// Token: 0x06000E49 RID: 3657 RVA: 0x0002A714 File Offset: 0x00028914 internal override IEnumerable <T> GetObjects <T>(ADObjectId rootId, IDirectorySession session, IDirectorySession subTreeSession, OptionalIdentityData optionalData, out LocalizedString?notFoundReason) { if (typeof(T) != typeof(ExchangeRoleEntryPresentation) && typeof(T) != typeof(ExchangeRole)) { throw new ArgumentException(Strings.ErrorInvalidType(typeof(T).Name), "type"); } notFoundReason = null; if (typeof(T) == typeof(ExchangeRole)) { return(this.RoleId.GetObjects <T>(rootId, session, subTreeSession, optionalData, out notFoundReason)); } List <ExchangeRoleEntryPresentation> list = new List <ExchangeRoleEntryPresentation>(); this.additionalFilter = this.CreateCmdletAndParametersFilter(); IEnumerable <ExchangeRole> objects = this.roleId.GetObjects <ExchangeRole>(rootId, session, subTreeSession, optionalData, out notFoundReason); foreach (ExchangeRole exchangeRole in objects) { foreach (RoleEntry roleEntry in exchangeRole.RoleEntries) { if (RBACHelper.DoesRoleEntryMatchNameAndParameters(roleEntry, this.Type, this.CmdletOrScriptName, this.Parameters, this.PSSnapinName)) { IEnumerator <ExchangeRole> enumerator; list.Add(new ExchangeRoleEntryPresentation(enumerator.Current, roleEntry)); } } } return((IEnumerable <T>)list); }
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject) { if (dataObject == null) { return(null); } ADUser user = (ADUser)dataObject; SharedConfiguration sharedConfig = null; if (SharedConfiguration.IsDehydratedConfiguration(user.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(user.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported) { sharedConfig = base.ProvisioningCache.TryAddAndGetOrganizationData <SharedConfiguration>(CannedProvisioningCacheKeys.MailboxSharedConfigCacheKey, user.OrganizationId, () => SharedConfiguration.GetSharedConfiguration(user.OrganizationId)); } if (null != user.MasterAccountSid) { user.LinkedMasterAccount = SecurityPrincipalIdParameter.GetFriendlyUserName(user.MasterAccountSid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); user.ResetChangeTracking(); } Mailbox mailbox = new Mailbox(user); mailbox.propertyBag.SetField(MailboxSchema.Database, ADObjectIdResolutionHelper.ResolveDN(mailbox.Database)); if (sharedConfig != null) { mailbox.SharedConfiguration = sharedConfig.SharedConfigId.ConfigurationUnit; if (mailbox.RoleAssignmentPolicy == null) { mailbox.RoleAssignmentPolicy = base.ProvisioningCache.TryAddAndGetOrganizationData <ADObjectId>(CannedProvisioningCacheKeys.MailboxRoleAssignmentPolicyCacheKey, user.OrganizationId, () => sharedConfig.GetSharedRoleAssignmentPolicy()); } } else if (mailbox.RoleAssignmentPolicy == null && !mailbox.ExchangeVersion.IsOlderThan(MailboxSchema.RoleAssignmentPolicy.VersionAdded)) { ADObjectId defaultRoleAssignmentPolicy = RBACHelper.GetDefaultRoleAssignmentPolicy(user.OrganizationId); if (defaultRoleAssignmentPolicy != null) { mailbox.RoleAssignmentPolicy = defaultRoleAssignmentPolicy; } } if (mailbox.SharingPolicy == null && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.SharingPolicy)) { mailbox.SharingPolicy = base.GetDefaultSharingPolicyId(user, sharedConfig); } if (mailbox.RetentionPolicy == null && mailbox.ShouldUseDefaultRetentionPolicy && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.RetentionPolicy)) { mailbox.RetentionPolicy = base.GetDefaultRetentionPolicyId(user, sharedConfig); } if (mailbox.Database != null && mailbox.UseDatabaseRetentionDefaults) { this.SetDefaultRetentionValues(mailbox); } mailbox.AdminDisplayVersion = Microsoft.Exchange.Data.Directory.SystemConfiguration.Server.GetServerVersion(mailbox.ServerName); return(mailbox); }
// Token: 0x06000E4A RID: 3658 RVA: 0x0002A87C File Offset: 0x00028A7C private QueryFilter CreateCmdletAndParametersFilter() { List <QueryFilter> list = new List <QueryFilter>(); if ((this.Type & ManagementRoleEntryType.Cmdlet) != (ManagementRoleEntryType)0) { list.Add(RBACHelper.ConstructRoleEntryFilter(this.CmdletOrScriptName, ManagementRoleEntryType.Cmdlet, this.PSSnapinName)); } if ((this.Type & ManagementRoleEntryType.Script) != (ManagementRoleEntryType)0) { list.Add(new AndFilter(new QueryFilter[] { RBACHelper.ScriptEnabledRoleEntryTypeFilter, RBACHelper.ConstructRoleEntryFilter(this.CmdletOrScriptName, ManagementRoleEntryType.Script) })); } if ((this.Type & ManagementRoleEntryType.ApplicationPermission) != (ManagementRoleEntryType)0) { list.Add(new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.RoleType, RoleType.ApplicationImpersonation), RBACHelper.ConstructRoleEntryFilter(this.cmdletOrScriptName, ManagementRoleEntryType.ApplicationPermission) })); } List <QueryFilter> list2 = new List <QueryFilter>(); if (1 < list.Count) { list2.Add(new OrFilter(list.ToArray())); } else if (1 == list.Count) { list2.Add(list[0]); } if (this.Parameters != null) { list2.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.Parameters)); } if (1 < list2.Count) { return(new AndFilter(list2.ToArray())); } if (1 == list2.Count) { return(list2[0]); } return(null); }
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope) { ClaimsIdentity outgoingIdentity = new ClaimsIdentity(); outgoingIdentity.AddClaims(principal.Claims); List <Role> roles = (List <Role>)HttpContext.Current.Session["User_Roles_" + principal.Identity.Name]; RBACHelper rbacHelper = new RBACHelper(); Permission[] permissions = rbacHelper.GetUserPermissions(Factory.Session(Factory.User(principal.Identity.Name), roles.ToArray())); outgoingIdentity.AddClaim(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/permissions", Serialize(permissions))); return(outgoingIdentity); }
protected void UserloginWizard_ActiveStepChanged(object sender, EventArgs e) { Wizard wizard = (Wizard)sender; if (wizard != null && wizard.ActiveStepIndex == 1) { RBACHelper helper = new RBACHelper(); List <RBAC.Core.Entities.Role> roles = helper.GetUserRolesHierarchy(Factory.User(STSLogin.UserName).Id); CheckBoxList rolesList = (CheckBoxList)wizard.ActiveStep.FindControl("RolesList"); foreach (RBAC.Core.Entities.Role role in roles) { rolesList.Items.Add(new ListItem(role.Name)); } } }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); base.InternalBeginProcessing(); List <QueryFilter> list = new List <QueryFilter>(); if (base.Fields.IsModified("RoleType")) { list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.RoleType, this.RoleType)); } if (base.Fields.IsModified("Cmdlet")) { list.Add(RBACHelper.ConstructRoleEntryFilter(this.Cmdlet, ManagementRoleEntryType.Cmdlet)); } if (base.Fields.IsModified("Script")) { list.Add(RBACHelper.ConstructRoleEntryFilter(this.Script, ManagementRoleEntryType.Script)); } if (this.CmdletParameters != null) { list.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.CmdletParameters)); } if (this.ScriptParameters != null) { list.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.ScriptParameters)); } if (this.ScriptParameters != null || base.Fields.IsModified("Script")) { list.Add(RBACHelper.ScriptEnabledRoleEntryTypeFilter); } if (1 < list.Count) { this.internalFilter = new AndFilter(list.ToArray()); } else if (1 == list.Count) { this.internalFilter = list[0]; } else { this.internalFilter = null; } TaskLogger.LogExit(); }
internal static bool ValidateAndSetFilterOnDataObject(this SetTaskBase <ManagementScope> task, string filterPropertyName, ManagementScope dataObject, Task.TaskErrorLoggingDelegate writeError) { string text = (string)task.Fields[filterPropertyName]; LocalizedString?localizedString = null; switch (dataObject.ScopeRestrictionType) { case ScopeRestrictionType.RecipientScope: if (!filterPropertyName.Equals("RecipientRestrictionFilter")) { localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.RecipientScope.ToString(), "RecipientRestrictionFilter")); } break; case ScopeRestrictionType.ServerScope: if (!filterPropertyName.Equals("ServerRestrictionFilter")) { localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.ServerScope.ToString(), "ServerRestrictionFilter")); } break; case ScopeRestrictionType.PartnerDelegatedTenantScope: if (!filterPropertyName.Equals("PartnerDelegatedTenantRestrictionFilter")) { localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.PartnerDelegatedTenantScope.ToString(), "PartnerDelegatedTenantRestrictionFilter")); } break; case ScopeRestrictionType.DatabaseScope: if (!filterPropertyName.Equals("DatabaseRestrictionFilter")) { localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.DatabaseScope.ToString(), "DatabaseRestrictionFilter")); } break; } if (localizedString != null) { writeError(new ArgumentException(localizedString.Value, filterPropertyName), ErrorCategory.InvalidArgument, null); } if (!string.IsNullOrEmpty(text)) { QueryFilter queryFilter; string m; if (!RBACHelper.TryConvertPowershellFilterIntoQueryFilter(text, dataObject.ScopeRestrictionType, task, out queryFilter, out m)) { switch (dataObject.ScopeRestrictionType) { case ScopeRestrictionType.RecipientScope: localizedString = new LocalizedString?(Strings.RecipientFilterMustBeValid(m)); break; case ScopeRestrictionType.ServerScope: localizedString = new LocalizedString?(Strings.ServerFilterMustBeValid(m)); break; case ScopeRestrictionType.PartnerDelegatedTenantScope: localizedString = new LocalizedString?(Strings.PartnerFilterMustBeValid(m)); break; case ScopeRestrictionType.DatabaseScope: localizedString = new LocalizedString?(Strings.DatabaseFilterMustBeValid(m)); break; default: localizedString = new LocalizedString?(Strings.ErrorUnsupportedConfigScopeType(dataObject.Id.ToString(), dataObject.ScopeRestrictionType.ToString())); break; } writeError(new ArgumentException(localizedString.Value, filterPropertyName), ErrorCategory.InvalidArgument, null); } dataObject.Filter = queryFilter.GenerateInfixString(FilterLanguage.Monad); return(true); } dataObject.Filter = null; return(false); }