// Token: 0x06000E49 RID: 3657 RVA: 0x0002A714 File Offset: 0x00028914
internal override IEnumerable <T> GetObjects <T>(ADObjectId rootId, IDirectorySession session, IDirectorySession subTreeSession, OptionalIdentityData optionalData, out LocalizedString?notFoundReason)
{
if (typeof(T) != typeof(ExchangeRoleEntryPresentation) && typeof(T) != typeof(ExchangeRole))
{
throw new ArgumentException(Strings.ErrorInvalidType(typeof(T).Name), "type");
}
notFoundReason = null;
if (typeof(T) == typeof(ExchangeRole))
{
return(this.RoleId.GetObjects <T>(rootId, session, subTreeSession, optionalData, out notFoundReason));
}
List <ExchangeRoleEntryPresentation> list = new List <ExchangeRoleEntryPresentation>();
this.additionalFilter = this.CreateCmdletAndParametersFilter();
IEnumerable <ExchangeRole> objects = this.roleId.GetObjects <ExchangeRole>(rootId, session, subTreeSession, optionalData, out notFoundReason);
foreach (ExchangeRole exchangeRole in objects)
{
foreach (RoleEntry roleEntry in exchangeRole.RoleEntries)
{
if (RBACHelper.DoesRoleEntryMatchNameAndParameters(roleEntry, this.Type, this.CmdletOrScriptName, this.Parameters, this.PSSnapinName))
{
IEnumerator <ExchangeRole> enumerator;
list.Add(new ExchangeRoleEntryPresentation(enumerator.Current, roleEntry));
}
}
}
return((IEnumerable <T>)list);
}
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject)
{
if (dataObject == null)
{
return(null);
}
ADUser user = (ADUser)dataObject;
SharedConfiguration sharedConfig = null;
if (SharedConfiguration.IsDehydratedConfiguration(user.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(user.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported)
{
sharedConfig = base.ProvisioningCache.TryAddAndGetOrganizationData <SharedConfiguration>(CannedProvisioningCacheKeys.MailboxSharedConfigCacheKey, user.OrganizationId, () => SharedConfiguration.GetSharedConfiguration(user.OrganizationId));
}
if (null != user.MasterAccountSid)
{
user.LinkedMasterAccount = SecurityPrincipalIdParameter.GetFriendlyUserName(user.MasterAccountSid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose));
user.ResetChangeTracking();
}
Mailbox mailbox = new Mailbox(user);
mailbox.propertyBag.SetField(MailboxSchema.Database, ADObjectIdResolutionHelper.ResolveDN(mailbox.Database));
if (sharedConfig != null)
{
mailbox.SharedConfiguration = sharedConfig.SharedConfigId.ConfigurationUnit;
if (mailbox.RoleAssignmentPolicy == null)
{
mailbox.RoleAssignmentPolicy = base.ProvisioningCache.TryAddAndGetOrganizationData <ADObjectId>(CannedProvisioningCacheKeys.MailboxRoleAssignmentPolicyCacheKey, user.OrganizationId, () => sharedConfig.GetSharedRoleAssignmentPolicy());
}
}
else if (mailbox.RoleAssignmentPolicy == null && !mailbox.ExchangeVersion.IsOlderThan(MailboxSchema.RoleAssignmentPolicy.VersionAdded))
{
ADObjectId defaultRoleAssignmentPolicy = RBACHelper.GetDefaultRoleAssignmentPolicy(user.OrganizationId);
if (defaultRoleAssignmentPolicy != null)
{
mailbox.RoleAssignmentPolicy = defaultRoleAssignmentPolicy;
}
}
if (mailbox.SharingPolicy == null && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.SharingPolicy))
{
mailbox.SharingPolicy = base.GetDefaultSharingPolicyId(user, sharedConfig);
}
if (mailbox.RetentionPolicy == null && mailbox.ShouldUseDefaultRetentionPolicy && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.RetentionPolicy))
{
mailbox.RetentionPolicy = base.GetDefaultRetentionPolicyId(user, sharedConfig);
}
if (mailbox.Database != null && mailbox.UseDatabaseRetentionDefaults)
{
this.SetDefaultRetentionValues(mailbox);
}
mailbox.AdminDisplayVersion = Microsoft.Exchange.Data.Directory.SystemConfiguration.Server.GetServerVersion(mailbox.ServerName);
return(mailbox);
}
// Token: 0x06000E4A RID: 3658 RVA: 0x0002A87C File Offset: 0x00028A7C
private QueryFilter CreateCmdletAndParametersFilter()
{
List <QueryFilter> list = new List <QueryFilter>();
if ((this.Type & ManagementRoleEntryType.Cmdlet) != (ManagementRoleEntryType)0)
{
list.Add(RBACHelper.ConstructRoleEntryFilter(this.CmdletOrScriptName, ManagementRoleEntryType.Cmdlet, this.PSSnapinName));
}
if ((this.Type & ManagementRoleEntryType.Script) != (ManagementRoleEntryType)0)
{
list.Add(new AndFilter(new QueryFilter[]
{
RBACHelper.ScriptEnabledRoleEntryTypeFilter,
RBACHelper.ConstructRoleEntryFilter(this.CmdletOrScriptName, ManagementRoleEntryType.Script)
}));
}
if ((this.Type & ManagementRoleEntryType.ApplicationPermission) != (ManagementRoleEntryType)0)
{
list.Add(new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.RoleType, RoleType.ApplicationImpersonation),
RBACHelper.ConstructRoleEntryFilter(this.cmdletOrScriptName, ManagementRoleEntryType.ApplicationPermission)
}));
}
List <QueryFilter> list2 = new List <QueryFilter>();
if (1 < list.Count)
{
list2.Add(new OrFilter(list.ToArray()));
}
else if (1 == list.Count)
{
list2.Add(list[0]);
}
if (this.Parameters != null)
{
list2.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.Parameters));
}
if (1 < list2.Count)
{
return(new AndFilter(list2.ToArray()));
}
if (1 == list2.Count)
{
return(list2[0]);
}
return(null);
}
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
ClaimsIdentity outgoingIdentity = new ClaimsIdentity();
outgoingIdentity.AddClaims(principal.Claims);
List <Role> roles = (List <Role>)HttpContext.Current.Session["User_Roles_" + principal.Identity.Name];
RBACHelper rbacHelper = new RBACHelper();
Permission[] permissions = rbacHelper.GetUserPermissions(Factory.Session(Factory.User(principal.Identity.Name), roles.ToArray()));
outgoingIdentity.AddClaim(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/permissions", Serialize(permissions)));
return(outgoingIdentity);
}
protected void UserloginWizard_ActiveStepChanged(object sender, EventArgs e)
{
Wizard wizard = (Wizard)sender;
if (wizard != null && wizard.ActiveStepIndex == 1)
{
RBACHelper helper = new RBACHelper();
List <RBAC.Core.Entities.Role> roles = helper.GetUserRolesHierarchy(Factory.User(STSLogin.UserName).Id);
CheckBoxList rolesList = (CheckBoxList)wizard.ActiveStep.FindControl("RolesList");
foreach (RBAC.Core.Entities.Role role in roles)
{
rolesList.Items.Add(new ListItem(role.Name));
}
}
}
protected override void InternalBeginProcessing()
{
TaskLogger.LogEnter();
base.InternalBeginProcessing();
List <QueryFilter> list = new List <QueryFilter>();
if (base.Fields.IsModified("RoleType"))
{
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.RoleType, this.RoleType));
}
if (base.Fields.IsModified("Cmdlet"))
{
list.Add(RBACHelper.ConstructRoleEntryFilter(this.Cmdlet, ManagementRoleEntryType.Cmdlet));
}
if (base.Fields.IsModified("Script"))
{
list.Add(RBACHelper.ConstructRoleEntryFilter(this.Script, ManagementRoleEntryType.Script));
}
if (this.CmdletParameters != null)
{
list.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.CmdletParameters));
}
if (this.ScriptParameters != null)
{
list.Add(RBACHelper.ConstructRoleEntryParameterFilter(this.ScriptParameters));
}
if (this.ScriptParameters != null || base.Fields.IsModified("Script"))
{
list.Add(RBACHelper.ScriptEnabledRoleEntryTypeFilter);
}
if (1 < list.Count)
{
this.internalFilter = new AndFilter(list.ToArray());
}
else if (1 == list.Count)
{
this.internalFilter = list[0];
}
else
{
this.internalFilter = null;
}
TaskLogger.LogExit();
}
internal static bool ValidateAndSetFilterOnDataObject(this SetTaskBase <ManagementScope> task, string filterPropertyName, ManagementScope dataObject, Task.TaskErrorLoggingDelegate writeError)
{
string text = (string)task.Fields[filterPropertyName];
LocalizedString?localizedString = null;
switch (dataObject.ScopeRestrictionType)
{
case ScopeRestrictionType.RecipientScope:
if (!filterPropertyName.Equals("RecipientRestrictionFilter"))
{
localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.RecipientScope.ToString(), "RecipientRestrictionFilter"));
}
break;
case ScopeRestrictionType.ServerScope:
if (!filterPropertyName.Equals("ServerRestrictionFilter"))
{
localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.ServerScope.ToString(), "ServerRestrictionFilter"));
}
break;
case ScopeRestrictionType.PartnerDelegatedTenantScope:
if (!filterPropertyName.Equals("PartnerDelegatedTenantRestrictionFilter"))
{
localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.PartnerDelegatedTenantScope.ToString(), "PartnerDelegatedTenantRestrictionFilter"));
}
break;
case ScopeRestrictionType.DatabaseScope:
if (!filterPropertyName.Equals("DatabaseRestrictionFilter"))
{
localizedString = new LocalizedString?(Strings.InvalidParameterForFilter(filterPropertyName, ScopeRestrictionType.DatabaseScope.ToString(), "DatabaseRestrictionFilter"));
}
break;
}
if (localizedString != null)
{
writeError(new ArgumentException(localizedString.Value, filterPropertyName), ErrorCategory.InvalidArgument, null);
}
if (!string.IsNullOrEmpty(text))
{
QueryFilter queryFilter;
string m;
if (!RBACHelper.TryConvertPowershellFilterIntoQueryFilter(text, dataObject.ScopeRestrictionType, task, out queryFilter, out m))
{
switch (dataObject.ScopeRestrictionType)
{
case ScopeRestrictionType.RecipientScope:
localizedString = new LocalizedString?(Strings.RecipientFilterMustBeValid(m));
break;
case ScopeRestrictionType.ServerScope:
localizedString = new LocalizedString?(Strings.ServerFilterMustBeValid(m));
break;
case ScopeRestrictionType.PartnerDelegatedTenantScope:
localizedString = new LocalizedString?(Strings.PartnerFilterMustBeValid(m));
break;
case ScopeRestrictionType.DatabaseScope:
localizedString = new LocalizedString?(Strings.DatabaseFilterMustBeValid(m));
break;
default:
localizedString = new LocalizedString?(Strings.ErrorUnsupportedConfigScopeType(dataObject.Id.ToString(), dataObject.ScopeRestrictionType.ToString()));
break;
}
writeError(new ArgumentException(localizedString.Value, filterPropertyName), ErrorCategory.InvalidArgument, null);
}
dataObject.Filter = queryFilter.GenerateInfixString(FilterLanguage.Monad);
return(true);
}
dataObject.Filter = null;
return(false);
}
