protected override void CreateOrUpdateRoles(RoleNameMapping mapping, List <RoleDefinition> roleDefinitions, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20009L, "-->CreateOrUpdateRoles: roleDefinitions count = {0}", roleDefinitions.Count); RoleDefinition item = roleDefinitions.First((RoleDefinition x) => x.RoleName.Equals(mapping.OldName)); roleDefinitions.Remove(item); List <ExchangeRole> list = new List <ExchangeRole>(roleDefinitions.Count); foreach (RoleDefinition definition in roleDefinitions) { ExchangeRole exchangeRole = base.CreateOrUpdateRole(null, definition, enabledPermissionFeatures, suffix, mailboxPlanIndex); if (exchangeRole != null) { list.Add(exchangeRole); } } ExchangeRole exchangeRole2 = item.GenerateRole(enabledPermissionFeatures, this.settings.RolesContainerId, suffix, mailboxPlanIndex); string unescapedCommonName = (suffix == null) ? mapping.OldName : (mapping.OldName + suffix); ExchangeRole exchangeRole3 = this.settings.ConfigurationSession.Read <ExchangeRole>(this.settings.RolesContainerId.GetChildId(unescapedCommonName)); if (exchangeRole3 == null) { if (exchangeRole2.RoleEntries.Count > 0) { exchangeRole2.OrganizationId = this.settings.OrganizationId; base.SaveRoleAndSuggestCleanupOnFailure(exchangeRole2); ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRole: New Role created"); } return; } this.settings.LogReadObject(exchangeRole3); this.UpdateCannedRole(exchangeRole3, exchangeRole2, list); ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRoles"); }
private void CreateCustomRole(RoleDefinition customRoleDefinition, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ADObjectId childId = this.rolesContainerId.GetChildId(customRoleDefinition.ParentRoleName + suffix); ExchangeRole exchangeRole = customRoleDefinition.GenerateRole(enabledPermissionFeatures, childId, suffix, mailboxPlanIndex); exchangeRole.OrganizationId = base.CurrentOrganizationId; this.configurationSession.Save(exchangeRole); }
protected void CreateDCSafeRoleIfNeeded(ExchangeRole cannedRole, RoleDefinition roleDefinition) { if (this.settings.Organization != null || !Datacenter.IsMicrosoftHostedOnly(false)) { return; } if (!roleDefinition.ContainsProhibitedActions(InstallCannedRbacRoles.DCProhibitedActions)) { return; } ExchangeRole exchangeRole = roleDefinition.GenerateRole(null, cannedRole.Id, null, null); exchangeRole.Name = RoleDefinition.GetDCSafeNameForRole(cannedRole.Name); exchangeRole.RoleEntries = new MultiValuedProperty <RoleEntry>(roleDefinition.GetRoleEntriesFilteringProhibitedActions(null, InstallCannedRbacRoles.DCProhibitedActions)); exchangeRole.OrganizationId = this.settings.OrganizationId; if (exchangeRole.RoleEntries.Count != 0) { this.SaveRoleAndWarnOnFailure(exchangeRole); } }
protected ExchangeRole CreateOrUpdateRole(RoleNameMapping mapping, RoleDefinition definition, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ExTraceGlobals.AccessCheckTracer.TraceFunction(20005L, "-->CreateOrUpdateRole: RoleDefinition = {0}, enabledPermissionFeatures is Null = {1}, suffix = {2}, mailboxPlanIndex = {3}", new object[] { definition.RoleName, enabledPermissionFeatures == null, string.IsNullOrEmpty(suffix) ? string.Empty : suffix, string.IsNullOrEmpty(mailboxPlanIndex) ? string.Empty : mailboxPlanIndex }); this.RenameExistingRole(mapping, suffix); ExchangeRole exchangeRole = definition.GenerateRole(enabledPermissionFeatures, this.settings.RolesContainerId, suffix, mailboxPlanIndex); if (exchangeRole.RoleEntries.Count > 0) { ExchangeRole exchangeRole2 = this.settings.ConfigurationSession.Read <ExchangeRole>(exchangeRole.Id); if (exchangeRole2 != null) { this.settings.LogReadObject(exchangeRole2); this.UpdateCannedRole(exchangeRole2, exchangeRole, definition); exchangeRole = exchangeRole2; ExTraceGlobals.AccessCheckTracer.TraceFunction(20005L, "<--CreateOrUpdateRole: Role Updated"); } else { exchangeRole.OrganizationId = this.settings.OrganizationId; this.SaveRoleAndSuggestCleanupOnFailure(exchangeRole); ExTraceGlobals.AccessCheckTracer.TraceFunction(20005L, "<--CreateOrUpdateRole: New Role created"); this.CreateDCSafeRoleIfNeeded(exchangeRole, definition); } } else { ExTraceGlobals.AccessCheckTracer.TraceFunction(20005L, "<--CreateOrUpdateRole: No Role created"); this.settings.RemoveRoleAndAssignments(exchangeRole.Id); exchangeRole = null; } return(exchangeRole); }