public static void RetrieveAuditPolicy(OrganizationId orgId, out AuditPolicyCacheEntry cacheEntry) { bool flag; if (!AuditPolicyCache.Instance.GetAuditPolicy(orgId, out cacheEntry, out flag, null) || flag) { PolicyAuditOperations policyAuditOperations; PolicyLoadStatus loadStatus = AuditPolicyUtility.LoadAuditableOperations(orgId, Workload.Exchange, out policyAuditOperations); AuditPolicyCacheEntry auditPolicyCacheEntry = new AuditPolicyCacheEntry((policyAuditOperations == null) ? MailboxAuditOperations.None : AuditPolicyUtility.ConvertPolicyOperationsToMailboxOperations(policyAuditOperations.AuditOperationsDelegate), loadStatus); AuditPolicyCache.Instance.UpdateAuditPolicy(orgId, ref auditPolicyCacheEntry, null); cacheEntry = auditPolicyCacheEntry; } }
static AuditPolicyUtility() { AuditPolicyUtility.WorkloadToPolicyGuidMap = new Dictionary <Workload, Guid>(); AuditPolicyUtility.WorkloadToPolicyGuidMap.Add(Workload.Exchange, AuditPolicyUtility.ExchangeAuditPolicyGuid); AuditPolicyUtility.WorkloadToPolicyGuidMap.Add(Workload.SharePoint, AuditPolicyUtility.SharepointAuditPolicyGuid); AuditPolicyUtility.WorkloadToPolicyGuidMap.Add(Workload.OneDriveForBusiness, AuditPolicyUtility.OneDriveForBusinessAuditPolicyGuid); AuditPolicyUtility.WorkloadToRuleGuidMap = new Dictionary <Workload, Guid>(); AuditPolicyUtility.WorkloadToRuleGuidMap.Add(Workload.Exchange, AuditPolicyUtility.ExchangeAuditRuleGuid); AuditPolicyUtility.WorkloadToRuleGuidMap.Add(Workload.SharePoint, AuditPolicyUtility.SharepointAuditRuleGuid); AuditPolicyUtility.WorkloadToRuleGuidMap.Add(Workload.OneDriveForBusiness, AuditPolicyUtility.OneDriveForBusinessAuditRuleGuid); AuditPolicyUtility.PolicyGuidSet = new HashSet <string>(StringComparer.OrdinalIgnoreCase); AuditPolicyUtility.PolicyGuidSet.Add(AuditPolicyUtility.ExchangeAuditPolicyGuid.ToString()); AuditPolicyUtility.PolicyGuidSet.Add(AuditPolicyUtility.SharepointAuditPolicyGuid.ToString()); AuditPolicyUtility.PolicyGuidSet.Add(AuditPolicyUtility.OneDriveForBusinessAuditPolicyGuid.ToString()); AuditPolicyUtility.RuleGuidSet = new HashSet <string>(StringComparer.OrdinalIgnoreCase); AuditPolicyUtility.RuleGuidSet.Add(AuditPolicyUtility.ExchangeAuditRuleGuid.ToString()); AuditPolicyUtility.RuleGuidSet.Add(AuditPolicyUtility.SharepointAuditRuleGuid.ToString()); AuditPolicyUtility.RuleGuidSet.Add(AuditPolicyUtility.OneDriveForBusinessAuditRuleGuid.ToString()); AuditPolicyUtility.InitializeAuditOperationConversionMap(); }
public static PolicyLoadStatus LoadAuditableOperations(OrganizationId orgId, Workload workload, out PolicyAuditOperations auditOperations) { if (orgId == null) { auditOperations = null; return(PolicyLoadStatus.Unknown); } Exception ex = null; PolicyLoadStatus loadStatus = PolicyLoadStatus.Unknown; PolicyAuditOperations operations = null; try { GrayException.MapAndReportGrayExceptions(delegate() { AuditPolicyUtility.LoadAuditableOperationsInternal(orgId, workload, out loadStatus, out operations); }); } catch (GrayException ex2) { ex = ex2; } catch (Exception ex3) { ex = ex3; ExWatson.SendReportAndCrashOnAnotherThread(ex3); } if (ex != null) { ExTraceGlobals.SessionTracer.TraceError <Workload, OrganizationId, Exception>(0L, "Error occurred while trying to load audit configuration for workload {0} of organization: '{1}'. Exception details: {2}", workload, orgId, ex); ProcessInfoEventLogger.Log(StorageEventLogConstants.Tuple_ErrorLoadAuditPolicyConfiguration, orgId.ToString(), new object[] { workload, orgId, ex }); } auditOperations = operations; return(loadStatus); }
private static void LoadAuditableOperationsInternal(OrganizationId orgId, Workload workload, out PolicyLoadStatus loadStatus, out PolicyAuditOperations operations) { loadStatus = PolicyLoadStatus.Unknown; operations = null; Guid guid; if (!AuditPolicyUtility.GetRuleGuidFromWorkload(workload, out guid)) { return; } using (PolicyConfigProvider policyConfigProvider = PolicyConfigProviderManager <ExPolicyConfigProviderManager> .Instance.CreateForProcessingEngine(orgId)) { if (policyConfigProvider != null) { PolicyConfigConverterBase converterByType = PolicyConfigConverterTable.GetConverterByType(typeof(PolicyRuleConfig), true); IConfigurable[] array = converterByType.GetFindStorageObjectsDelegate((ExPolicyConfigProvider)policyConfigProvider)(new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Name, guid.ToString()), ((ExPolicyConfigProvider)policyConfigProvider).GetPolicyConfigContainer(null), true, null); if (array != null) { if (!array.Any <IConfigurable>()) { loadStatus = PolicyLoadStatus.NotExist; } else { loadStatus = PolicyLoadStatus.FailedToLoad; AuditConfigurationRule auditConfigurationRule = new AuditConfigurationRule((RuleStorage)array[0]); auditConfigurationRule.PopulateTaskProperties(); loadStatus = PolicyLoadStatus.Loaded; operations = new PolicyAuditOperations { AuditOperationsDelegate = auditConfigurationRule.AuditOperation }; } } } } }
public static bool IsAuditConfigurationRule(string identity) { return(AuditPolicyUtility.RuleGuidSet.Contains(AuditPolicyUtility.ExtractAuditConfigurationObjectName(identity))); }