public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject) { if (adObject == null) { throw new ArgumentNullException("adObject"); } ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString()); if (!Datacenter.IsMultiTenancyEnabled()) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - not datacenter mode.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString()); return(CapabilityEvaluationResult.NotApplicable); } ADRecipient adrecipient = adObject as ADRecipient; ReducedRecipient reducedRecipient = adObject as ReducedRecipient; if (adrecipient == null && reducedRecipient == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ADRecipient or ReducedRecipient.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString()); return(CapabilityEvaluationResult.NotApplicable); } if ((adrecipient == null || !adrecipient.IsDirSyncEnabled) && (reducedRecipient == null || !reducedRecipient.IsDirSyncEnabled)) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient is not Dirsynced.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.No.ToString(), base.Capability.ToString()); return(CapabilityEvaluationResult.No); } OrganizationId organizationId = (adrecipient != null) ? adrecipient.OrganizationId : reducedRecipient.OrganizationId; if (organizationId == null || OrganizationId.ForestWideOrgId.Equals(organizationId)) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient does not belong to tenant scope.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString()); return(CapabilityEvaluationResult.NotApplicable); } ExchangeConfigurationUnit exchangeConfigurationUnit = this.GetExchangeConfigurationUnit(organizationId); if (exchangeConfigurationUnit == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient is not in tenant scope.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString()); return(CapabilityEvaluationResult.NotApplicable); } CapabilityEvaluationResult capabilityEvaluationResult = exchangeConfigurationUnit.IsDirSyncEnabled ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No; ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); }
internal static MultiValuedProperty <Capability> GetCapabilities(ADRawEntry adObject) { MultiValuedProperty <Capability> multiValuedProperty = new MultiValuedProperty <Capability>(); foreach (object obj in Enum.GetValues(typeof(Capability))) { Capability capability = (Capability)obj; if (capability != Capability.None) { CapabilityIdentifierEvaluator capabilityIdentifierEvaluator = CapabilityIdentifierEvaluatorFactory.Create(capability); CapabilityEvaluationResult capabilityEvaluationResult = capabilityIdentifierEvaluator.Evaluate(adObject); if (capabilityEvaluationResult == CapabilityEvaluationResult.Yes) { multiValuedProperty.Add(capability); } } } return(multiValuedProperty); }
public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject) { if (adObject == null) { throw new ArgumentNullException("adObject"); } ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString()); CapabilityEvaluationResult capabilityEvaluationResult = CapabilityEvaluationResult.NotApplicable; ADRecipient adrecipient = adObject as ADRecipient; if (!(adObject is ReducedRecipient) && adrecipient == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ReducedRecipient or ADUser.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); } capabilityEvaluationResult = ((adObject[ReducedRecipientSchema.ResourceType] != null) ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No); ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); }
public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject) { if (adObject == null) { throw new ArgumentNullException("adObject"); } ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString()); CapabilityEvaluationResult capabilityEvaluationResult = CapabilityEvaluationResult.NotApplicable; ADUser aduser = adObject as ADUser; ReducedRecipient reducedRecipient = adObject as ReducedRecipient; if (aduser == null && reducedRecipient == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ADUser/ReducedRecipient.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); } SmtpAddress value = (aduser != null) ? aduser.WindowsLiveID : reducedRecipient.WindowsLiveID; if (value == SmtpAddress.Empty || value.Domain == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient is not Live enabled.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); } OrganizationId organizationId = (aduser != null) ? aduser.OrganizationId : reducedRecipient.OrganizationId; if (organizationId == null || OrganizationId.ForestWideOrgId.Equals(organizationId)) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient does not belong to tenant scope.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); } IConfigurationSession tenantScopedSystemConfigurationSession = base.GetTenantScopedSystemConfigurationSession(organizationId); ExchangeConfigurationUnit exchangeConfigurationUnit = tenantScopedSystemConfigurationSession.Read <ExchangeConfigurationUnit>(organizationId.ConfigurationUnit); if (exchangeConfigurationUnit == null) { ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient does is not in tenant scope.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); } capabilityEvaluationResult = (((exchangeConfigurationUnit.ObjectVersion < 13000) ? exchangeConfigurationUnit.IsFederated : FederatedUserCapabilityIdentifierEvaluator.IsNamespaceFederated(organizationId, value.Domain)) ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No); ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString()); return(capabilityEvaluationResult); }