public static PolicyConfiguration FromPolicyStorage(PolicyStorage policyStorage)
{
PolicyConfiguration policyConfiguration = new PolicyConfiguration(policyStorage.OrganizationalUnitRoot.ObjectGuid, policyStorage.Id.ObjectGuid);
UnifiedPolicyStorageFactory.CopyPropertiesFromStorage <PolicyConfiguration>(policyConfiguration, new TenantSettingFacade <PolicyStorage>(policyStorage));
return(policyConfiguration);
}
public static PolicyApplyStatus GetPolicyDistributionStatus(PolicyStorage policyStorage, IList <BindingStorage> bindingStorages, IConfigDataProvider dataSession, out List <PolicyDistributionErrorDetails> distributionErrors, out DateTime?lastStatusUpdateTime)
{
ArgumentValidator.ThrowIfNull("policyStorage", policyStorage);
ArgumentValidator.ThrowIfNull("bindingStorages", bindingStorages);
ArgumentValidator.ThrowIfNull("dataSession", dataSession);
PolicySettingStatusHelpers policySettingStatusHelpers = new PolicySettingStatusHelpers(dataSession, null, null);
return(policySettingStatusHelpers.CalculatePolicyDistributionStatus(policyStorage, bindingStorages, dataSession, out distributionErrors, out lastStatusUpdateTime));
}
public static PolicyStorage ToPolicyStorage(PolicyConfiguration policy)
{
PolicyStorage policyStorage = new PolicyStorage();
policyStorage[ADObjectSchema.OrganizationalUnitRoot] = new ADObjectId(policy.TenantId);
policyStorage.Name = policy.Name;
policyStorage.SetId((ADObjectId)DalHelper.ConvertFromStoreObject(policy.ObjectId, typeof(ADObjectId)));
UnifiedPolicyStorageFactory.CopyPropertiesToStorage <PolicyConfiguration>(new TenantSettingFacade <PolicyStorage>(policyStorage), policy);
return(policyStorage);
}
private PsCompliancePolicyBase CreatePolicyByScenario(PolicyStorage policyStorage)
{
if (policyStorage.Scenario == PolicyScenario.DeviceSettings)
{
return new DevicePolicy(policyStorage);
}
if (policyStorage.Scenario == PolicyScenario.DeviceConditionalAccess)
{
return new DeviceConditionalAccessPolicy(policyStorage);
}
if (policyStorage.Scenario == PolicyScenario.DeviceTenantConditionalAccess)
{
return new DeviceTenantPolicy(policyStorage);
}
return null;
}
internal virtual void PopulateTaskProperties(Task task, IConfigurationSession configurationSession)
{
this.InitializeBindings();
foreach (BindingStorage bindingStorage in this.StorageBindings)
{
switch (bindingStorage.Workload)
{
case Workload.Exchange:
this.ExchangeBinding = Utils.GetScopesFromStorage(bindingStorage);
break;
case Workload.SharePoint:
{
MultiValuedProperty <BindingMetadata> scopesFromStorage = Utils.GetScopesFromStorage(bindingStorage);
MultiValuedProperty <BindingMetadata> multiValuedProperty = new MultiValuedProperty <BindingMetadata>(PsCompliancePolicyBase.GetBindingsBySubWorkload(scopesFromStorage, Workload.SharePoint));
multiValuedProperty.SetIsReadOnly(false, null);
if (multiValuedProperty.Any <BindingMetadata>())
{
this.SharePointBinding = multiValuedProperty;
}
else
{
multiValuedProperty = new MultiValuedProperty <BindingMetadata>(PsCompliancePolicyBase.GetBindingsBySubWorkload(scopesFromStorage, Workload.OneDriveForBusiness));
multiValuedProperty.SetIsReadOnly(false, null);
if (multiValuedProperty.Any <BindingMetadata>())
{
this.OneDriveBinding = scopesFromStorage;
}
}
break;
}
default:
this.ReadOnly = true;
this.ExchangeBinding.Clear();
this.SharePointBinding.Clear();
this.OneDriveBinding.Clear();
break;
}
}
PolicyStorage policyStorage = base.DataObject as PolicyStorage;
ADUser userObjectByExternalDirectoryObjectId = Utils.GetUserObjectByExternalDirectoryObjectId(policyStorage.CreatedBy, configurationSession);
ADUser userObjectByExternalDirectoryObjectId2 = Utils.GetUserObjectByExternalDirectoryObjectId(policyStorage.LastModifiedBy, configurationSession);
this.CreatedBy = ((!Utils.ExecutingUserIsForestWideAdmin(task) && userObjectByExternalDirectoryObjectId != null) ? userObjectByExternalDirectoryObjectId.DisplayName : policyStorage.CreatedBy);
this.LastModifiedBy = ((!Utils.ExecutingUserIsForestWideAdmin(task) && userObjectByExternalDirectoryObjectId2 != null) ? userObjectByExternalDirectoryObjectId2.DisplayName : policyStorage.LastModifiedBy);
}
protected override void InternalValidate()
{
Utils.ThrowIfNotRunInEOP();
Utils.ValidateNotForestWideOrganization(base.CurrentOrganizationId);
base.InternalValidate();
if (this.DataObject.IsModified(ADObjectSchema.Name) && this.DoesComplianceRuleExist())
{
throw new ComplianceRuleAlreadyExistsException((string)this.DataObject[ADObjectSchema.Name]);
}
if (base.Fields.IsModified("Disabled") && this.Disabled)
{
PolicyStorage policyStorage = (PolicyStorage)base.GetDataObject <PolicyStorage>(new PolicyIdParameter(this.DataObject.ParentPolicyId), base.DataSession, null, new LocalizedString?(Strings.ErrorPolicyNotFound(this.DataObject.ParentPolicyId.ToString())), new LocalizedString?(Strings.ErrorPolicyNotUnique(this.DataObject.ParentPolicyId.ToString())), ExchangeErrorCategory.Client);
if (policyStorage.IsEnabled)
{
this.WriteWarning(Strings.WarningDisabledRuleInEnabledPolicy(this.DataObject.Name));
}
}
}
internal virtual void UpdateStorageProperties(Task task, IConfigurationSession configurationSession, bool isNewPolicy)
{
PolicyStorage policyStorage = base.DataObject as PolicyStorage;
Guid universalIdentity = Utils.GetUniversalIdentity(policyStorage);
if (!Utils.ExecutingUserIsForestWideAdmin(task))
{
ADObjectId objectId;
task.TryGetExecutingUserId(out objectId);
ADUser userObjectByObjectId = Utils.GetUserObjectByObjectId(objectId, configurationSession);
if (userObjectByObjectId != null)
{
policyStorage.LastModifiedBy = userObjectByObjectId.ExternalDirectoryObjectId;
if (isNewPolicy)
{
policyStorage.CreatedBy = userObjectByObjectId.ExternalDirectoryObjectId;
}
}
}
this.UpdateWorkloadStorageBinding(universalIdentity, Workload.Exchange, this.ExchangeBinding, new MulipleExBindingObjectDetectedException());
this.UpdateSharepointStorageBinding(universalIdentity, Workload.SharePoint, this.SharePointBinding, new MulipleSpBindingObjectDetectedException());
this.UpdateSharepointStorageBinding(universalIdentity, Workload.OneDriveForBusiness, this.OneDriveBinding, new MulipleSpBindingObjectDetectedException());
}
public PsCompliancePolicyBase(PolicyStorage policyStorage) : base(policyStorage)
{
this.InitializeBindings();
}
public AuditConfigurationPolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}
internal static IList <RuleStorage> LoadRuleStoragesByPolicy(IConfigDataProvider dataSession, PolicyStorage policyStorage, ObjectId rootId)
{
Guid policyId = Utils.GetUniversalIdentity(policyStorage);
return((from RuleStorage x in dataSession.Find <RuleStorage>(new ComparisonFilter(ComparisonOperator.Equal, RuleStorageSchema.ParentPolicyId, policyId), rootId, true, null)
where x.ParentPolicyId.Equals(policyId)
select x).ToList <RuleStorage>());
}
public DevicePolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}
public static void PopulatePolicyDistributionStatus(PsCompliancePolicyBase psPolicy, PolicyStorage policyStorage, IConfigDataProvider dataSession, Task task = null, ExecutionLog logger = null)
{
ArgumentValidator.ThrowIfNull("psPolicy", psPolicy);
ArgumentValidator.ThrowIfNull("policyStorage", policyStorage);
ArgumentValidator.ThrowIfNull("dataSession", dataSession);
PolicySettingStatusHelpers policySettingStatusHelpers = new PolicySettingStatusHelpers(dataSession, task, logger);
List <PolicyDistributionErrorDetails> value;
DateTime?lastStatusUpdateTime;
psPolicy.DistributionStatus = policySettingStatusHelpers.CalculatePolicyDistributionStatus(policyStorage, psPolicy.StorageBindings, dataSession, out value, out lastStatusUpdateTime);
psPolicy.LastStatusUpdateTime = lastStatusUpdateTime;
psPolicy.DistributionResults = new MultiValuedProperty <PolicyDistributionErrorDetails>(value);
}
private PolicyApplyStatus CalculatePolicyDistributionStatus(PolicyStorage policyStorage, IList <BindingStorage> bindingStorages, IConfigDataProvider dataSession, out List <PolicyDistributionErrorDetails> distributionErrors, out DateTime?lastStatusUpdateTime)
{
this.WriteVerbose(Strings.VerboseBeginCalculatePolicyDistributionStatus(policyStorage.Name), true);
distributionErrors = new List <PolicyDistributionErrorDetails>();
lastStatusUpdateTime = null;
bool flag = false;
int warningCount = 0;
flag = this.CalculatePolicyDistributionStatus(new List <UnifiedPolicyStorageBase>(new UnifiedPolicyStorageBase[]
{
policyStorage
}), null, ref distributionErrors, ref lastStatusUpdateTime);
flag = (flag || this.CalculatePolicyDistributionStatus(bindingStorages, null, ref distributionErrors, ref lastStatusUpdateTime));
if (!flag)
{
IList <RuleStorage> storageObjects = Utils.LoadRuleStoragesByPolicy(dataSession, policyStorage, Utils.GetRootId(dataSession));
if (this.CalculatePolicyDistributionStatus(storageObjects, null, ref distributionErrors, ref lastStatusUpdateTime))
{
flag = true;
}
}
distributionErrors.ForEach(delegate(PolicyDistributionErrorDetails errorDetails)
{
BindingStorage bindingStorage2 = bindingStorages.FirstOrDefault((BindingStorage binding) => binding.Workload == errorDetails.Workload);
if (bindingStorage2 == null || !bindingStorage2.AppliedScopes.Any <ScopeStorage>())
{
errorDetails.Severity = PolicyDistributionResultSeverity.Warning;
errorDetails.AppendAdditionalDiagnosticsInfo(errorDetails.ResultMessage);
errorDetails.ResultMessage = Strings.DeploymentFailureWithNoImpact;
warningCount++;
this.WriteVerbose(Strings.VerboseTreatAsWarning(errorDetails.Endpoint, errorDetails.ObjectType.ToString(), errorDetails.Workload.ToString()), false);
}
});
List <PolicyDistributionErrorDetails> collection = new List <PolicyDistributionErrorDetails>();
if (!flag)
{
foreach (BindingStorage bindingStorage in bindingStorages)
{
this.CalculatePolicyDistributionStatus(bindingStorage.AppliedScopes, new Workload?(bindingStorage.Workload), ref collection, ref lastStatusUpdateTime);
}
}
List <PolicyDistributionErrorDetails> list = distributionErrors.FindAll((PolicyDistributionErrorDetails errorDetails) => errorDetails.ResultCode != UnifiedPolicyErrorCode.PolicySyncTimeout);
int timeoutErrorCount = distributionErrors.Count - list.Count;
PolicyApplyStatus policyApplyStatus;
if (flag || (list.Count != distributionErrors.Count && lastStatusUpdateTime != null && lastStatusUpdateTime.Value.Add(PolicySettingStatusHelpers.policySyncTimeoutInterval) > DateTime.UtcNow))
{
policyApplyStatus = PolicyApplyStatus.Pending;
lastStatusUpdateTime = null;
distributionErrors = list;
timeoutErrorCount = 0;
}
else
{
if (warningCount == distributionErrors.Count)
{
distributionErrors.AddRange(collection);
}
policyApplyStatus = ((warningCount < distributionErrors.Count) ? PolicyApplyStatus.Error : PolicyApplyStatus.Success);
}
this.WriteVerbose(Strings.VerboseEndCalculatePolicyDistributionStatus(policyStorage.Name, policyApplyStatus.ToString(), distributionErrors.Count, timeoutErrorCount), true);
return(policyApplyStatus);
}
public DeviceConditionalAccessPolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}
public PsDlpCompliancePolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}
internal static void ThrowIfRulesInPolicyAreTooAdvanced(IEnumerable <RuleStorage> ruleStorages, PolicyStorage policyStorage, Task task, IConfigurationSession datasession)
{
foreach (PsComplianceRuleBase psComplianceRuleBase in from x in ruleStorages
select new PsComplianceRuleBase(x))
{
psComplianceRuleBase.PopulateTaskProperties(task, datasession);
if (psComplianceRuleBase.ReadOnly)
{
throw new RulesInPolicyIsTooAdvancedToModifyException(policyStorage.Name, psComplianceRuleBase.Name);
}
}
}
public DeviceTenantPolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}
public PsHoldCompliancePolicy(PolicyStorage policyStorage) : base(policyStorage)
{
}