protected override void InternalValidate() { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); IConfigurationSession configurationSession = (IConfigurationSession)base.DataSession; configurationSession.SessionSettings.IsSharedConfigChecked = true; if (base.OptionalIdentityData != null) { base.OptionalIdentityData.ConfigurationContainerRdn = MessageClassificationIdParameter.DefaultsRoot; } base.InternalValidate(); if (base.HasErrors) { return; } if (Server.IsSubscribedGateway(base.GlobalConfigSession)) { base.WriteError(new CannotRunOnSubscribedEdgeException(), ErrorCategory.InvalidOperation, null); } if (!this.DataObject.IsDefault) { this.RejectNonDefault(ADObjectSchema.Name); this.RejectNonDefault(ClassificationSchema.ClassificationID); this.RejectNonDefault(ClassificationSchema.DisplayPrecedence); this.RejectNonDefault(ClassificationSchema.PermissionMenuVisible); this.RejectNonDefault(ClassificationSchema.RetainClassificationEnabled); } }
protected override void InternalValidate() { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); base.InternalValidate(); this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = this.ConfigurationSession.GetFederatedOrganizationId(base.DataObject.OrganizationId); if (base.DataObject.Id.Equals(federatedOrganizationId.DefaultSharingPolicyLink)) { base.WriteError(new CannotRemoveDefaultSharingPolicy(), ErrorCategory.InvalidOperation, this.Identity); } IRecipientSession tenantOrRootOrgRecipientSession; if (this.ConfigurationSession.ConfigScope == ConfigScopes.TenantSubTree) { tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.ConfigurationSession.DomainController, null, this.ConfigurationSession.Lcid, true, ConsistencyMode.PartiallyConsistent, this.ConfigurationSession.NetworkCredential, this.ConfigurationSession.SessionSettings, this.ConfigurationSession.ConfigScope, 68, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\RemoveSharingPolicy.cs"); } else { tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.ConfigurationSession.DomainController, null, this.ConfigurationSession.Lcid, true, ConsistencyMode.PartiallyConsistent, this.ConfigurationSession.NetworkCredential, this.ConfigurationSession.SessionSettings, 80, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\RemoveSharingPolicy.cs"); } QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, IADMailStorageSchema.SharingPolicy, base.DataObject.Id); ADRecipient[] array = tenantOrRootOrgRecipientSession.Find(null, QueryScope.SubTree, filter, null, 1); if (array.Length > 0) { base.WriteError(new CannotRemoveSharingPolicyWithUsersAssignedException(), ErrorCategory.InvalidOperation, this.Identity); } }
protected override void InternalValidate() { TaskLogger.LogEnter(); if ((this.ServerList != null || this.ServerRestrictionFilter != null || this.PartnerDelegatedTenantRestrictionFilter != null || this.DatabaseList != null || this.DatabaseRestrictionFilter != null) && base.CurrentOrganizationId != OrganizationId.ForestWideOrgId && base.CurrentOrganizationId.ConfigurationUnit != base.RootOrgContainerId) { base.WriteError(new ArgumentException(Strings.ServerDatabaseAndPartnerScopesAreOnlyAllowedInTopOrg(base.CurrentOrganizationId.ToString())), ErrorCategory.InvalidArgument, null); } base.InternalValidate(); if (base.HasErrors) { return; } IConfigurationSession configurationSession = (IConfigurationSession)base.DataSession; ManagementScope[] array = configurationSession.FindSimilarManagementScope(this.DataObject); if (array.Length > 0) { base.WriteError(new ArgumentException(Strings.SimilarScopeFound(array[0].Name)), ErrorCategory.InvalidArgument, null); } if (ScopeRestrictionType.DatabaseScope == this.DataObject.ScopeRestrictionType) { this.WriteWarning(Strings.WarningDatabaseScopeCreationApplicableOnlyInSP); } SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); TaskLogger.LogExit(); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); AvailabilityConfig availabilityConfig = (AvailabilityConfig)base.DataSession.Read <AvailabilityConfig>(this.DataObject.Id); if (availabilityConfig == null) { base.InternalProcessRecord(); if (base.HasErrors) { return; } availabilityConfig = (AvailabilityConfig)base.DataSession.Read <AvailabilityConfig>(this.DataObject.Id); if (availabilityConfig == null) { base.WriteError(new AvailabilityConfigReadException(this.DataObject.Id.ToDNString()), ErrorCategory.ReadError, this.DataObject.Identity); return; } } try { InstallAvailabilityConfig.SetAvailabilityAces(this.exchangeServerGroup.Sid, availabilityConfig, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); } catch (SecurityDescriptorAccessDeniedException exception) { base.WriteError(exception, ErrorCategory.PermissionDenied, null); } TaskLogger.LogExit(); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; TaskLogger.LogExit(); }
protected override IConfigurable ResolveDataObject() { if (!this.IgnoreDehydratedFlag) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } return(base.ResolveDataObject()); }
protected override void InternalValidate() { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; base.InternalValidate(); if (base.DataObject.IsDefault) { base.WriteError(new InvalidOperationException(Strings.RemovingDefaultPolicyIsNotSupported(this.Identity.ToString())), ErrorCategory.WriteError, base.DataObject); } }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; if (base.DataObject.IsDefault && !this.Force) { base.WriteError(new OperationNotAllowedException(Strings.ErrorDefaultMalwareFilterPolicyCannotBeDeleted), ErrorCategory.InvalidOperation, base.DataObject); } TaskLogger.LogExit(); }
protected override IConfigurable PrepareDataObject() { TaskLogger.LogEnter(); this.DataObject = (ExchangeRole)base.PrepareDataObject(); if (base.HasErrors) { return(null); } SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); this.DataObject.SetId(this.ConfigurationSession, ExchangeRole.RdnContainer, this.DataObject.Name); this.DataObject.Description = this.Description; if (base.ParameterSetName.Equals("UnScopedTopLevelRoleParameterSet")) { if (this.UnScopedTopLevel) { this.DataObject.RoleType = RoleType.UnScoped; this.DataObject.StampImplicitScopes(); this.DataObject.StampIsEndUserRole(); } else { base.WriteError(new InvalidOperationException(Strings.ErrorNewRoleInvalidValueUnscopedParameter), ErrorCategory.InvalidOperation, null); } } else { ExchangeRole exchangeRole = (ExchangeRole)base.GetDataObject <ExchangeRole>(this.Parent, this.ConfigurationSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(this.Parent.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(this.Parent.ToString()))); if (exchangeRole != null && exchangeRole.IsDeprecated) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotCreateARoleFromADeprecatedRole(exchangeRole.ToString())), ErrorCategory.InvalidOperation, null); } if (!this.DataObject.OrganizationId.Equals(exchangeRole.OrganizationId)) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotCreateRoleAcrossOrganizations(base.CurrentOrganizationId.ToString(), exchangeRole.ToString(), exchangeRole.OrganizationId.ToString())), ErrorCategory.InvalidOperation, null); } this.DataObject.SetId(exchangeRole.Id.GetChildId(this.DataObject.Name)); this.DataObject.RoleType = exchangeRole.RoleType; this.DataObject[ExchangeRoleSchema.RoleFlags] = exchangeRole[ExchangeRoleSchema.RoleFlags]; this.DataObject.RoleEntries = exchangeRole.RoleEntries; MultiValuedProperty <RoleEntry> multiValuedProperty = (MultiValuedProperty <RoleEntry>)exchangeRole[ExchangeRoleSchema.InternalDownlevelRoleEntries]; if (multiValuedProperty.Count > 0) { this.DataObject[ExchangeRoleSchema.InternalDownlevelRoleEntries] = multiValuedProperty; this.DataObject[ExchangeRoleSchema.RoleFlags] = exchangeRole[ExchangeRoleSchema.RoleFlags]; } if (!base.CurrentTaskContext.CanBypassRBACScope && !RoleHelper.HasDelegatingHierarchicalRoleAssignmentWithoutScopeRestriction(base.ExecutingUserOrganizationId, base.ExchangeRunspaceConfig.RoleAssignments, exchangeRole.Id)) { base.WriteError(new InvalidOperationException(Strings.ErrorNewRoleNeedHierarchicalRoleAssignmentWithoutScopeRestriction(exchangeRole.ToString())), ErrorCategory.InvalidOperation, null); } } TaskLogger.LogExit(); return(this.DataObject); }
protected override void InternalValidate() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); base.InternalValidate(); if (this.isDefault) { this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = this.ConfigurationSession.GetFederatedOrganizationId(this.DataObject.OrganizationId); if (federatedOrganizationId != null) { this.defaultChanged = !this.DataObject.Id.Equals(federatedOrganizationId.DefaultSharingPolicyLink); } } TaskLogger.LogExit(); }
protected override void InternalValidate() { if (Server.IsSubscribedGateway(base.GlobalConfigSession)) { base.WriteError(new CannotRunOnSubscribedEdgeException(), ErrorCategory.InvalidOperation, null); } SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); if (base.OptionalIdentityData != null) { base.OptionalIdentityData.ConfigurationContainerRdn = MessageClassificationIdParameter.DefaultsRoot; } base.InternalValidate(); if (Utils.IsMessageClassificationUsedByTransportRule((IConfigurationSession)base.DataSession, base.DataObject)) { base.WriteError(new InvalidOperationException(Strings.ErrorRemoveClassificationUsedByTransportRule(base.DataObject.Identity.ToString())), ErrorCategory.InvalidOperation, base.DataObject); } }
protected override void InternalValidate() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); try { if (this.Identity == null) { this.Identity = AvailabilityConfigIdParameter.Parse(AvailabilityConfig.ContainerName); } base.InternalValidate(); } finally { TaskLogger.LogExit(); } }
protected override void InternalValidate() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); base.InternalValidate(); if (NewOrganizationRelationship.DomainsExist(this.DataObject.DomainNames, this.ConfigurationSession)) { base.WriteError(new DuplicateOrganizationRelationshipDomainException(base.FormatMultiValuedProperty(this.DataObject.DomainNames)), ErrorCategory.InvalidOperation, base.Name); } if (this.FreeBusyAccessScopeADGroup != null) { this.DataObject.FreeBusyAccessScope = this.FreeBusyAccessScopeADGroup.Id; } if (this.MailTipsAccessScopeADGroup != null) { this.DataObject.MailTipsAccessScope = this.MailTipsAccessScopeADGroup.Id; } TaskLogger.LogExit(); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (base.HasErrors) { return; } SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrganizationId, new Task.ErrorLoggerDelegate(base.WriteError)); this.DataObject.CheckWritable(); bool flag = false; if (this.DataObject.IsDeprecated) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotModifyDeprecatedRole(this.DataObject.ToString())), ErrorCategory.InvalidOperation, null); } if (this.DataObject.IsUnscopedTopLevel && this.IsTopLevelUnscopedRoleModificationAllowed()) { flag = true; } else { this.parentRole = this.ConfigurationSession.Read <ExchangeRole>(this.DataObject.Id.Parent); if (this.parentRole != null && this.parentRole.IsDeprecated) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotModifyDeprecatedRole(this.parentRole.ToString())), ErrorCategory.InvalidOperation, null); } else if (this.parentRole == null) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotModifyPrecannedRole(this.DataObject.Id.ToString())), ErrorCategory.InvalidOperation, this.DataObject.Id); } } if (!base.CurrentTaskContext.CanBypassRBACScope && !RoleHelper.HasDelegatingHierarchicalRoleAssignmentWithoutScopeRestriction(base.ExecutingUserOrganizationId, base.ExchangeRunspaceConfig.RoleAssignments, flag ? this.DataObject.Id : this.ParentRole.Id)) { base.WriteError(new InvalidOperationException(Strings.ErrorModifyRoleNeedHierarchicalParentRoleWithoutScopeRestriction(this.DataObject.Id.ToString())), ErrorCategory.InvalidOperation, this.DataObject.Id); } this.InternalApplyChangeAndValidate(); IEnumerable <ExchangeRole> childRoles = this.ConfigurationSession.FindPaged <ExchangeRole>(this.DataObject.Id, QueryScope.OneLevel, null, null, 0); RoleHelper.ValidateChangeAgainstParentAndChildren(this.DataObject, flag ? this.DataObject : this.ParentRole, childRoles, new Task.TaskErrorLoggingDelegate(base.WriteError)); TaskLogger.LogExit(); }
protected override IConfigurable PrepareDataObject() { TaskLogger.LogEnter(); ADGroup result = (ADGroup)base.PrepareDataObject(); if (!this.PartnerManaged.IsPresent) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } RoleAssigneeType roleAssigneeType = RoleAssigneeType.RoleGroup; if ("crossforest" == base.ParameterSetName) { roleAssigneeType = RoleAssigneeType.LinkedRoleGroup; } if (base.Fields.IsChanged("Roles") && this.Roles != null) { this.roles = new MultiValuedProperty <ExchangeRole>(); this.roleAssignments = new List <ExchangeRoleAssignment>(); foreach (RoleIdParameter roleIdParameter in this.Roles) { ExchangeRole item = (ExchangeRole)base.GetDataObject <ExchangeRole>(roleIdParameter, this.ConfigurationSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(roleIdParameter.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(roleIdParameter.ToString()))); this.roles.Add(item); } this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; foreach (ExchangeRole role in this.roles) { bool flag = false; ExchangeRoleAssignment exchangeRoleAssignment = new ExchangeRoleAssignment(); RoleHelper.PrepareNewRoleAssignmentWithUniqueNameAndDefaultScopes(null, exchangeRoleAssignment, role, this.DataObject.Id, this.DataObject.OrganizationId, roleAssigneeType, RoleAssignmentDelegationType.Regular, this.ConfigurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError)); RoleHelper.AnalyzeAndStampCustomizedWriteScopes(this, exchangeRoleAssignment, role, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), ref flag, ref this.ou, ref this.customRecipientScope, ref this.customConfigScope); if (!flag && base.ExchangeRunspaceConfig != null) { RoleHelper.HierarchicalCheckForRoleAssignmentCreation(this, exchangeRoleAssignment, this.customRecipientScope, this.customConfigScope, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError)); } this.roleAssignments.Add(exchangeRoleAssignment); } } TaskLogger.LogExit(); return(result); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; if (!this.IgnoreDehydratedFlag) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } if (this.DataObject.LanguageBlockList != null) { foreach (string text in this.DataObject.LanguageBlockList) { if (!HygieneUtils.IsAntispamFilterableLanguage(text)) { base.WriteError(new ArgumentException(Strings.ErrorUnsupportedBlockLanguage(text)), ErrorCategory.InvalidArgument, text); } } } if (this.DataObject.RegionBlockList != null) { foreach (string text2 in this.DataObject.RegionBlockList) { if (!HygieneUtils.IsValidIso3166Alpha2Code(text2)) { base.WriteError(new ArgumentException(Strings.ErrorInvalidIso3166Alpha2Code(text2)), ErrorCategory.InvalidArgument, text2); } } } if (this.DataObject.IsModified(HostedContentFilterPolicySchema.EnableEndUserSpamNotifications) && this.DataObject.EnableEndUserSpamNotifications) { HostedContentFilterRule policyScopingRule = this.GetPolicyScopingRule(); if (policyScopingRule != null && !policyScopingRule.IsEsnCompatible) { base.WriteError(new OperationNotAllowedException(Strings.ErrorEsnIncompatibleRule(policyScopingRule.Name)), ErrorCategory.InvalidOperation, null); } } TaskLogger.LogExit(); }
protected override void InternalValidate() { ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; if (!this.IgnoreDehydratedFlag) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } base.InternalValidate(); if (base.HasErrors) { return; } if (this.IsDefault) { this.DataObject.IsDefault = true; QueryFilter additionalFilter = new ComparisonFilter(ComparisonOperator.NotEqual, ADObjectSchema.Guid, this.DataObject.Id.ObjectGuid); this.otherDefaultPolicies = DefaultTeamMailboxProvisioningPolicyUtility.GetDefaultPolicies((IConfigurationSession)base.DataSession, additionalFilter); if (this.otherDefaultPolicies.Count > 0) { this.updateOtherDefaultPolicies = true; } } }
protected override void InternalValidate() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); IConfigurationSession session = (IConfigurationSession)base.DataSession; if (Datacenter.IsMultiTenancyEnabled()) { if (this.AccessMethod != AvailabilityAccessMethod.OrgWideFB) { base.ThrowTerminatingError(new InvalidAvailabilityAccessMethodException(), ErrorCategory.InvalidOperation, this.ForestName); } if (this.TargetAutodiscoverEpr == null) { base.ThrowTerminatingError(new AvailabilityAddressSpaceInvalidTargetAutodiscoverEprException(), ErrorCategory.InvalidOperation, this.ForestName); } } if (this.AccessMethod == AvailabilityAccessMethod.OrgWideFBBasic && this.TargetAutodiscoverEpr == null) { base.ThrowTerminatingError(new AvailabilityAddressSpaceInvalidTargetAutodiscoverEprException(), ErrorCategory.InvalidOperation, this.ForestName); } this.DataObject.SetId(session, this.ForestName); PSCredential credentials = this.Credentials; if (credentials != null) { this.DataObject.UserName = credentials.UserName; this.DataObject.SetPassword(credentials.Password); } base.InternalValidate(); if (base.HasErrors) { TaskLogger.LogExit(); return; } TaskLogger.LogExit(); }
protected override IConfigurable ResolveDataObject() { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrganizationId, new Task.ErrorLoggerDelegate(base.WriteError)); return(base.ResolveDataObject()); }
protected override void InternalValidate() { base.InternalValidate(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); IConfigurationSession configurationSession = (IConfigurationSession)base.DataSession; if (base.ExchangeRunspaceConfig != null && this.DataObject.ObjectState != ObjectState.Unchanged) { base.WriteVerbose(Strings.VerboseLoadingAssignmentsByScope(this.DataObject.Id.ToString())); ExchangeRoleAssignment[] array = configurationSession.FindAssignmentsForManagementScope(this.DataObject, true); if (array.Length != 0) { ManagementScope managementScope = (ManagementScope)this.DataObject.GetOriginalObject(); ManagementScope managementScope2 = (ManagementScope)this.DataObject.Clone(); managementScope2.SetId(new ADObjectId("CN=TemporaryNewScope" + Guid.NewGuid())); managementScope2.ResetChangeTracking(); Dictionary <ADObjectId, ManagementScope> dictionary = new Dictionary <ADObjectId, ManagementScope>(base.ExchangeRunspaceConfig.ScopesCache); if (!dictionary.ContainsKey(managementScope.Id)) { dictionary.Add(managementScope.Id, managementScope); } dictionary.Add(managementScope2.Id, managementScope2); RoleHelper.LoadScopesByAssignmentsToNewCache(dictionary, array, configurationSession); foreach (ExchangeRoleAssignment exchangeRoleAssignment in array) { if (ADObjectId.Equals(exchangeRoleAssignment.CustomRecipientWriteScope, this.DataObject.Id)) { exchangeRoleAssignment.CustomRecipientWriteScope = managementScope2.Id; } if (ADObjectId.Equals(exchangeRoleAssignment.CustomConfigWriteScope, this.DataObject.Id)) { exchangeRoleAssignment.CustomConfigWriteScope = managementScope2.Id; } base.WriteVerbose(Strings.VerboseSetScopeValidateNewScopedAssignment(this.DataObject.Id.ToString(), exchangeRoleAssignment.Id.ToString())); if (!RoleHelper.HasDelegatingHierarchicalRoleAssignment(base.ExecutingUserOrganizationId, base.ExchangeRunspaceConfig.RoleAssignments, dictionary, exchangeRoleAssignment, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose))) { base.WriteError(new InvalidOperationException(Strings.ErrorSetScopeAddPermission(this.DataObject.Id.ToString(), exchangeRoleAssignment.Id.ToString())), ErrorCategory.InvalidOperation, this.DataObject.Id); } } List <ExchangeRoleAssignment> list = new List <ExchangeRoleAssignment>(base.ExchangeRunspaceConfig.RoleAssignments); List <ExchangeRoleAssignment> list2 = new List <ExchangeRoleAssignment>(array.Length); List <ADObjectId> list3 = new List <ADObjectId>(list.Count); foreach (ExchangeRoleAssignment exchangeRoleAssignment2 in array) { for (int k = list.Count - 1; k >= 0; k--) { if (ADObjectId.Equals(list[k].Id, exchangeRoleAssignment2.Id)) { list.RemoveAt(k); list.Add(exchangeRoleAssignment2); list3.Add(exchangeRoleAssignment2.Id); break; } } list2.Add((ExchangeRoleAssignment)exchangeRoleAssignment2.GetOriginalObject()); } foreach (ExchangeRoleAssignment exchangeRoleAssignment3 in list2) { base.WriteVerbose(Strings.VerboseSetScopeValidateRemoveOriginalScopedAssignment(this.DataObject.Id.ToString(), exchangeRoleAssignment3.Id.ToString())); if (!RoleHelper.HasDelegatingHierarchicalRoleAssignment(base.ExecutingUserOrganizationId, list, dictionary, exchangeRoleAssignment3, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose))) { if (list3.Contains(exchangeRoleAssignment3.Id)) { base.WriteError(new InvalidOperationException(Strings.ErrorSetScopeToBlockSelf(this.DataObject.Id.ToString(), exchangeRoleAssignment3.Id.ToString())), ErrorCategory.InvalidOperation, this.DataObject.Id); } else { base.WriteError(new InvalidOperationException(Strings.ErrorSetScopeNeedHierarchicalRoleAssignment(this.DataObject.Id.ToString(), exchangeRoleAssignment3.Id.ToString())), ErrorCategory.InvalidOperation, this.DataObject.Id); } } } } } ManagementScope[] array4 = configurationSession.FindSimilarManagementScope(this.DataObject); if (array4.Length > 0) { base.WriteError(new ArgumentException(Strings.SimilarScopeFound(array4[0].Name)), ErrorCategory.InvalidArgument, null); } }
protected override IConfigurable PrepareDataObject() { TaskLogger.LogEnter(); ExchangeOrganizationalUnit exchangeOrganizationalUnit = null; ((IConfigurationSession)base.DataSession).SessionSettings.IsSharedConfigChecked = true; this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; this.DataObject = (ExchangeRoleAssignment)base.PrepareDataObject(); if (base.HasErrors) { return(null); } if (!this.IgnoreDehydratedFlag) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } this.role = (ExchangeRole)base.GetDataObject <ExchangeRole>(this.Role, base.DataSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(this.Role.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(this.Role.ToString()))); RoleHelper.VerifyNoScopeForUnScopedRole(base.Fields, this.role, new Task.TaskErrorLoggingDelegate(base.WriteError)); if (this.role != null && this.role.IsDeprecated) { base.WriteError(new InvalidOperationException(Strings.ErrorCannotCreateRoleAssignmentToADeprecatedRole(this.role.ToString())), ErrorCategory.InvalidOperation, null); } RoleAssigneeType roleAssigneeType; ADObject adobject; if (this.Policy != null) { RoleAssignmentPolicy roleAssignmentPolicy = (RoleAssignmentPolicy)base.GetDataObject <RoleAssignmentPolicy>(this.Policy, RecipientTaskHelper.GetTenantLocalConfigSession(base.CurrentOrganizationId, base.ExecutingUserOrganizationId, base.RootOrgContainerId), null, new LocalizedString?(Strings.ErrorRBACPolicyNotFound(this.Policy.ToString())), new LocalizedString?(Strings.ErrorRBACPolicyNotUnique(this.Policy.ToString()))); if (!this.role.IsEndUserRole) { base.WriteError(new InvalidOperationException(Strings.ErrorNonEndUserRoleCannoBeAssignedToPolicy(this.role.Name)), ErrorCategory.InvalidOperation, roleAssignmentPolicy.Id); } OrganizationId organizationId = OrganizationId.ForestWideOrgId; if (this.ConfigurationSession is ITenantConfigurationSession) { organizationId = TaskHelper.ResolveOrganizationId(this.role.Id, ExchangeRole.RdnContainer, (ITenantConfigurationSession)this.ConfigurationSession); } ADObjectId adobjectId; if (OrganizationId.ForestWideOrgId.Equals(organizationId)) { adobjectId = this.ConfigurationSession.GetOrgContainerId(); } else { adobjectId = organizationId.ConfigurationUnit; } if (!roleAssignmentPolicy.Id.IsDescendantOf(adobjectId)) { base.WriteError(new InvalidOperationException(Strings.ErrorPolicyOutOfRoleScope(roleAssignmentPolicy.Id.ToString(), adobjectId.Name)), ErrorCategory.InvalidOperation, null); } roleAssigneeType = RoleAssigneeType.RoleAssignmentPolicy; adobject = roleAssignmentPolicy; } else { ADRecipient adrecipient = null; if (this.User != null) { adrecipient = (ADUser)base.GetDataObject <ADUser>(this.User, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorAssigneeUserNotFound(this.User.ToString())), new LocalizedString?(Strings.ErrorAssigneeUserNotUnique(this.User.ToString()))); } else if (this.SecurityGroup != null) { adrecipient = (ADGroup)base.GetDataObject <ADGroup>(this.SecurityGroup, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorAssigneeSecurityGroupNotFound(this.SecurityGroup.ToString())), new LocalizedString?(Strings.ErrorAssigneeSecurityGroupNotUnique(this.SecurityGroup.ToString()))); } else if (this.Computer != null) { adrecipient = (ADComputerRecipient)base.GetDataObject <ADComputerRecipient>(this.Computer, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorAssigneeComputerNotFound(this.Computer.ToString())), new LocalizedString?(Strings.ErrorAssigneeComputerNotUnique(this.Computer.ToString()))); } RoleHelper.ValidateRoleAssignmentUser(adrecipient, new Task.TaskErrorLoggingDelegate(base.WriteError), false); roleAssigneeType = ExchangeRoleAssignment.RoleAssigneeTypeFromADRecipient(adrecipient); adobject = adrecipient; } ((IDirectorySession)base.DataSession).LinkResolutionServer = adobject.OriginatingServer; RoleHelper.PrepareNewRoleAssignmentWithUniqueNameAndDefaultScopes(this.Name, this.DataObject, this.role, adobject.Id, adobject.OrganizationId, roleAssigneeType, this.Delegating.IsPresent ? RoleAssignmentDelegationType.Delegating : RoleAssignmentDelegationType.Regular, this.ConfigurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError)); if (this.role.IsUnscopedTopLevel && this.UnScopedTopLevel) { this.skipHRoleCheck = true; if (this.Delegating) { this.DataObject.RoleAssignmentDelegationType = RoleAssignmentDelegationType.DelegatingOrgWide; } } else { RoleHelper.AnalyzeAndStampCustomizedWriteScopes(this, this.DataObject, this.role, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), ref this.skipHRoleCheck, ref exchangeOrganizationalUnit, ref this.customRecipientScope, ref this.customConfigScope); } TaskLogger.LogExit(); return(this.DataObject); }
protected override void InternalValidate() { TaskLogger.LogEnter(); if (!base.Fields.Contains("Mailbox")) { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); } if (base.ParameterSetName == "ParameterSetMailboxTask") { return; } if (base.Fields.IsModified("LegacyManagedFolder")) { if (this.LegacyManagedFolder != null) { ELCFolder elcfolder = (ELCFolder)base.GetDataObject <ELCFolder>(this.LegacyManagedFolder, base.DataSession, null, new LocalizedString?(Strings.ErrorElcFolderNotFound(this.LegacyManagedFolder.ToString())), new LocalizedString?(Strings.ErrorAmbiguousElcFolderId(this.LegacyManagedFolder.ToString()))); this.DataObject.LegacyManagedFolder = elcfolder.Id; } else { this.DataObject.LegacyManagedFolder = null; } } base.InternalValidate(); if (this.contentSettingsObject.IsChanged(ElcContentSettingsSchema.RetentionAction)) { RetentionActionType[] source = new RetentionActionType[] { RetentionActionType.MoveToFolder }; if (source.Any((RetentionActionType x) => x == this.contentSettingsObject.RetentionAction)) { base.WriteError(new RetentionPolicyTagTaskException(Strings.ErrorRetentionActionNowAllowed), ErrorCategory.InvalidOperation, null); } if (this.DataObject.Type == ElcFolderType.RecoverableItems && !this.contentSettingsObject.RetentionAction.Equals(RetentionActionType.MoveToArchive)) { base.WriteError(new ArgumentException(Strings.ErrorDumpsterTagWrongRetentionAction), ErrorCategory.InvalidArgument, this); } if (this.DataObject.Type != ElcFolderType.All && this.DataObject.Type != ElcFolderType.Personal && this.DataObject.Type != ElcFolderType.RecoverableItems && this.RetentionAction == RetentionActionType.MoveToArchive) { base.WriteError(new RetentionPolicyTagTaskException(Strings.ErrorMoveToArchiveAppliedToSystemFolder), ErrorCategory.InvalidArgument, null); } } if (this.contentSettingsObject.IsChanged(ElcContentSettingsSchema.MessageClass) && this.DataObject.Type != ElcFolderType.All && !this.contentSettingsObject.MessageClass.Equals(ElcMessageClass.AllMailboxContent)) { base.WriteError(new RetentionPolicyTagTaskException(Strings.ErrorOnlyDefaultTagAllowCustomizedMessageClass), ErrorCategory.InvalidOperation, this.DataObject); } string tagName; if (this.DataObject.IsChanged(RetentionPolicyTagSchema.RetentionId) && !(base.DataSession as IConfigurationSession).CheckForRetentionTagWithConflictingRetentionId(this.DataObject.RetentionId, this.DataObject.Identity.ToString(), out tagName)) { base.WriteError(new RetentionPolicyTagTaskException(Strings.ErrorRetentionIdConflictsWithRetentionTag(this.DataObject.RetentionId.ToString(), tagName)), ErrorCategory.InvalidOperation, this.DataObject); } if (this.contentSettingsObject.IsChanged(ElcContentSettingsSchema.RetentionAction) || this.contentSettingsObject.IsChanged(ElcContentSettingsSchema.RetentionEnabled) || this.contentSettingsObject.IsChanged(ElcContentSettingsSchema.MessageClass)) { this.ValidateRetentionPolicy(); } if (base.Fields.IsModified("AddressForJournaling")) { if (this.AddressForJournaling != null) { ADRecipient adrecipient = (ADRecipient)base.GetDataObject <ADRecipient>(this.AddressForJournaling, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorMailboxAddressNotFound(this.AddressForJournaling.ToString())), new LocalizedString?(Strings.ErrorMailboxAddressNotUnique(this.AddressForJournaling.ToString()))); if (!this.DataObject.OrganizationId.Equals(OrganizationId.ForestWideOrgId)) { RecipientTaskHelper.CheckRecipientInSameOrganizationWithDataObject(this.DataObject, adrecipient, new Task.ErrorLoggerDelegate(base.WriteError)); } if (adrecipient.EmailAddresses == null || adrecipient.EmailAddresses.FindPrimary(ProxyAddressPrefix.Smtp) == null) { base.WriteError(new ArgumentException(Strings.SmtpAddressMissingForAutocopy(this.AddressForJournaling.ToString()), "AddressForJournaling"), ErrorCategory.InvalidData, this); } this.contentSettingsObject.AddressForJournaling = adrecipient.Id; } else { this.contentSettingsObject.AddressForJournaling = null; } } ValidationError[] array = this.contentSettingsObject.Validate(); if (array.Length > 0) { for (int i = 0; i < array.Length; i++) { this.WriteError(new DataValidationException(array[i]), (ErrorCategory)1003, this.contentSettingsObject.Identity, array.Length - 1 == i); } } if (base.HasErrors) { return; } TaskLogger.LogExit(); }