName,
|
||||
"'? (y/N) ")
|
||||
yn <- readline(msg)
|
||||
if(tolower(substr(yn, 1, 1)) != "y")
|
||||
return(invisible(NULL))
|
||||
}
|
||||
|
||||
op <- file.path("groups", self$properties$id)
|
||||
self$graph_op(op, http_verb="DELETE")
|
||||
invisible(NULL)
|
||||
self$type <- "group"
|
||||
super$initialize(token, tenant, properties)
|
||||
},
|
||||
|
||||
list_members=function()
|
||||
{
|
||||
op <- file.path("groups", self$properties$id, "members")
|
||||
lst <- self$graph_op(op)
|
||||
|
||||
res <- lst$value
|
||||
while(!is_empty(lst$`@odata.nextLink`))
|
||||
{
|
||||
lst <- call_graph_url(self$token, lst$`@odata.nextLink`)
|
||||
res <- c(res, lst$value)
|
||||
}
|
||||
res <- get_paged_list(lst, self$token)
|
||||
|
||||
lapply(res, function(obj)
|
||||
{
|
||||
|
@ -107,9 +78,7 @@ public=list(
|
|||
list_owners=function()
|
||||
{
|
||||
op <- file.path("groups", self$properties$id, "owners")
|
||||
lst <- self$graph_op(op)
|
||||
|
||||
res <- lst$value
|
||||
res <- self$graph_op(op)$value
|
||||
lapply(res, function(obj) az_user$new(self$token, self$tenant, obj))
|
||||
},
|
||||
|
||||
|
@ -119,10 +88,5 @@ public=list(
|
|||
cat(" directory id:", self$properties$id, "\n")
|
||||
cat(" description:", self$properties$description, "\n")
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
graph_op=function(op="", ...)
|
||||
{
|
||||
call_graph_endpoint(self$token, op, ...)
|
||||
}
|
||||
))
|
||||
|
|
|
@ -0,0 +1,135 @@
|
|||
#' Azure Active Directory object
|
||||
#'
|
||||
#' Base class representing a directory object in Microsoft Graph.
|
||||
#'
|
||||
#' @docType class
|
||||
#' @section Fields:
|
||||
#' - `token`: The token used to authenticate with the Graph host.
|
||||
#' - `tenant`: The Azure Active Directory tenant for this group.
|
||||
#' - `type`: The type of object: user, group, application or service principal.
|
||||
#' - `properties`: The group properties.
|
||||
#' @section Methods:
|
||||
#' - `new(...)`: Initialize a new group object. Do not call this directly; see 'Initialization' below.
|
||||
#' - `delete(confirm=TRUE)`: Delete a group. By default, ask for confirmation first.
|
||||
#' - `update(...)`: Update the group information in Azure Active Directory.
|
||||
#' - `sync_fields()`: Synchronise the R object with the app data in Azure Active Directory.
|
||||
#' - `list_group_memberships()`: Return the IDs of all groups this object is a member of.
|
||||
#' - `list_object_memberships()`: Return the IDs of all groups, administrative units and directory roles this object is a member of.
|
||||
#'
|
||||
#' @section Initialization:
|
||||
#' Objects of this class should not be created directly. Instead, create an object of the appropriate subclass: [az_app], [az_service_principal], [az_user], [az_group].
|
||||
#'
|
||||
#' @seealso
|
||||
#' [ms_graph], [az_app], [az_service_principal], [az_user], [az_group]
|
||||
#'
|
||||
#' [Microsoft Graph overview](https://docs.microsoft.com/en-us/graph/overview),
|
||||
#' [REST API reference](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta)
|
||||
#'
|
||||
#' @format An R6 object of class `az_object`.
|
||||
#' @export
|
||||
az_object <- R6::R6Class("az_object",
|
||||
|
||||
public=list(
|
||||
|
||||
token=NULL,
|
||||
tenant=NULL,
|
||||
type=NULL,
|
||||
|
||||
# app data from server
|
||||
properties=NULL,
|
||||
|
||||
initialize=function(token, tenant=NULL, properties=NULL)
|
||||
{
|
||||
self$token <- token
|
||||
self$tenant <- tenant
|
||||
self$properties <- properties
|
||||
},
|
||||
|
||||
update=function(...)
|
||||
{
|
||||
op <- file.path(private$get_endpoint(), self$properties$id)
|
||||
self$graph_op(op, body=list(...), encode="json", http_verb="PATCH")
|
||||
self$properties <- self$graph_op(op)
|
||||
self
|
||||
},
|
||||
|
||||
sync_fields=function()
|
||||
{
|
||||
op <- file.path(private$get_endpoint(), self$properties$id)
|
||||
self$properties <- self$graph_op(op)
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
delete=function(confirm=TRUE)
|
||||
{
|
||||
if(confirm && interactive())
|
||||
{
|
||||
msg <- sprintf("Do you really want to delete the %s '%s'? (y/N) ",
|
||||
self$type, self$properties$displayName)
|
||||
yn <- readline(msg)
|
||||
if(tolower(substr(yn, 1, 1)) != "y")
|
||||
return(invisible(NULL))
|
||||
}
|
||||
|
||||
op <- file.path(private$get_endpoint(), self$properties$id)
|
||||
self$graph_op(op, http_verb="DELETE")
|
||||
invisible(NULL)
|
||||
},
|
||||
|
||||
list_object_memberships=function()
|
||||
{
|
||||
op <- file.path(private$get_endpoint(), self$properties$id, "getMemberObjects")
|
||||
lst <- self$graph_op(op, body=list(securityEnabledOnly=TRUE),
|
||||
encode="json", http_verb="POST")
|
||||
|
||||
unlist(get_paged_list(lst, self$token))
|
||||
},
|
||||
|
||||
list_group_memberships=function()
|
||||
{
|
||||
op <- file.path(private$get_endpoint(), self$properties$id, "getMemberGroups")
|
||||
lst <- self$graph_op(op, body=list(securityEnabledOnly=TRUE),
|
||||
encode="json", http_verb="POST")
|
||||
|
||||
unlist(get_paged_list(lst, self$token))
|
||||
},
|
||||
|
||||
graph_op=function(op="", ...)
|
||||
{
|
||||
call_graph_endpoint(self$token, op, ...)
|
||||
},
|
||||
|
||||
print=function(...)
|
||||
{
|
||||
cat("<Graph directory object '", self$properties$displayName, "'>\n", sep="")
|
||||
cat(" directory id:", self$properties$id, "\n")
|
||||
invisible(self)
|
||||
}
|
||||
),
|
||||
|
||||
private=list(
|
||||
|
||||
get_endpoint=function()
|
||||
{
|
||||
switch(self$type,
|
||||
"user"="users",
|
||||
"group"="groups",
|
||||
"application"="applications",
|
||||
"service principal"="servicePrincipals",
|
||||
stop("Unknown directory object type"))
|
||||
}
|
||||
))
|
||||
|
||||
|
||||
get_paged_list <- function(lst, token, next_link_name="@odata.nextLink", value_name="value")
|
||||
{
|
||||
res <- lst[[value_name]]
|
||||
while(!is_empty(lst[[next_link_name]]))
|
||||
{
|
||||
lst <- call_graph_url(token, lst[[next_link_name]])
|
||||
res <- c(res, lst[[value_name]])
|
||||
}
|
||||
res
|
||||
}
|
||||
|
||||
|
|
@ -10,49 +10,30 @@
|
|||
#' @section Methods:
|
||||
#' - `new(...)`: Initialize a new service principal object. Do not call this directly; see 'Initialization' below.
|
||||
#' - `delete(confirm=TRUE)`: Delete a service principal. By default, ask for confirmation first.
|
||||
#' - `update(...)`: Update the service principal information in Azure Active Directory.
|
||||
#' - `sync_fields()`: Synchronise the R object with the service principal data in Azure Active Directory.
|
||||
#' - `list_group_memberships()`: Return the IDs of all groups this service principal is a member of.
|
||||
#' - `list_object_memberships()`: Return the IDs of all groups, administrative units and directory roles this service principal is a member of.
|
||||
#'
|
||||
#' @section Initialization:
|
||||
#' Creating new objects of this class should be done via the `create_service_principal` and `get_service_principal` methods of the [ms_graph] and [az_app] classes. Calling the `new()` method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual service principal.
|
||||
#'
|
||||
#' @seealso
|
||||
#' [ms_graph], [az_app]
|
||||
#' [ms_graph], [az_app], [az_object]
|
||||
#'
|
||||
#' [Azure Microsoft Graph overview](https://docs.microsoft.com/en-us/graph/overview),
|
||||
#' [REST API reference](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta)
|
||||
#'
|
||||
#' @format An R6 object of class `az_service_principal`.
|
||||
#' @format An R6 object of class `az_service_principal`, inheriting from `az_object`.
|
||||
#' @export
|
||||
az_service_principal <- R6::R6Class("az_service_principal",
|
||||
az_service_principal <- R6::R6Class("az_service_principal", inherit=az_object,
|
||||
|
||||
public=list(
|
||||
|
||||
token=NULL,
|
||||
tenant=NULL,
|
||||
|
||||
# app data from server
|
||||
properties=NULL,
|
||||
|
||||
initialize=function(token, tenant=NULL, properties=NULL)
|
||||
{
|
||||
self$token <- token
|
||||
self$tenant <- tenant
|
||||
self$properties <- properties
|
||||
},
|
||||
|
||||
delete=function(confirm=TRUE)
|
||||
{
|
||||
if(confirm && interactive())
|
||||
{
|
||||
msg <- paste0("Do you really want to delete the service principal '", self$properties$displayName,
|
||||
"'? (y/N) ")
|
||||
yn <- readline(msg)
|
||||
if(tolower(substr(yn, 1, 1)) != "y")
|
||||
return(invisible(NULL))
|
||||
}
|
||||
|
||||
op <- file.path("servicePrincipals", self$properties$id)
|
||||
self$graph_op(op, http_verb="DELETE")
|
||||
invisible(NULL)
|
||||
self$type <- "service principal"
|
||||
super$initialize(token, tenant, properties)
|
||||
},
|
||||
|
||||
print=function(...)
|
||||
|
@ -62,10 +43,5 @@ public=list(
|
|||
cat(" directory id:", self$properties$id, "\n")
|
||||
cat(" app tenant:", self$properties$appOwnerOrganizationId, "\n")
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
graph_op=function(op="", ...)
|
||||
{
|
||||
call_graph_endpoint(self$token, op, ...)
|
||||
}
|
||||
))
|
||||
|
|
123
R/az_user.R
123
R/az_user.R
|
@ -12,38 +12,43 @@
|
|||
#' - `delete(confirm=TRUE)`: Delete a user account. By default, ask for confirmation first.
|
||||
#' - `update(...)`: Update the user information in Azure Active Directory.
|
||||
#' - `sync_fields()`: Synchronise the R object with the app data in Azure Active Directory.
|
||||
#' - `list_group_memberships()`: Return the IDs of all groups this user is a member of.
|
||||
#' - `list_object_memberships()`: Return the IDs of all groups, administrative units and directory roles this user is a member of.
|
||||
#' - `list_direct_memberships(id_only=TRUE)`: List the groups this user is a direct member of. Set `id_only=TRUE` to return only a vector of group IDs (the default), or `id_only=FALSE` to return a list of group objects.
|
||||
#' - `reset_password(password=NULL, force_password_change=TRUE): Resets a user password. By default the new password will be randomly generated, and must be changed at next login.
|
||||
#' - `list_group_memberships(direct_only=TRUE, id_only=TRUE)`: List the groups this user is a member of. Set `direct_only=FALSE` to get a _transitive_ list of memberships, ie including groups that the user's groups are members of. Set `id_only=TRUE` to return only a vector of group IDs (the default), or `id_only=FALSE` to return a list of group objects (which will be slow for a transitive list).
|
||||
#'
|
||||
#' @section Initialization:
|
||||
#' Creating new objects of this class should be done via the `create_user` and `get_user` methods of the [ms_graph] and [az_app] classes. Calling the `new()` method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual user account.
|
||||
#'
|
||||
#' @seealso
|
||||
#' [ms_graph], [az_app], [az_group]
|
||||
#' [ms_graph], [az_app], [az_group], [az_object]
|
||||
#'
|
||||
#' [Microsoft Graph overview](https://docs.microsoft.com/en-us/graph/overview),
|
||||
#' [REST API reference](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta)
|
||||
#'
|
||||
#' @format An R6 object of class `az_user`.
|
||||
#' @examples
|
||||
#' \dontrun{
|
||||
#'
|
||||
#' gr <- get_graph_login()
|
||||
#' usr <- gr$get_user("myname@aadtenant.com")
|
||||
#'
|
||||
#' grps <- usr$list_direct_memberships()
|
||||
#' head(grps)
|
||||
#'
|
||||
#' }
|
||||
#' @format An R6 object of class `az_user`, inheriting from `az_object`.
|
||||
#' @export
|
||||
az_user <- R6::R6Class("az_user",
|
||||
az_user <- R6::R6Class("az_user", inherit=az_object,
|
||||
|
||||
public=list(
|
||||
|
||||
token=NULL,
|
||||
tenant=NULL,
|
||||
|
||||
# app data from server
|
||||
properties=NULL,
|
||||
|
||||
password=NULL,
|
||||
|
||||
initialize=function(token, tenant=NULL, properties=NULL, password=NULL)
|
||||
{
|
||||
self$token <- token
|
||||
self$tenant <- tenant
|
||||
self$properties <- properties
|
||||
self$type <- "user"
|
||||
self$password <- password
|
||||
super$initialize(token, tenant, properties)
|
||||
},
|
||||
|
||||
reset_password=function(password=NULL, force_password_change=TRUE)
|
||||
|
@ -66,49 +71,18 @@ public=list(
|
|||
password
|
||||
},
|
||||
|
||||
update=function(...)
|
||||
list_direct_memberships=function(id_only=TRUE)
|
||||
{
|
||||
op <- file.path("users", self$properties$id)
|
||||
self$graph_op(op, body=list(...), encode="json", http_verb="PATCH")
|
||||
self$properties <- self$graph_op(op)
|
||||
self
|
||||
},
|
||||
op <- file.path("users", self$properties$id, "memberOf")
|
||||
res <- get_paged_list(self$graph_op(op), self$token)
|
||||
|
||||
sync_fields=function()
|
||||
{
|
||||
op <- file.path("users", self$properties$id)
|
||||
self$properties <- self$graph_op(op)
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
list_group_memberships=function(direct_only=TRUE, id_only=TRUE)
|
||||
{
|
||||
res <- if(direct_only)
|
||||
private$list_direct_memberships(id_only)
|
||||
else private$list_transitive_memberships(id_only)
|
||||
|
||||
if(!id_only)
|
||||
if(id_only)
|
||||
sapply(res, function(grp) grp$id)
|
||||
else
|
||||
{
|
||||
names(res) <- sapply(res, function(grp) grp$displayName)
|
||||
lapply(res, function(grp) az_group$new(self$token, self$tenant, grp))
|
||||
}
|
||||
else unlist(res)
|
||||
},
|
||||
|
||||
delete=function(confirm=TRUE)
|
||||
{
|
||||
if(confirm && interactive())
|
||||
{
|
||||
msg <- paste0("Do you really want to delete the user '", self$properties$displayName,
|
||||
"'? (y/N) ")
|
||||
yn <- readline(msg)
|
||||
if(tolower(substr(yn, 1, 1)) != "y")
|
||||
return(invisible(NULL))
|
||||
}
|
||||
|
||||
op <- file.path("users", self$properties$id)
|
||||
self$graph_op(op, http_verb="DELETE")
|
||||
invisible(NULL)
|
||||
},
|
||||
|
||||
print=function(...)
|
||||
|
@ -118,54 +92,5 @@ public=list(
|
|||
cat(" email:", self$properties$mail, "\n")
|
||||
cat(" directory id:", self$properties$id, "\n")
|
||||
invisible(self)
|
||||
},
|
||||
|
||||
graph_op=function(op="", ...)
|
||||
{
|
||||
call_graph_endpoint(self$token, op, ...)
|
||||
}
|
||||
),
|
||||
|
||||
private=list(
|
||||
|
||||
list_transitive_memberships=function(id_only)
|
||||
{
|
||||
op <- file.path("users", self$properties$id, "getMemberGroups")
|
||||
lst <- self$graph_op(op, body=list(securityEnabledOnly=TRUE),
|
||||
encode="json", http_verb="POST")
|
||||
|
||||
res <- lst$value
|
||||
while(!is_empty(lst$`@odata.nextLink`))
|
||||
{
|
||||
lst <- call_graph_url(self$token, lst$`@odata.nextLink`)
|
||||
res <- c(res, lst$value)
|
||||
}
|
||||
|
||||
if(!id_only)
|
||||
{
|
||||
lapply(res, function(grp)
|
||||
{
|
||||
op <- file.path("groups", grp)
|
||||
self$graph_op(op)
|
||||
})
|
||||
}
|
||||
else res
|
||||
},
|
||||
|
||||
list_direct_memberships=function(id_only)
|
||||
{
|
||||
op <- file.path("users", self$properties$id, "memberOf")
|
||||
lst <- self$graph_op(op)
|
||||
|
||||
res <- lst$value
|
||||
while(!is_empty(lst$`@odata.nextLink`))
|
||||
{
|
||||
lst <- call_graph_url(self$token, lst$`@odata.nextLink`)
|
||||
res <- c(res, lst$value)
|
||||
}
|
||||
|
||||
if(id_only)
|
||||
lapply(res, function(grp) grp$id)
|
||||
else res
|
||||
}
|
||||
))
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
\name{az_app}
|
||||
\alias{az_app}
|
||||
\title{Registered app in Azure Active Directory}
|
||||
\format{An R6 object of class \code{az_app}.}
|
||||
\format{An R6 object of class \code{az_app}, inheriting from \code{az_object}.}
|
||||
\usage{
|
||||
az_app
|
||||
}
|
||||
|
@ -28,6 +28,8 @@ Base class representing an AAD app.
|
|||
\item \code{delete(confirm=TRUE)}: Delete an app. By default, ask for confirmation first.
|
||||
\item \code{update(...)}: Update the app data in Azure Active Directory. For what properties can be updated, consult the REST API documentation link below.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the app data in Azure Active Directory.
|
||||
\item \code{list_group_memberships()}: Return the IDs of all groups this app is a member of.
|
||||
\item \code{list_object_memberships()}: Return the IDs of all groups, administrative units and directory roles this app is a member of.
|
||||
\item \code{create_service_principal(...)}: Create a service principal for this app, by default in the current tenant.
|
||||
\item \code{get_service_principal()}: Get the service principal for this app.
|
||||
\item \code{delete_service_principal(confirm=TRUE)}: Delete the service principal for this app. By default, ask for confirmation first.
|
||||
|
@ -74,6 +76,6 @@ app$update(displayName="MyRenamedApp")
|
|||
}
|
||||
}
|
||||
\seealso{
|
||||
\link{ms_graph}, \link{az_service_principal}, \link{az_user}, \link{az_group}
|
||||
\link{ms_graph}, \link{az_service_principal}, \link{az_user}, \link{az_group}, \link{az_object}
|
||||
}
|
||||
\keyword{datasets}
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
\name{az_group}
|
||||
\alias{az_group}
|
||||
\title{Group in Azure Active Directory}
|
||||
\format{An R6 object of class \code{az_group}.}
|
||||
\format{An R6 object of class \code{az_group}, inheriting from \code{az_object}.}
|
||||
\usage{
|
||||
az_group
|
||||
}
|
||||
|
@ -26,9 +26,11 @@ Base class representing an AAD group.
|
|||
\item \code{new(...)}: Initialize a new group object. Do not call this directly; see 'Initialization' below.
|
||||
\item \code{delete(confirm=TRUE)}: Delete a group. By default, ask for confirmation first.
|
||||
\item \code{update(...)}: Update the group information in Azure Active Directory.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the app data in Azure Active Directory.
|
||||
\item \code{list_group_memberships()}: Return the IDs of all groups this group is a member of.
|
||||
\item \code{list_object_memberships()}: Return the IDs of all groups, administrative units and directory roles this group is a member of.
|
||||
\item \code{list_members()}: Return a list of all members of this group.
|
||||
\item \code{list_owners()}: Return a list of all owners of this group.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the app data in Azure Active Directory.
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -37,8 +39,22 @@ Base class representing an AAD group.
|
|||
Creating new objects of this class should be done via the \code{create_group} and \code{get_group} methods of the \link{ms_graph} and \link{az_app} classes. Calling the \code{new()} method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual group.
|
||||
}
|
||||
|
||||
\examples{
|
||||
\dontrun{
|
||||
|
||||
gr <- get_graph_login()
|
||||
usr <- gr$get_user("myname@aadtenant.com")
|
||||
|
||||
grps <- usr$list_direct_memberships()
|
||||
grp <- grp[[1]]
|
||||
|
||||
grp$list_members()
|
||||
grp$list_owners()
|
||||
|
||||
}
|
||||
}
|
||||
\seealso{
|
||||
\link{ms_graph}, \link{az_app}, \link{az_user}
|
||||
\link{ms_graph}, \link{az_app}, \link{az_user}, \link{az_object}
|
||||
|
||||
\href{https://docs.microsoft.com/en-us/graph/overview}{Microsoft Graph overview},
|
||||
\href{https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta}{REST API reference}
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
% Generated by roxygen2: do not edit by hand
|
||||
% Please edit documentation in R/az_object.R
|
||||
\docType{class}
|
||||
\name{az_object}
|
||||
\alias{az_object}
|
||||
\title{Azure Active Directory object}
|
||||
\format{An R6 object of class \code{az_object}.}
|
||||
\usage{
|
||||
az_object
|
||||
}
|
||||
\description{
|
||||
Base class representing a directory object in Microsoft Graph.
|
||||
}
|
||||
\section{Fields}{
|
||||
|
||||
\itemize{
|
||||
\item \code{token}: The token used to authenticate with the Graph host.
|
||||
\item \code{tenant}: The Azure Active Directory tenant for this group.
|
||||
\item \code{type}: The type of object: user, group, application or service principal.
|
||||
\item \code{properties}: The group properties.
|
||||
}
|
||||
}
|
||||
|
||||
\section{Methods}{
|
||||
|
||||
\itemize{
|
||||
\item \code{new(...)}: Initialize a new group object. Do not call this directly; see 'Initialization' below.
|
||||
\item \code{delete(confirm=TRUE)}: Delete a group. By default, ask for confirmation first.
|
||||
\item \code{update(...)}: Update the group information in Azure Active Directory.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the app data in Azure Active Directory.
|
||||
\item \code{list_group_memberships()}: Return the IDs of all groups this object is a member of.
|
||||
\item \code{list_object_memberships()}: Return the IDs of all groups, administrative units and directory roles this object is a member of.
|
||||
}
|
||||
}
|
||||
|
||||
\section{Initialization}{
|
||||
|
||||
Objects of this class should not be created directly. Instead, create an object of the appropriate subclass: \link{az_app}, \link{az_service_principal}, \link{az_user}, \link{az_group}.
|
||||
}
|
||||
|
||||
\seealso{
|
||||
\link{ms_graph}, \link{az_app}, \link{az_service_principal}, \link{az_user}, \link{az_group}
|
||||
|
||||
\href{https://docs.microsoft.com/en-us/graph/overview}{Microsoft Graph overview},
|
||||
\href{https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta}{REST API reference}
|
||||
}
|
||||
\keyword{datasets}
|
|
@ -4,7 +4,7 @@
|
|||
\name{az_service_principal}
|
||||
\alias{az_service_principal}
|
||||
\title{Service principal in Azure Active Directory}
|
||||
\format{An R6 object of class \code{az_service_principal}.}
|
||||
\format{An R6 object of class \code{az_service_principal}, inheriting from \code{az_object}.}
|
||||
\usage{
|
||||
az_service_principal
|
||||
}
|
||||
|
@ -25,6 +25,10 @@ Base class representing an AAD service principal.
|
|||
\itemize{
|
||||
\item \code{new(...)}: Initialize a new service principal object. Do not call this directly; see 'Initialization' below.
|
||||
\item \code{delete(confirm=TRUE)}: Delete a service principal. By default, ask for confirmation first.
|
||||
\item \code{update(...)}: Update the service principal information in Azure Active Directory.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the service principal data in Azure Active Directory.
|
||||
\item \code{list_group_memberships()}: Return the IDs of all groups this service principal is a member of.
|
||||
\item \code{list_object_memberships()}: Return the IDs of all groups, administrative units and directory roles this service principal is a member of.
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -34,7 +38,7 @@ Creating new objects of this class should be done via the \code{create_service_p
|
|||
}
|
||||
|
||||
\seealso{
|
||||
\link{ms_graph}, \link{az_app}
|
||||
\link{ms_graph}, \link{az_app}, \link{az_object}
|
||||
|
||||
\href{https://docs.microsoft.com/en-us/graph/overview}{Azure Microsoft Graph overview},
|
||||
\href{https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta}{REST API reference}
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
\name{az_user}
|
||||
\alias{az_user}
|
||||
\title{User in Azure Active Directory}
|
||||
\format{An R6 object of class \code{az_user}.}
|
||||
\format{An R6 object of class \code{az_user}, inheriting from \code{az_object}.}
|
||||
\usage{
|
||||
az_user
|
||||
}
|
||||
|
@ -27,8 +27,10 @@ Base class representing an AAD user account.
|
|||
\item \code{delete(confirm=TRUE)}: Delete a user account. By default, ask for confirmation first.
|
||||
\item \code{update(...)}: Update the user information in Azure Active Directory.
|
||||
\item \code{sync_fields()}: Synchronise the R object with the app data in Azure Active Directory.
|
||||
\item \code{list_group_memberships()}: Return the IDs of all groups this user is a member of.
|
||||
\item \code{list_object_memberships()}: Return the IDs of all groups, administrative units and directory roles this user is a member of.
|
||||
\item \code{list_direct_memberships(id_only=TRUE)}: List the groups this user is a direct member of. Set \code{id_only=TRUE} to return only a vector of group IDs (the default), or \code{id_only=FALSE} to return a list of group objects.
|
||||
\item `reset_password(password=NULL, force_password_change=TRUE): Resets a user password. By default the new password will be randomly generated, and must be changed at next login.
|
||||
\item \code{list_group_memberships(direct_only=TRUE, id_only=TRUE)}: List the groups this user is a member of. Set \code{direct_only=FALSE} to get a \emph{transitive} list of memberships, ie including groups that the user's groups are members of. Set \code{id_only=TRUE} to return only a vector of group IDs (the default), or \code{id_only=FALSE} to return a list of group objects (which will be slow for a transitive list).
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -37,8 +39,19 @@ Base class representing an AAD user account.
|
|||
Creating new objects of this class should be done via the \code{create_user} and \code{get_user} methods of the \link{ms_graph} and \link{az_app} classes. Calling the \code{new()} method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual user account.
|
||||
}
|
||||
|
||||
\examples{
|
||||
\dontrun{
|
||||
|
||||
gr <- get_graph_login()
|
||||
usr <- gr$get_user("myname@aadtenant.com")
|
||||
|
||||
grps <- usr$list_direct_memberships()
|
||||
head(grps)
|
||||
|
||||
}
|
||||
}
|
||||
\seealso{
|
||||
\link{ms_graph}, \link{az_app}, \link{az_group}
|
||||
\link{ms_graph}, \link{az_app}, \link{az_group}, \link{az_object}
|
||||
|
||||
\href{https://docs.microsoft.com/en-us/graph/overview}{Microsoft Graph overview},
|
||||
\href{https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-beta}{REST API reference}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
% Generated by roxygen2: do not edit by hand
|
||||
% Please edit documentation in R/az_graph.R
|
||||
% Please edit documentation in R/ms_graph.R
|
||||
\docType{class}
|
||||
\name{ms_graph}
|
||||
\alias{ms_graph}
|
||||
|
|
|
@ -20,21 +20,20 @@ test_that("User/group read functionality works",
|
|||
me2 <- gr$get_user(user)
|
||||
expect_equal(me2$properties$mail, user)
|
||||
|
||||
grps0 <- me$list_group_memberships(TRUE, TRUE)
|
||||
expect_true(is.character(grps0))
|
||||
objs <- me$list_object_memberships()
|
||||
expect_true(is.character(objs))
|
||||
|
||||
grps1 <- me$list_group_memberships()
|
||||
expect_true(is.character(grps1))
|
||||
|
||||
grps1 <- me$list_group_memberships(TRUE, FALSE)
|
||||
expect_true(all(sapply(grps1, is_group)))
|
||||
expect_true(all(sapply(grps1, function(g) !is.null(g$properties$id))))
|
||||
|
||||
grps2 <- me$list_group_memberships(FALSE, TRUE)
|
||||
grps2 <- me$list_direct_memberships(id_only=TRUE)
|
||||
expect_true(is.character(grps2))
|
||||
|
||||
grps3 <- me$list_group_memberships(FALSE, FALSE)
|
||||
grps3 <- me$list_direct_memberships(id_only=FALSE)
|
||||
expect_true(all(sapply(grps3, is_group)))
|
||||
expect_true(all(sapply(grps3, function(g) !is.null(g$properties$id))))
|
||||
|
||||
grp <- gr$get_group(grps0[1])
|
||||
grp <- gr$get_group(grps1[1])
|
||||
expect_true(is_group(grp) && !is.null(grp$properties$id))
|
||||
})
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче