internal PswaAuthorizationRule AddRule(SortedList<int, PswaAuthorizationRule> allRules, string name, string user, PswaUserType userType, string destination, PswaDestinationType destinationType, string configuration, string canonicalDestination)
{
string str;
string str1;
bool flag;
int nextAvailableId = this.GetNextAvailableId(allRules);
PswaAuthorizationRule pswaAuthorizationRule = new PswaAuthorizationRule();
pswaAuthorizationRule.Id = nextAvailableId;
PswaAuthorizationRule pswaAuthorizationRule1 = pswaAuthorizationRule;
if (name != null)
{
str = name;
}
else
{
object[] objArray = new object[1];
objArray[0] = nextAvailableId;
str = string.Format(CultureInfo.CurrentCulture, Resources.AuthorizationRuleName_Format, objArray);
}
pswaAuthorizationRule1.RuleName = str;
this.AddRuleSetUserInfo(pswaAuthorizationRule, user, userType);
this.AddRuleSetDestinationInfo(pswaAuthorizationRule, destination, canonicalDestination, destinationType);
PswaAuthorizationRule pswaAuthorizationRule2 = pswaAuthorizationRule;
if (configuration == "*")
{
str1 = "*";
}
else
{
if (string.IsNullOrEmpty(configuration))
{
str1 = "Microsoft.PowerShell";
}
else
{
str1 = configuration;
}
}
pswaAuthorizationRule2.ConfigurationName = str1;
PswaAuthorizationRule pswaAuthorizationRule3 = pswaAuthorizationRule;
if (destinationType == PswaDestinationType.All)
{
flag = false;
}
else
{
flag = destination != pswaAuthorizationRule.DestinationCanonicalForm;
}
pswaAuthorizationRule3.IsCanonicalDestinationSid = flag;
allRules.Add(pswaAuthorizationRule.Id, pswaAuthorizationRule);
return pswaAuthorizationRule;
}
internal void DeserializeFromXmlElement(XmlElement rule)
{
string str;
string str1;
this.Id = Convert.ToInt32(rule.GetElementsByTagName("Id")[0].InnerText, CultureInfo.InvariantCulture);
this.RuleName = rule.GetElementsByTagName("Name")[0].InnerText;
this.UserType = (PswaUserType)Enum.Parse(typeof(PswaUserType), rule.GetElementsByTagName("UserType")[0].InnerText);
PswaAuthorizationRule pswaAuthorizationRule = this;
if (this.UserType == PswaUserType.All)
{
str = "*";
}
else
{
str = null;
}
pswaAuthorizationRule.User = str;
this.UserCanonicalForm = rule.GetElementsByTagName("UserCanonicalForm")[0].InnerText;
this.DestinationType = (PswaDestinationType)Enum.Parse(typeof(PswaDestinationType), rule.GetElementsByTagName("DestinationType")[0].InnerText);
PswaAuthorizationRule pswaAuthorizationRule1 = this;
if (this.DestinationType == PswaDestinationType.All)
{
str1 = "*";
}
else
{
str1 = null;
}
pswaAuthorizationRule1.Destination = str1;
this.DestinationCanonicalForm = rule.GetElementsByTagName("DestinationCanonicalForm")[0].InnerText;
this.ConfigurationName = rule.GetElementsByTagName("ConfigurationName")[0].InnerText;
this.IsUserGroupLocal = Convert.ToBoolean(rule.GetElementsByTagName("IsUserGroupLocal")[0].InnerText, CultureInfo.InvariantCulture);
this.IsComputerGroupLocal = Convert.ToBoolean(rule.GetElementsByTagName("IsComputerGroupLocal")[0].InnerText, CultureInfo.InvariantCulture);
this.IsCanonicalDestinationSid = Convert.ToBoolean(rule.GetElementsByTagName("IsCanonicalDestinationSid")[0].InnerText, CultureInfo.InvariantCulture);
}
private void AddRuleSetUserInfo(PswaAuthorizationRule newRule, string user, PswaUserType userType)
{
bool flag = false;
newRule.UserType = userType;
if (userType == PswaUserType.All)
{
newRule.User = "******";
newRule.UserCanonicalForm = newRule.User;
newRule.IsUserGroupLocal = false;
return;
}
else
{
string str = null;
if (this.CheckSamAccountFormat(user))
{
newRule.User = user;
string stringSid = this.activeDirectoryHelper.ConvertAccountNameToStringSid(user, out flag, out str);
newRule.IsUserGroupLocal = flag;
string str1 = null;
if (this.activeDirectoryHelper.CheckUserTypeMatch(newRule.IsUserGroupLocal, stringSid, userType, str, out str1))
{
newRule.UserCanonicalForm = stringSid;
return;
}
else
{
throw new ArgumentException(str1);
}
}
else
{
throw new ArgumentException(Resources.InvalidUserAndGroupNameFormat);
}
}
}
public bool CheckUserTypeMatch(bool isLocal, string sid, PswaUserType type, string domain, out string errorMessage)
{
errorMessage = null;
return(true);
/*
* bool flag;
* PrincipalContext principalContext;
* bool hasValue;
* errorMessage = string.Empty;
* try
* {
* if (isLocal)
* {
* principalContext = new PrincipalContext(ContextType.Machine);
* }
* else
* {
* principalContext = new PrincipalContext(ContextType.Domain, domain);
* }
* using (principalContext)
* {
* if (type != PswaUserType.User)
* {
* if (type != PswaUserType.UserGroup)
* {
* flag = false;
* return flag;
* }
* else
* {
* GroupPrincipal groupPrincipal = GroupPrincipal.FindByIdentity(V_0, sid);
* using (groupPrincipal)
* {
* if (groupPrincipal != null)
* {
* bool? isSecurityGroup = groupPrincipal.IsSecurityGroup;
* if (!isSecurityGroup.GetValueOrDefault())
* {
* hasValue = true;
* }
* else
* {
* hasValue = !isSecurityGroup.HasValue;
* }
* if (hasValue)
* {
* errorMessage = Resources.UserGroupIsNotSecurityGroup;
* flag = false;
* return flag;
* }
* }
* else
* {
* errorMessage = Resources.UserTypeDoesNotMatchUserGroup;
* flag = false;
* return flag;
* }
* }
* }
* }
* else
* {
* UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(V_0, sid);
* using (userPrincipal)
* {
* if (userPrincipal == null)
* {
* errorMessage = Resources.UserTypeDoesNotMatchUser;
* flag = false;
* return flag;
* }
* }
* }
* }
* return true;
* }
* catch (DirectoryServicesCOMException directoryServicesCOMException1)
* {
* DirectoryServicesCOMException directoryServicesCOMException = directoryServicesCOMException1;
* if (directoryServicesCOMException.ExtendedError == -2146893044 || directoryServicesCOMException.ExtendedError == 0x4dc)
* {
* errorMessage = Resources.NoActiveDirectoryPermission;
* flag = false;
* }
* else
* {
* throw;
* }
* }
* return flag;
*/
}
internal PswaAuthorizationRule AddRule(SortedList <int, PswaAuthorizationRule> allRules, string name, string user, PswaUserType userType, string destination, PswaDestinationType destinationType, string configuration, string canonicalDestination)
{
string str;
string str1;
bool flag;
int nextAvailableId = this.GetNextAvailableId(allRules);
PswaAuthorizationRule pswaAuthorizationRule = new PswaAuthorizationRule();
pswaAuthorizationRule.Id = nextAvailableId;
PswaAuthorizationRule pswaAuthorizationRule1 = pswaAuthorizationRule;
if (name != null)
{
str = name;
}
else
{
object[] objArray = new object[1];
objArray[0] = nextAvailableId;
str = string.Format(CultureInfo.CurrentCulture, Resources.AuthorizationRuleName_Format, objArray);
}
pswaAuthorizationRule1.RuleName = str;
this.AddRuleSetUserInfo(pswaAuthorizationRule, user, userType);
this.AddRuleSetDestinationInfo(pswaAuthorizationRule, destination, canonicalDestination, destinationType);
PswaAuthorizationRule pswaAuthorizationRule2 = pswaAuthorizationRule;
if (configuration == "*")
{
str1 = "*";
}
else
{
if (string.IsNullOrEmpty(configuration))
{
str1 = "Microsoft.PowerShell";
}
else
{
str1 = configuration;
}
}
pswaAuthorizationRule2.ConfigurationName = str1;
PswaAuthorizationRule pswaAuthorizationRule3 = pswaAuthorizationRule;
if (destinationType == PswaDestinationType.All)
{
flag = false;
}
else
{
flag = destination != pswaAuthorizationRule.DestinationCanonicalForm;
}
pswaAuthorizationRule3.IsCanonicalDestinationSid = flag;
allRules.Add(pswaAuthorizationRule.Id, pswaAuthorizationRule);
return(pswaAuthorizationRule);
}
public bool CheckUserTypeMatch(bool isLocal, string sid, PswaUserType type, string domain, out string errorMessage)
{
errorMessage = null;
return true;
/*
bool flag;
PrincipalContext principalContext;
bool hasValue;
errorMessage = string.Empty;
try
{
if (isLocal)
{
principalContext = new PrincipalContext(ContextType.Machine);
}
else
{
principalContext = new PrincipalContext(ContextType.Domain, domain);
}
using (principalContext)
{
if (type != PswaUserType.User)
{
if (type != PswaUserType.UserGroup)
{
flag = false;
return flag;
}
else
{
GroupPrincipal groupPrincipal = GroupPrincipal.FindByIdentity(V_0, sid);
using (groupPrincipal)
{
if (groupPrincipal != null)
{
bool? isSecurityGroup = groupPrincipal.IsSecurityGroup;
if (!isSecurityGroup.GetValueOrDefault())
{
hasValue = true;
}
else
{
hasValue = !isSecurityGroup.HasValue;
}
if (hasValue)
{
errorMessage = Resources.UserGroupIsNotSecurityGroup;
flag = false;
return flag;
}
}
else
{
errorMessage = Resources.UserTypeDoesNotMatchUserGroup;
flag = false;
return flag;
}
}
}
}
else
{
UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(V_0, sid);
using (userPrincipal)
{
if (userPrincipal == null)
{
errorMessage = Resources.UserTypeDoesNotMatchUser;
flag = false;
return flag;
}
}
}
}
return true;
}
catch (DirectoryServicesCOMException directoryServicesCOMException1)
{
DirectoryServicesCOMException directoryServicesCOMException = directoryServicesCOMException1;
if (directoryServicesCOMException.ExtendedError == -2146893044 || directoryServicesCOMException.ExtendedError == 0x4dc)
{
errorMessage = Resources.NoActiveDirectoryPermission;
flag = false;
}
else
{
throw;
}
}
return flag;
*/
}
private void AddRuleSetUserInfo(PswaAuthorizationRule newRule, string user, PswaUserType userType)
{
bool flag = false;
newRule.UserType = userType;
if (userType == PswaUserType.All)
{
newRule.User = "******";
newRule.UserCanonicalForm = newRule.User;
newRule.IsUserGroupLocal = false;
return;
}
else
{
string str = null;
if (this.CheckSamAccountFormat(user))
{
newRule.User = user;
string stringSid = this.activeDirectoryHelper.ConvertAccountNameToStringSid(user, out flag, out str);
newRule.IsUserGroupLocal = flag;
string str1 = null;
if (this.activeDirectoryHelper.CheckUserTypeMatch(newRule.IsUserGroupLocal, stringSid, userType, str, out str1))
{
newRule.UserCanonicalForm = stringSid;
return;
}
else
{
throw new ArgumentException(str1);
}
}
else
{
throw new ArgumentException(Resources.InvalidUserAndGroupNameFormat);
}
}
}
internal void DeserializeFromXmlElement(XmlElement rule)
{
string str;
string str1;
this.Id = Convert.ToInt32(rule.GetElementsByTagName("Id")[0].InnerText, CultureInfo.InvariantCulture);
this.RuleName = rule.GetElementsByTagName("Name")[0].InnerText;
this.UserType = (PswaUserType)Enum.Parse(typeof(PswaUserType), rule.GetElementsByTagName("UserType")[0].InnerText);
PswaAuthorizationRule pswaAuthorizationRule = this;
if (this.UserType == PswaUserType.All)
{
str = "*";
}
else
{
str = null;
}
pswaAuthorizationRule.User = str;
this.UserCanonicalForm = rule.GetElementsByTagName("UserCanonicalForm")[0].InnerText;
this.DestinationType = (PswaDestinationType)Enum.Parse(typeof(PswaDestinationType), rule.GetElementsByTagName("DestinationType")[0].InnerText);
PswaAuthorizationRule pswaAuthorizationRule1 = this;
if (this.DestinationType == PswaDestinationType.All)
{
str1 = "*";
}
else
{
str1 = null;
}
pswaAuthorizationRule1.Destination = str1;
this.DestinationCanonicalForm = rule.GetElementsByTagName("DestinationCanonicalForm")[0].InnerText;
this.ConfigurationName = rule.GetElementsByTagName("ConfigurationName")[0].InnerText;
this.IsUserGroupLocal = Convert.ToBoolean(rule.GetElementsByTagName("IsUserGroupLocal")[0].InnerText, CultureInfo.InvariantCulture);
this.IsComputerGroupLocal = Convert.ToBoolean(rule.GetElementsByTagName("IsComputerGroupLocal")[0].InnerText, CultureInfo.InvariantCulture);
this.IsCanonicalDestinationSid = Convert.ToBoolean(rule.GetElementsByTagName("IsCanonicalDestinationSid")[0].InnerText, CultureInfo.InvariantCulture);
}
protected override void ProcessRecord()
{
string str;
PswaUserType pswaUserType;
bool flag;
bool flag1;
bool flag2;
string[] userName = new string[0];
PswaUserType pswaUserType1 = PswaUserType.User;
string empty = string.Empty;
PswaDestinationType pswaDestinationType = PswaDestinationType.Computer;
if (base.ParameterSetName == "UserNameComputerName" || base.ParameterSetName == "UserNameComputerGroupName")
{
userName = this.UserName;
pswaUserType1 = PswaUserType.User;
for (int i = 0; i < (int)userName.Length; i++)
{
userName[i] = PswaHelper.TranslateLocalAccountName(userName[i]);
}
}
else
{
if (base.ParameterSetName == "UserGroupNameComputerName" || base.ParameterSetName == "UserGroupNameComputerGroupName")
{
userName = this.UserGroupName;
pswaUserType1 = PswaUserType.UserGroup;
for (int j = 0; j < (int)userName.Length; j++)
{
userName[j] = PswaHelper.TranslateLocalAccountName(userName[j]);
}
}
}
if (base.ParameterSetName == "UserNameComputerName" || base.ParameterSetName == "UserGroupNameComputerName")
{
empty = this.ComputerName;
pswaDestinationType = PswaDestinationType.Computer;
}
else
{
if (base.ParameterSetName == "UserNameComputerGroupName" || base.ParameterSetName == "UserGroupNameComputerGroupName")
{
empty = PswaHelper.TranslateLocalAccountName(this.ComputerGroupName);
pswaDestinationType = PswaDestinationType.ComputerGroup;
}
}
if (empty == "*")
{
pswaDestinationType = PswaDestinationType.All;
}
SortedList <int, PswaAuthorizationRule> nums = PswaAuthorizationRuleCommandHelper.LoadFromFile(this, "Add");
if (nums != null)
{
str = null;
try
{
if (pswaDestinationType == PswaDestinationType.Computer)
{
string str1 = PswaAuthorizationRuleManager.Instance.TryParseDestinationIpAddress(empty);
if (str1 == null)
{
if (!PswaAuthorizationRuleManager.Instance.IsCurrentComputerDomainJoined())
{
str = empty;
}
else
{
string str2 = null;
PswaAuthorizationRuleManager.Instance.GetComputerFqdnAndSid(empty, out str2, out str);
if (str != null)
{
if (string.Compare(str2, empty, StringComparison.OrdinalIgnoreCase) != 0)
{
if (this.Force)
{
flag = true;
}
else
{
object[] objArray = new object[1];
objArray[0] = str2;
flag = base.ShouldContinue(string.Format(CultureInfo.CurrentCulture, Resources.AuthorizationRule_UseFqdnQuery, objArray), "");
}
bool flag3 = flag;
if (flag3)
{
empty = str2;
}
else
{
return;
}
}
}
else
{
if (this.Force)
{
flag1 = true;
}
else
{
object[] objArray1 = new object[1];
objArray1[0] = empty;
flag1 = base.ShouldContinue(string.Format(CultureInfo.CurrentCulture, Resources.AuthorizationRule_ForceComputerNameQuery, objArray1), "");
}
bool flag4 = flag1;
if (flag4)
{
str = empty;
}
else
{
return;
}
}
}
}
else
{
empty = str1;
if (this.Force)
{
flag2 = true;
}
else
{
object[] objArray2 = new object[1];
objArray2[0] = empty;
flag2 = base.ShouldContinue(string.Format(CultureInfo.CurrentCulture, Resources.AuthorizationRule_UseIpAddressQuery, objArray2), "");
}
bool flag5 = flag2;
if (flag5)
{
str = empty;
}
else
{
return;
}
}
}
goto Label0;
}
catch (Exception exception1)
{
Exception exception = exception1;
base.WriteError(new ErrorRecord(exception, "AddRuleError", ErrorCategory.InvalidOperation, null));
}
return;
}
else
{
return;
}
Label0:
ArrayList arrayLists = new ArrayList();
string[] strArrays = userName;
int num = 0;
while (num < (int)strArrays.Length)
{
string str3 = strArrays[num];
try
{
PswaAuthorizationRuleManager instance = PswaAuthorizationRuleManager.Instance;
SortedList <int, PswaAuthorizationRule> nums1 = nums;
string ruleName = this.RuleName;
string str4 = str3;
if (str3 == "*")
{
pswaUserType = PswaUserType.All;
}
else
{
pswaUserType = pswaUserType1;
}
PswaAuthorizationRule pswaAuthorizationRule = instance.AddRule(nums1, ruleName, str4, pswaUserType, empty, pswaDestinationType, this.ConfigurationName, str);
arrayLists.Add(pswaAuthorizationRule);
if (arrayLists.Count >= this.batchAmount)
{
this.SaveCurrentBatch(nums, arrayLists);
}
}
catch (Exception exception3)
{
Exception exception2 = exception3;
this.SaveCurrentBatch(nums, arrayLists);
base.WriteError(new ErrorRecord(exception2, "AddRuleError", ErrorCategory.InvalidOperation, null));
}
num++;
}
if (arrayLists.Count > 0)
{
this.SaveCurrentBatch(nums, arrayLists);
return;
}
else
{
return;
}
}
