private void RetrieveAllScopes(ScopeRestrictionType scopeType, ADRawEntry givenObject, out Dictionary <ADObjectId, ADScope> customScopes, out Dictionary <ADObjectId, ADScope> exclusiveScopes)
{
customScopes = new Dictionary <ADObjectId, ADScope>();
exclusiveScopes = new Dictionary <ADObjectId, ADScope>();
ScopeType scopeType2 = ScopeType.ExclusiveConfigScope;
ScopeType scopeType3 = ScopeType.CustomConfigScope;
if (scopeType == ScopeRestrictionType.RecipientScope)
{
scopeType2 = ScopeType.ExclusiveRecipientScope;
scopeType3 = ScopeType.CustomRecipientScope;
}
ADPagedReader <ManagementScope> allScopes = this.configSession.GetAllScopes(this.orgId, scopeType);
foreach (ManagementScope managementScope in allScopes)
{
if (managementScope.ScopeRestrictionType == scopeType)
{
ExchangeRunspaceConfiguration.TryStampQueryFilterOnManagementScope(managementScope);
if (managementScope.Exclusive)
{
RbacScope rbacScope = new RbacScope(scopeType2, managementScope);
rbacScope.PopulateRootAndFilter(this.orgId, givenObject);
exclusiveScopes.Add(managementScope.OriginalId, rbacScope);
}
RbacScope rbacScope2 = new RbacScope(scopeType3, managementScope);
rbacScope2.PopulateRootAndFilter(this.orgId, givenObject);
customScopes.Add(managementScope.OriginalId, rbacScope2);
}
}
}
internal static SetterDelegate FilterSetterDelegate(ScopeRestrictionType filterType)
{
return(delegate(object value, IPropertyBag bag)
{
ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)bag[ManagementScopeSchema.ScopeRestrictionType];
if (scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete)
{
scopeRestrictionType = ScopeRestrictionType.RecipientScope;
}
if (scopeRestrictionType != filterType)
{
throw new ArgumentException();
}
bag[ManagementScopeSchema.Filter] = (string)value;
});
}
internal static GetterDelegate FilterGetterDelegate(ScopeRestrictionType filterType)
{
return(delegate(IPropertyBag bag)
{
ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)bag[ManagementScopeSchema.ScopeRestrictionType];
if (scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete)
{
scopeRestrictionType = ScopeRestrictionType.RecipientScope;
}
if (scopeRestrictionType != filterType)
{
return string.Empty;
}
return (string)bag[ManagementScopeSchema.Filter];
});
}
internal static bool TryConvertPowershellFilterIntoQueryFilter(string filter, ScopeRestrictionType scopeRestrictionType, Task task, out QueryFilter queryFilter, out string errorString)
{
queryFilter = null;
errorString = null;
ObjectSchema schema;
switch (scopeRestrictionType)
{
case ScopeRestrictionType.RecipientScope:
schema = RBACHelper.aDRecipientObjectsSchema;
break;
case ScopeRestrictionType.ServerScope:
schema = RBACHelper.serverSchema;
break;
case ScopeRestrictionType.PartnerDelegatedTenantScope:
schema = RBACHelper.tenantOrganizationPresentationObjectSchema;
break;
case ScopeRestrictionType.DatabaseScope:
schema = RBACHelper.databaseSchema;
break;
default:
throw new ArgumentException("scopeRestrictionType");
}
Exception ex = null;
try
{
MonadFilter monadFilter = new MonadFilter(filter, task, schema);
queryFilter = monadFilter.InnerFilter;
return(true);
}
catch (InvalidCastException ex2)
{
ex = ex2;
}
catch (ParsingException ex3)
{
ex = ex3;
}
errorString = ex.Message;
return(false);
}
public ADPagedReader <ManagementScope> GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType)
{
ADObjectId rootId = (OrganizationId.ForestWideOrgId.Equals(organizationId) || organizationId == null) ? this.GetOrgContainerId() : organizationId.ConfigurationUnit;
return(this.FindPaged <ManagementScope>(rootId, QueryScope.SubTree, new ComparisonFilter(ComparisonOperator.Equal, ManagementScopeSchema.ScopeRestrictionType, restrictionType), null, 0));
}
internal static object ScopeRestrictionTypeGetter(IPropertyBag propertyBag)
{
ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)((int)propertyBag[ManagementScopeSchema.ScopeRestrictionFlags] & 255);
return((scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete) ? ScopeRestrictionType.RecipientScope : scopeRestrictionType);
}
ADPagedReader <ManagementScope> IConfigurationSession.GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType)
{
FfoDirectorySession.LogNotSupportedInFFO(null);
ComparisonFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.OrganizationalUnitRoot, organizationId.OrganizationalUnit);
return(new FfoPagedReader <ManagementScope>(this, filter, null));
}
ADPagedReader <ManagementScope> IConfigurationSession.GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType)
{
return(base.InvokeWithAPILogging <ADPagedReader <ManagementScope> >(() => this.GetSession().GetAllScopes(organizationId, restrictionType), "GetAllScopes"));
}
private List <ExchangeRoleAssignment> FindRoleAssignmentsWithWritableConfigObject(ScopeRestrictionType restrictionType, ADConfigurationObject writableObject, IEnumerable <ExchangeRoleAssignment> roleAssignments)
{
Dictionary <ADObjectId, ADScope> customConfigScopes;
Dictionary <ADObjectId, ADScope> dictionary;
this.RetrieveAllScopes(restrictionType, writableObject, out customConfigScopes, out dictionary);
if (dictionary.Count > 0 && ManagementReporting.VerifyIsWithinScopes(writableObject, new List <ADScope>(dictionary.Values), new List <ADScope>(dictionary.Values), new RbacScope(ScopeType.Organization)))
{
return(this.GetEffectiveRoleAssignmentsForConfigObject(writableObject, roleAssignments, customConfigScopes, dictionary, true));
}
return(this.GetEffectiveRoleAssignmentsForConfigObject(writableObject, roleAssignments, customConfigScopes, dictionary, false));
}
