internal static void CopyEnabledMailboxPlanRoleAssignmentFeatures(ServicePlan deltaServicePlan, ServicePlan toServicePlan)
 {
     for (int i = 0; i < deltaServicePlan.MailboxPlans.Count; i++)
     {
         ServicePlan.MailboxPlan mailboxPlan = deltaServicePlan.MailboxPlans[i];
         foreach (object obj in ((IEnumerable)mailboxPlan.Schema))
         {
             FeatureDefinition featureDefinition = (FeatureDefinition)obj;
             if (featureDefinition.Categories.Contains(FeatureCategory.MailboxPlanRoleAssignment) && (bool)toServicePlan.GetMailboxPlanByName(mailboxPlan.Name)[featureDefinition])
             {
                 mailboxPlan[featureDefinition] = true;
             }
         }
     }
 }
 private void ValidateMailboxPlansCapabilities(ServicePlan.MailboxPlan oldMbxPlan, ServicePlan.MailboxPlan newMailboxPlan)
 {
     if (oldMbxPlan == null)
     {
         throw new ArgumentNullException("oldMbxPlan");
     }
     if (oldMbxPlan == null)
     {
         throw new ArgumentNullException("oldMbxPlan");
     }
     if (oldMbxPlan.SkuCapability != Capability.None && newMailboxPlan.SkuCapability == Capability.None)
     {
         base.WriteError(new InvalidOperationException(Strings.ErrorInvalidMailboxPlanTransition(oldMbxPlan.Name, oldMbxPlan.SkuCapability.ToString(), newMailboxPlan.Name, newMailboxPlan.SkuCapability.ToString())), ErrorCategory.InvalidOperation, null);
     }
 }
Beispiel #3
0
 private void InstallCustomRoles(List <RoleDefinition> customRoles)
 {
     if (!this.IsBuildApplicableForCustomRoles())
     {
         return;
     }
     foreach (RoleDefinition customRoleDefinition in customRoles)
     {
         if (base.ServicePlanSettings != null)
         {
             if (customRoleDefinition.IsEndUserRole && !base.ServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled)
             {
                 this.InstallCustomRole(customRoleDefinition, base.ServicePlanSettings.GetAggregatedMailboxPlanPermissions(), null, null);
             }
             else
             {
                 if (customRoleDefinition.IsEndUserRole)
                 {
                     using (List <ServicePlan.MailboxPlan> .Enumerator enumerator2 = base.ServicePlanSettings.MailboxPlans.GetEnumerator())
                     {
                         while (enumerator2.MoveNext())
                         {
                             ServicePlan.MailboxPlan mailboxPlan = enumerator2.Current;
                             string suffix = "_" + mailboxPlan.Name;
                             this.InstallCustomRole(customRoleDefinition, mailboxPlan.GetEnabledPermissionFeatures(), suffix, mailboxPlan.MailboxPlanIndex);
                         }
                         continue;
                     }
                 }
                 this.InstallCustomRole(customRoleDefinition, base.ServicePlanSettings.Organization.GetEnabledPermissionFeatures(), null, null);
             }
         }
         else
         {
             this.InstallCustomRole(customRoleDefinition, null, null, null);
         }
     }
 }
Beispiel #4
0
        protected override void InternalProcessRecord()
        {
            this.configurationSession.SessionSettings.IsSharedConfigChecked = true;
            base.InternalProcessRecord();
            List <string> enabledFeatures             = (base.ServicePlanSettings == null) ? null : base.ServicePlanSettings.GetAggregatedMailboxPlanRoleAssignmentFeatures();
            List <string> enabledFeatures2            = (this.PreviousServicePlanSettings == null) ? null : this.PreviousServicePlanSettings.GetAggregatedMailboxPlanRoleAssignmentFeatures();
            RbacContainer rbacContainer               = this.configurationSession.GetRbacContainer();
            ExchangeBuild currentRBACConfigVersion    = base.GetCurrentRBACConfigVersion(rbacContainer);
            List <RoleToRAPAssignmentDefinition> list = new List <RoleToRAPAssignmentDefinition>();

            foreach (RoleToRAPAssignmentDefinition roleToRAPAssignmentDefinition in this.GetRoleAssignmentDefinitions().Assignments)
            {
                if (roleToRAPAssignmentDefinition.SatisfyCondition(enabledFeatures))
                {
                    switch (base.InvocationMode)
                    {
                    case InvocationMode.Install:
                        list.Add(roleToRAPAssignmentDefinition);
                        break;

                    case InvocationMode.BuildToBuildUpgrade:
                        if (roleToRAPAssignmentDefinition.IntroducedInBuild > currentRBACConfigVersion)
                        {
                            list.Add(roleToRAPAssignmentDefinition);
                        }
                        break;

                    case InvocationMode.ServicePlanUpdate:
                        if (!roleToRAPAssignmentDefinition.SatisfyCondition(enabledFeatures2) || roleToRAPAssignmentDefinition.IntroducedInBuild > currentRBACConfigVersion)
                        {
                            list.Add(roleToRAPAssignmentDefinition);
                        }
                        break;
                    }
                }
            }
            List <ExchangeRole> list2 = new List <ExchangeRole>();
            List <ExchangeRole> list3 = new List <ExchangeRole>();
            List <ExchangeRole> list4 = new List <ExchangeRole>();

            foreach (ExchangeRole exchangeRole in this.configurationSession.FindPaged <ExchangeRole>(this.rolesContainerId, QueryScope.OneLevel, new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.IsEndUserRole, true), null, 0))
            {
                if (exchangeRole.IsEndUserRole)
                {
                    if (this.IsRoleInFilteredList(exchangeRole, list))
                    {
                        if (this.IsAutoGroupRelatedRole(exchangeRole))
                        {
                            list3.Add(exchangeRole);
                        }
                        else
                        {
                            list2.Add(exchangeRole);
                        }
                    }
                    if (this.IsAutoGroupRelatedRole(exchangeRole))
                    {
                        list4.Add(exchangeRole);
                    }
                }
            }
            if (this.Organization == null)
            {
                using (IEnumerator <RoleAssignmentPolicy> enumerator2 = this.FindAllRoleAssignmentPolicies().GetEnumerator())
                {
                    while (enumerator2.MoveNext())
                    {
                        RoleAssignmentPolicy policy = enumerator2.Current;
                        this.CreateRAPRoleAssignments(policy, list2);
                    }
                    goto IL_455;
                }
            }
            if (!base.ServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled)
            {
                foreach (RoleAssignmentPolicy policy2 in this.FindAllRoleAssignmentPolicies())
                {
                    this.CreateRAPRoleAssignments(policy2, list2);
                }
                RoleAssignmentPolicy policy3     = this.FindDefaultRoleAssignmentPolicy();
                bool currentPlanAutoGroupEnabled = false;
                base.ServicePlanSettings.MailboxPlans.ForEach(delegate(ServicePlan.MailboxPlan x)
                {
                    currentPlanAutoGroupEnabled |= x.AutoGroupPermissions;
                });
                bool previousPlanAutoGroupEnabled = false;
                bool flag  = false;
                bool flag2 = false;
                if (this.PreviousServicePlanSettings != null)
                {
                    this.PreviousServicePlanSettings.MailboxPlans.ForEach(delegate(ServicePlan.MailboxPlan x)
                    {
                        previousPlanAutoGroupEnabled |= x.AutoGroupPermissions;
                    });
                    if (previousPlanAutoGroupEnabled && !this.PreviousServicePlanSettings.Organization.ShareableConfigurationEnabled)
                    {
                        flag = true;
                    }
                    else
                    {
                        flag2 = true;
                    }
                }
                else
                {
                    flag2 = true;
                }
                if (currentPlanAutoGroupEnabled && !flag)
                {
                    this.CreateRAPRoleAssignments(policy3, list3);
                }
                else if (!currentPlanAutoGroupEnabled && !flag2)
                {
                    this.RemoveRAPRoleAssignmentsIfNeeded(policy3, list4, null);
                }
            }
            else
            {
                foreach (ServicePlan.MailboxPlan mailboxPlan in base.ServicePlanSettings.MailboxPlans)
                {
                    ADUser aduser = this.FindMailboxPlanByName(mailboxPlan.Name);
                    if (aduser.RoleAssignmentPolicy == null)
                    {
                        base.WriteError(new InvalidOperationException(Strings.ErrorRBACPolicyLinkNotFound(aduser.Name)), ErrorCategory.InvalidArgument, null);
                    }
                    RoleAssignmentPolicy roleAssignmentPolicy = this.configurationSession.Read <RoleAssignmentPolicy>(aduser.RoleAssignmentPolicy);
                    if (roleAssignmentPolicy == null)
                    {
                        base.WriteError(new InvalidOperationException(Strings.ErrorRBACPolicyNotFound(aduser.RoleAssignmentPolicy.ToString())), ErrorCategory.InvalidArgument, null);
                    }
                    ServicePlan.MailboxPlan mailboxPlan2 = null;
                    if (this.PreviousServicePlanSettings != null)
                    {
                        mailboxPlan2 = this.PreviousServicePlanSettings.GetMailboxPlanByName(mailboxPlan.Name);
                    }
                    if (this.PreviousServicePlanSettings == null || mailboxPlan2 == null)
                    {
                        this.CreateRAPRoleAssignments(roleAssignmentPolicy, list2, aduser.MailboxPlanIndex);
                    }
                    bool flag3 = false;
                    bool flag4 = false;
                    if (mailboxPlan2 != null)
                    {
                        if (mailboxPlan2.AutoGroupPermissions)
                        {
                            flag3 = true;
                        }
                        else
                        {
                            flag4 = true;
                        }
                    }
                    else
                    {
                        flag4 = true;
                    }
                    if (mailboxPlan.AutoGroupPermissions && !flag3)
                    {
                        this.CreateRAPRoleAssignments(roleAssignmentPolicy, list3, aduser.MailboxPlanIndex);
                    }
                    else if (!mailboxPlan.AutoGroupPermissions && !flag4)
                    {
                        this.RemoveRAPRoleAssignmentsIfNeeded(roleAssignmentPolicy, list4, aduser.MailboxPlanIndex);
                    }
                }
            }
IL_455:
            this.StampCurrentVersionOnRBACContainer(rbacContainer);
        }