Sync user data

Author: TylerLu

models/db.py

@@ -66,6 +66,6 @@ class DataSyncRecord(models.Model):
     tenantId = models.CharField(null=True, max_length=255)
     query = models.TextField(null=True)
     deltaLink = models.TextField(null=True)
-    updated = models.DateTimeField()
+    updated = models.DateTimeField(null=True)
     class Meta:
-        db_table = 'data_sync_record'
+        db_table = 'data_sync_records'

models/migrations/0001_initial.py

@@ -1,4 +1,6 @@
-# Generated by Django 2.0.5 on 2018-05-02 06:30
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.3 on 2018-05-04 12:29
+from __future__ import unicode_literals
 
 from django.conf import settings
 from django.db import migrations, models
@@ -33,10 +35,10 @@ class Migration(migrations.Migration):
                 ('tenantId', models.CharField(max_length=255, null=True)),
                 ('query', models.TextField(null=True)),
                 ('deltaLink', models.TextField(null=True)),
-                ('updated', models.DateTimeField()),
+                ('updated', models.DateTimeField(null=True)),
             ],
             options={
-                'db_table': 'data_sync_record',
+                'db_table': 'data_sync_records',
             },
         ),
         migrations.CreateModel(
@@ -63,7 +65,7 @@ class Migration(migrations.Migration):
                 ('department', models.CharField(max_length=255, null=True)),
                 ('mobilePhone', models.CharField(max_length=255, null=True)),
                 ('organization', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='models.Organization')),
-                ('user', models.OneToOneField(on_delete=None, to=settings.AUTH_USER_MODEL)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
             ],
             options={
                 'db_table': 'profiles',

webjobs/user_data_sync/models.py

@@ -1,5 +1,5 @@
 import os
-from peewee import MySQLDatabase, Model, BooleanField, CharField, ForeignKeyField
+from peewee import MySQLDatabase, Model, BooleanField, CharField, TextField, DateTimeField, ForeignKeyField
 
 mysql_host = os.environ['MySQLHost']
 mysql_port = int('3306')
@@ -32,18 +32,26 @@ class Profile(BaseModel):
     class Meta:
         db_table = "profiles"
 
-db.connect()
+class DataSyncRecord(BaseModel):
+    tenantId = CharField()
+    query = TextField()
+    deltaLink = TextField()
+    updated = DateTimeField(null=True)
+    class Meta:
+        db_table = 'data_sync_records'
+
+# db.connect()
 
-organizations = Organization.select() \
-    .where(Organization.isAdminConsented)
+# organizations = Organization.select() \
+#     .where(Organization.isAdminConsented)
 
-for org in organizations:
-    print(org.name)
+# for org in organizations:
+#     print(org.name)
 
 
-profiles = Profile.select()
+# profiles = Profile.select()
 
-for profile in profiles:
-    print(profile.o365Email)
+# for profile in profiles:
+#     print(profile.o365Email)
 
-db.close()
+# db.close()

webjobs/user_data_sync/rest_api_service.py

@@ -0,0 +1,112 @@
+'''
+ *   * Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
+ *   * See LICENSE in the project root for license information.
+'''
+
+import json
+import requests
+
+class HttpRequestFailed(Exception):
+    def __init__(self, request, response):
+        self._request = request
+        self._response = response
+
+    @property
+    def response(self):
+        return self._request
+
+    @property
+    def response(self):
+        return self._response
+
+class RestApiService(object):
+
+    def get_raw(self, url, token, headers=None):
+        method = 'GET'
+        s_headers = {}
+        self._set_header_token(s_headers, token)
+        if headers:
+            s_headers.update(headers)
+        response = self._send(method, url, s_headers)
+        return response.text
+
+    def get_json(self, url, token, headers=None):
+        method = 'GET'
+        s_headers = {'Accept': 'application/json',
+                     'Content-Type': 'application/json'}
+        self._set_header_token(s_headers, token)
+        if headers:
+            s_headers.update(headers)
+        response = self._send(method, url, s_headers)
+        return json.loads(response.text)
+
+    def get_img(self, url, token, headers=None):
+        method = 'GET'
+        s_headers = {'content-type': 'image/jpeg'}
+        self._set_header_token(s_headers, token)
+        if headers:
+            s_headers.update(headers)
+        response = self._send(method, url, s_headers)
+        return response.content
+
+    def get_object_list(self, url, token, key='value', headers=None, model=None, next_key=''):
+        content = self.get_json(url, token, headers)
+        entity_list = []
+        next_link = ''
+        if content and model:
+            value_list = content[key]
+            for value in value_list:
+                entity = model(value)
+                entity_list.append(entity)
+            if next_key:
+                next_link = content.get(next_key, '')
+        if next_key:
+            return entity_list, next_link
+        else:
+            return entity_list
+
+    def get_object(self, url, token, headers=None, model=None):
+        content = self.get_raw(url, token, headers)
+        if content and model:
+            value = json.loads(content)
+            return model(value)
+        return None
+
+    def delete(self, url, token, headers=None):
+        method = 'DELETE'
+        s_headers = {'Accept': 'application/json',
+                     'Content-Type': 'application/json'}
+        self._set_header_token(s_headers, token)
+        if headers:
+            s_headers.update(headers)
+        self._send(method, url, s_headers)
+
+    def post_json(self, url, token, headers=None, data=None):
+        method = 'POST'
+        s_headers = {'Accept': 'application/json',
+                     'Content-Type': 'application/json'}
+        self._set_header_token(s_headers, token)
+        if headers:
+            s_headers.update(headers)
+        return self._send(method, url, s_headers, json.dumps(data))
+
+    def put_file(self, url, token, file=None):      
+        s_headers = {'Content-Type': 'application/octet-stream'}        
+        self._set_header_token(s_headers, token)
+        method = 'PUT'
+        return json.loads(self._send(method, url, s_headers,file.chunks()).text)
+
+    def _set_header_token(self, headers, token):
+        key = 'Authorization'
+        value = 'Bearer {0}'.format(token)
+        headers[key] = value
+
+    def _send(self, method, url, headers, data=None):
+        session = requests.Session()
+        request = requests.Request(method, url, headers, data=data)
+        prepped = request.prepare()
+        response = session.send(prepped)
+        if response.status_code < 200 or response.status_code > 299:
+            raise HttpRequestFailed(request, response)
+        return response
+ 

webjobs/user_data_sync/start.py

@@ -1,8 +1,12 @@
 import os
 import adal
+import datetime
+
 from OpenSSL import crypto
 from cryptography.hazmat.primitives import serialization
 
+from rest_api_service import RestApiService
+import models 
 
 client_id = os.environ['ClientId']
 client_cert_path = os.environ['ClientCertificatePath']
@@ -11,6 +15,8 @@
 aad_instance = 'https://login.microsoftonline.com/'
 ms_graph_resource = 'https://graph.microsoft.com'
 
+users_query = "/users/delta?$select=jobTitle,department,mobilePhone"
+
 # load certificate and thumbprint
 with open(client_cert_path, 'rb') as cert_file:
     pkcs12 = crypto.load_pkcs12(cert_file.read(), client_cert_password)
@@ -28,15 +34,64 @@
     .replace(':', '')
 
 # get access token
-tenant_id = '64446b5c-6d85-4d16-9ff2-94eddc0c2439'
-authority = aad_instance + tenant_id
-auth_context = adal.AuthenticationContext(authority)
-
-import pdb; pdb.set_trace()
-token = auth_context.acquire_token_with_client_certificate(
-    ms_graph_resource,
-    client_id,
-    private_key,
-    thumbprint)
-
-print(token['accessToken'])
+
+
+models.db.connect()
+
+
+url = ms_graph_resource + '/v1.0/users/delta?$select=jobTitle,department,mobilePhone'
+
+rest_api_service = RestApiService()
+
+
+organizations = models.Organization.select().where(models.Organization.isAdminConsented)
+for organization in organizations:
+
+    print('Sync tenant ' + organization.name)
+
+    data_sync_record, created = models.DataSyncRecord.get_or_create(
+        tenantId = organization.tenantId,
+        query = users_query)
+    
+    if created:
+        url = ms_graph_resource + '/v1.0' + users_query
+    else:
+        url = data_sync_record.deltaLink
+
+
+    authority = aad_instance + organization.tenantId
+    auth_context = adal.AuthenticationContext(authority, api_version=None)
+
+    token = auth_context.acquire_token_with_client_certificate(
+        ms_graph_resource,
+        client_id,
+        private_key,
+        thumbprint)
+
+    access_token = token['accessToken']
+
+    while True:
+        res = rest_api_service.get_json(url, access_token)    
+        users = res['value']
+
+        for user in users:
+            profile = models.Profile.get_or_none(models.Profile.o365UserId == user['id'])
+            if profile:
+                profile.jobTitle = user['jobTitle']
+                profile.department = user['department']
+                profile.mobilePhone = user['mobilePhone']
+                print('update user: ' + profile.o365Email)
+                profile.save()
+
+        next_link = res.get('@odata.nextLink')
+        if next_link:
+            url = next_link
+        else:
+            break;    
+
+
+    data_sync_record.deltaLink = res.get('@odata.deltaLink')
+    data_sync_record.updated = datetime.datetime.now()
+    data_sync_record.save()
+
+models.db.close()