private bool ExistDistinctRoleAssignmentForGroup(ExchangeRoleAssignment roleAssignment, ExchangeRole role, bool verifyGroupEmptiness)
{
ADObjectId adobjectId = roleAssignment.OrganizationId.Equals(OrganizationId.ForestWideOrgId) ? this.configurationSession.GetOrgContainerId() : roleAssignment.OrganizationId.ConfigurationUnit;
adobjectId = adobjectId.GetDescendantId(ExchangeRoleAssignment.RdnContainer);
List <QueryFilter> list = new List <QueryFilter>
{
new ComparisonFilter(ComparisonOperator.NotEqual, ADObjectSchema.Id, roleAssignment.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, roleAssignment.Role),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RecipientWriteScope, (RecipientWriteScopeType)role.ImplicitRecipientWriteScope),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.ConfigWriteScope, (ConfigWriteScopeType)role.ImplicitConfigWriteScope),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, roleAssignment.RoleAssignmentDelegationType),
new OrFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssigneeType, RoleAssigneeType.RoleGroup),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssigneeType, RoleAssigneeType.SecurityGroup)
})
};
if (this.excludedFromAssignmentSearch != null)
{
foreach (ADObjectId propertyValue in this.excludedFromAssignmentSearch)
{
list.Add(new ComparisonFilter(ComparisonOperator.NotEqual, ExchangeRoleAssignmentSchema.User, propertyValue));
}
}
foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(adobjectId, QueryScope.OneLevel, new AndFilter(list.ToArray()), null, 0))
{
if (exchangeRoleAssignment.IsValid && exchangeRoleAssignment.Enabled && exchangeRoleAssignment.RecipientReadScope.Equals(role.ImplicitRecipientReadScope) && exchangeRoleAssignment.ConfigReadScope.Equals(role.ImplicitConfigReadScope) && (!verifyGroupEmptiness || !this.IsGroupEmpty(exchangeRoleAssignment.User)))
{
return(true);
}
}
return(false);
}
internal List <ADObjectId> GetEffectiveUsersForRoleAssignment(ExchangeRoleAssignment roleAssignment)
{
if (this.usersListLookup.ContainsKey(roleAssignment.User))
{
return(this.usersListLookup[roleAssignment.User]);
}
this.usersList = new List <ADObjectId>();
ADRawEntry adrawEntry = this.recipientSession.ReadADRawEntry(roleAssignment.User, RoleAssignmentExpansion.groupProperties);
if (adrawEntry != null)
{
this.adRecipientExpansion.Expand(adrawEntry, new ADRecipientExpansion.HandleRecipientDelegate(this.OnRecipient), new ADRecipientExpansion.HandleFailureDelegate(this.OnFailure));
foreach (RoleAssignmentExpansion.UserNode userNode in this.userNodeLookupTable.Values)
{
userNode.ResetTraverseIndex();
}
this.CalculateAssignmentChains(roleAssignment);
this.usersListLookup[roleAssignment.User] = this.usersList;
}
else
{
ExTraceGlobals.ADConfigTracer.TraceError <ADObjectId>(0L, "Error while getting ADRawEntry for User '{0}'", roleAssignment.User);
}
return(this.usersList);
}
private void RemoveRoleAssignment(ExchangeRoleAssignment roleAssignment)
{
base.LogReadObject(roleAssignment);
base.WriteVerbose(Strings.WarningRemoveInvalidRoleAssignment(roleAssignment.Name));
this.configurationSession.Delete(roleAssignment);
base.LogWriteObject(roleAssignment);
}
private bool FindRoleAssignment(ExchangeRole role, ADObjectId userId, ExchangeRoleAssignment roleAssigmentToFind)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string>(20008L, "-->FindRoleAssignment: role.Name = {0}, userId.Name = {1}", role.Name, userId.Name);
List <ComparisonFilter> list = new List <ComparisonFilter>();
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id));
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, userId));
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags, roleAssigmentToFind[ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags]));
if (roleAssigmentToFind.CustomConfigWriteScope != null)
{
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomConfigWriteScope, roleAssigmentToFind.CustomConfigWriteScope));
}
if (roleAssigmentToFind.CustomRecipientWriteScope != null)
{
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomRecipientWriteScope, roleAssigmentToFind.CustomRecipientWriteScope));
}
using (IEnumerator <ExchangeRoleAssignment> enumerator = this.settings.ConfigurationSession.FindPaged <ExchangeRoleAssignment>(this.settings.OrgContainerId, QueryScope.SubTree, new AndFilter(list.ToArray()), null, 1).GetEnumerator())
{
if (enumerator.MoveNext())
{
ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current;
ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "<--FindRoleAssignment: Role assignment found. roleAssignment.Name = {0}", exchangeRoleAssignment.Name);
return(true);
}
}
ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--FindRoleAssignment: Role assignment NOT found");
return(false);
}
private bool IsSafeToRemoveDisableAssignmentFromGroup(ExchangeRoleAssignment roleAssignment)
{
if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment))
{
return(true);
}
ExchangeRole role = this.GetRole(roleAssignment.Role);
if (!role.IsValid)
{
return(true);
}
bool flag = true;
bool verifyGroupEmptiness = false;
if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.DelegatingOrgWide) && role.IsRootRole && !role.IsUnscoped)
{
flag = false;
}
if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType))
{
flag = false;
verifyGroupEmptiness = true;
}
flag = (flag || !role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet()));
if (!flag)
{
flag = this.ExistDistinctRoleAssignmentForGroup(roleAssignment, role, verifyGroupEmptiness);
}
return(flag);
}
private bool IsUserRequiredForAssignment(ExchangeRoleAssignment roleAssignment)
{
if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment))
{
return(false);
}
ExchangeRole role = this.GetRole(roleAssignment.Role);
return(role.IsValid && (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType)) && role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet()));
}
private void CreateRoleAssignment(ExchangeRole role, ADRecipient recipient, RoleAssignmentDelegationType delegationType)
{
if (this.adSplitPermissionMode && delegationType == RoleAssignmentDelegationType.Regular && InstallCannedRbacRoleAssignments.invalidRoleTypesInADSplitPermissionMode.Contains(role.RoleType))
{
base.WriteVerbose(Strings.VerboseSkipCreatingRoleAssignment(recipient.Id.ToString(), role.Id.ToString(), delegationType.ToString()));
return;
}
RoleAssigneeType roleAssigneeType = ExchangeRoleAssignment.RoleAssigneeTypeFromADRecipient(recipient);
RoleHelper.CreateRoleAssignment(role, recipient.Id, recipient.OrganizationId, roleAssigneeType, recipient.OriginatingServer, delegationType, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, this.configurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
public void ValidateIsSafeToRemoveAssignment(ExchangeRoleAssignment roleAssignment)
{
if (roleAssignment == null)
{
return;
}
this.InitializeContextVariables();
if (!this.IsSafeToRemoveDisableAssignmentFromGroup(roleAssignment))
{
this.writeError(new TaskInvalidOperationException(Strings.ErrorRoleAssignmentConstraintViolation(roleAssignment.Name, roleAssignment.Role.Name, roleAssignment.User.Name)), ExchangeErrorCategory.Client, null);
}
}
private bool FindAnyRoleAssignment()
{
ExchangeRoleAssignment[] array = this.configurationSession.Find <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, null, null, 1);
int num = 0;
if (num >= array.Length)
{
return(false);
}
ExchangeRoleAssignment exchangeRoleAssignment = array[num];
return(true);
}
private bool HierarchicalCheckForGroupEmptiness(ADGroup group, out ExchangeRoleAssignment roleAssignment)
{
roleAssignment = null;
Result <ExchangeRoleAssignment>[] inheritedRoleAssignments = this.GetInheritedRoleAssignments(group);
if (inheritedRoleAssignments == null)
{
return(true);
}
this.excludedFromEmptinessValidation.Add(group.Id);
List <ADGroup> list = new List <ADGroup>();
Result <ExchangeRoleAssignment>[] array = inheritedRoleAssignments;
for (int i = 0; i < array.Length; i++)
{
Result <ExchangeRoleAssignment> assignment = array[i];
Result <ExchangeRoleAssignment> assignment8 = assignment;
if (RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(assignment8.Data))
{
if (!list.Exists(delegate(ADGroup x)
{
ADObjectId id = x.Id;
Result <ExchangeRoleAssignment> assignment7 = assignment;
return(id.Equals(assignment7.Data.User));
}))
{
Result <ExchangeRoleAssignment> assignment2 = assignment;
if (this.IsUserRequiredForAssignment(assignment2.Data))
{
Result <ExchangeRoleAssignment> assignment3 = assignment;
if (!this.IsGroupEmpty(assignment3.Data.User))
{
list.Add(group);
}
else
{
Result <ExchangeRoleAssignment> assignment4 = assignment;
ExchangeRoleAssignment data = assignment4.Data;
Result <ExchangeRoleAssignment> assignment5 = assignment;
if (!this.ExistDistinctRoleAssignmentForGroup(data, this.GetRole(assignment5.Data.Role), true))
{
Result <ExchangeRoleAssignment> assignment6 = assignment;
roleAssignment = assignment6.Data;
return(false);
}
}
}
}
}
}
return(true);
}
public RoleGroup(ADGroup dataObject, Result <ExchangeRoleAssignment>[] roleAssignmentResults) : base(dataObject)
{
if (roleAssignmentResults != null)
{
foreach (Result <ExchangeRoleAssignment> result in roleAssignmentResults)
{
ExchangeRoleAssignment data = result.Data;
this.RoleAssignments.Add(data.Id);
if (data.Role != null && !this.Roles.Contains(data.Role))
{
this.Roles.Add(data.Role);
}
}
}
}
private void PrepareRoleAssignments(RoleAssigneeType assigneeType)
{
foreach (ExchangeRole role in this.roles)
{
bool flag = false;
ExchangeRoleAssignment exchangeRoleAssignment = new ExchangeRoleAssignment();
RoleHelper.PrepareNewRoleAssignmentWithUniqueNameAndDefaultScopes(null, exchangeRoleAssignment, role, this.DataObject.Id, this.DataObject.OrganizationId, assigneeType, RoleAssignmentDelegationType.Regular, this.ConfigurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
RoleHelper.AnalyzeAndStampCustomizedWriteScopes(this, exchangeRoleAssignment, role, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), ref flag, ref this.ou, ref this.customRecipientScope, ref this.customConfigScope);
if (!flag && base.ExchangeRunspaceConfig != null)
{
RoleHelper.HierarchicalCheckForRoleAssignmentCreation(this, exchangeRoleAssignment, this.customRecipientScope, this.customConfigScope, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
this.roleAssignments.Add(exchangeRoleAssignment);
}
}
private bool FindRoleAssignment(ExchangeRole role, ADRecipient user, RoleAssignmentDelegationType delegationType)
{
using (IEnumerator <ExchangeRoleAssignment> enumerator = this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, user.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType)
}), null, 1).GetEnumerator())
{
if (enumerator.MoveNext())
{
ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current;
return(true);
}
}
return(false);
}
// Token: 0x0600544F RID: 21583 RVA: 0x00131AE8 File Offset: 0x0012FCE8
public ExchangeRoleAssignmentPresentation(ExchangeRoleAssignment dataObject, ADObjectId userId, AssignmentMethod assignmentMethod, string userName, ADObjectId assigneeId, OrganizationId sharedOrgId) : base(dataObject)
{
if (assigneeId != null && null == sharedOrgId)
{
throw new ArgumentException("AssigneeID isnt null and sharedOrgId is null. sharedOrgId cannot be null if assigneeId isn't null.");
}
this.User = userId;
this.assignmentMethod = assignmentMethod;
if (!string.IsNullOrEmpty(userName))
{
this.EffectiveUserName = userName;
}
if (assigneeId != null)
{
this.roleAssignee = assigneeId;
}
}
private void PurgeInvalidAssignmentsFromRoleGroup(RoleGroupRoleMapping rgMapping, ADGroup roleGroup, List <ExchangeRole> topCannedRoles)
{
TaskLogger.LogEnter();
if (!InstallCannedRbacRoleAssignments.MonitoredDCOnlyRoleGroups.Contains(rgMapping.RoleGroup))
{
return;
}
List <string> list = new List <string>(rgMapping.Assignments.Length * 2);
RoleAssignmentDefinition[] assignments = rgMapping.Assignments;
for (int i = 0; i < assignments.Length; i++)
{
RoleAssignmentDefinition assignmentDefinition = assignments[i];
List <ExchangeRole> list2 = topCannedRoles.FindAll((ExchangeRole x) => x.RoleType.Equals(assignmentDefinition.RoleType));
if (list2 != null)
{
foreach (ExchangeRole exchangeRole in list2)
{
list.Add(exchangeRole.DistinguishedName);
list.Add(exchangeRole.Id.GetChildId(RoleDefinition.GetDCSafeNameForRole(exchangeRole.Name)).DistinguishedName);
}
}
}
ADPagedReader <ExchangeRoleAssignment> adpagedReader = this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer), QueryScope.SubTree, new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, roleGroup.Id), null, 0);
using (IEnumerator <ExchangeRoleAssignment> enumerator2 = adpagedReader.GetEnumerator())
{
while (enumerator2.MoveNext())
{
ExchangeRoleAssignment roleAssignment = enumerator2.Current;
if (!list.Contains(roleAssignment.Role.DistinguishedName, StringComparer.OrdinalIgnoreCase))
{
if (topCannedRoles.Find((ExchangeRole x) => x.Name.Equals(roleAssignment.Role.Name, StringComparison.OrdinalIgnoreCase) && x.RoleType.Equals(RoleType.UnScoped)) == null)
{
ExchangeRole exchangeRole2 = this.configurationSession.Read <ExchangeRole>(roleAssignment.Role);
if (exchangeRole2 != null && !exchangeRole2.RoleType.Equals(RoleType.UnScoped))
{
this.RemoveRoleAssignment(roleAssignment);
}
}
}
}
}
TaskLogger.LogExit();
}
private void CloneRoleAssignment(ExchangeRole newRole, ExchangeRoleAssignment oldRoleAssignment)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string, string>(20008L, "-->CloneRoleAssignment: newRole.Name = {0}, oldRoleAssignment.Name = {1}, oldRoleAssignment.User.Name = {2}", newRole.Name, oldRoleAssignment.Name, oldRoleAssignment.User.Name);
ExchangeRoleAssignment exchangeRoleAssignment = new ExchangeRoleAssignment();
exchangeRoleAssignment.ProvisionalClone(oldRoleAssignment);
exchangeRoleAssignment.SetExchangeVersion(oldRoleAssignment.ExchangeVersion);
exchangeRoleAssignment.Role = newRole.Id;
this.settings.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true;
string text = RoleAssignmentHelper.GenerateUniqueRoleAssignmentName(this.settings.ConfigurationSession, this.settings.OrgContainerId, newRole.Name, oldRoleAssignment.User.Name, oldRoleAssignment.RoleAssignmentDelegationType, this.settings.WriteVerbose);
exchangeRoleAssignment.SetId(this.settings.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer).GetChildId(text));
ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "----CloneRoleAssignment: newRoleAssignmentName = {0}", text);
this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(exchangeRoleAssignment, this.settings.ConfigurationSession, typeof(ExchangeRoleAssignment)));
this.settings.ConfigurationSession.Save(exchangeRoleAssignment);
this.settings.LogWriteObject(exchangeRoleAssignment);
ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--CloneRoleAssignment");
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADGroup result = (ADGroup)base.PrepareDataObject();
if (!this.PartnerManaged.IsPresent)
{
SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError));
}
RoleAssigneeType roleAssigneeType = RoleAssigneeType.RoleGroup;
if ("crossforest" == base.ParameterSetName)
{
roleAssigneeType = RoleAssigneeType.LinkedRoleGroup;
}
if (base.Fields.IsChanged("Roles") && this.Roles != null)
{
this.roles = new MultiValuedProperty <ExchangeRole>();
this.roleAssignments = new List <ExchangeRoleAssignment>();
foreach (RoleIdParameter roleIdParameter in this.Roles)
{
ExchangeRole item = (ExchangeRole)base.GetDataObject <ExchangeRole>(roleIdParameter, this.ConfigurationSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(roleIdParameter.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(roleIdParameter.ToString())));
this.roles.Add(item);
}
this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true;
foreach (ExchangeRole role in this.roles)
{
bool flag = false;
ExchangeRoleAssignment exchangeRoleAssignment = new ExchangeRoleAssignment();
RoleHelper.PrepareNewRoleAssignmentWithUniqueNameAndDefaultScopes(null, exchangeRoleAssignment, role, this.DataObject.Id, this.DataObject.OrganizationId, roleAssigneeType, RoleAssignmentDelegationType.Regular, this.ConfigurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
RoleHelper.AnalyzeAndStampCustomizedWriteScopes(this, exchangeRoleAssignment, role, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), ref flag, ref this.ou, ref this.customRecipientScope, ref this.customConfigScope);
if (!flag && base.ExchangeRunspaceConfig != null)
{
RoleHelper.HierarchicalCheckForRoleAssignmentCreation(this, exchangeRoleAssignment, this.customRecipientScope, this.customConfigScope, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
this.roleAssignments.Add(exchangeRoleAssignment);
}
}
TaskLogger.LogExit();
return(result);
}
private bool IsValid(ExchangeRoleAssignment dataObject)
{
ValidationError[] array = dataObject.Validate();
if (array != null && array.Length > 0)
{
if (dataObject.Identity != null)
{
this.WriteWarning(Strings.ErrorObjectHasValidationErrorsWithId(dataObject.Identity.ToString()));
}
else
{
this.WriteWarning(Strings.ErrorObjectHasValidationErrors);
}
foreach (ValidationError validationError in array)
{
this.WriteWarning(validationError.Description);
}
return(false);
}
return(true);
}
private void CalculateAssignmentChains(ExchangeRoleAssignment roleAssignment)
{
RoleAssignmentExpansion.UserNode node = this.AddORGetNode(roleAssignment.User);
this.CalculateAssignmentChainsNonRecursive(node);
}
// Token: 0x06000E4E RID: 3662 RVA: 0x0002A9CD File Offset: 0x00028BCD
public RoleAssignmentIdParameter(ExchangeRoleAssignment roleAssignment) : base(roleAssignment.Id)
{
}
internal RoleEntryInfo(RoleEntry roleEntry, ExchangeRoleAssignment roleAssignment)
{
this.RoleEntry = roleEntry;
this.RoleAssignment = roleAssignment;
this.ScopeSet = null;
}
internal static bool IsValidCannedRoleToGroupAssignment(ExchangeRoleAssignment roleAssignment)
{
return(roleAssignment != null && roleAssignment.IsValid && (roleAssignment.RoleAssigneeType == RoleAssigneeType.RoleGroup || roleAssignment.RoleAssigneeType == RoleAssigneeType.SecurityGroup) && roleAssignment.RecipientWriteScope != RecipientWriteScopeType.ExclusiveRecipientScope && roleAssignment.RecipientWriteScope != RecipientWriteScopeType.CustomRecipientScope && roleAssignment.ConfigWriteScope != ConfigWriteScopeType.ExclusiveConfigScope && roleAssignment.ConfigWriteScope != ConfigWriteScopeType.CustomConfigScope && roleAssignment.IsAssignmentToRootRole);
}
private bool TryUpdateRoleAssigneeTypeAndScope(ExchangeRoleAssignment assignment)
{
RoleAssigneeType roleAssigneeType = RoleAssigneeType.User;
ADRawEntry adrawEntry = this.recipientSession.ReadADRawEntry(assignment.User, InstallCannedRbacRoleAssignments.principalProperties);
if (adrawEntry == null)
{
adrawEntry = this.configurationSession.ReadADRawEntry(assignment.User, InstallCannedRbacRoleAssignments.principalProperties);
if (adrawEntry == null)
{
return(false);
}
}
MultiValuedProperty <string> multiValuedProperty = (MultiValuedProperty <string>)adrawEntry[ADObjectSchema.ObjectClass];
foreach (string value in multiValuedProperty)
{
if ("group".Equals(value, StringComparison.OrdinalIgnoreCase))
{
roleAssigneeType = RoleAssigneeType.SecurityGroup;
break;
}
if ("msExchRBACPolicy".Equals(value, StringComparison.OrdinalIgnoreCase))
{
roleAssigneeType = RoleAssigneeType.RoleAssignmentPolicy;
break;
}
if ("user".Equals(value, StringComparison.OrdinalIgnoreCase))
{
if (RecipientTypeDetails.MailboxPlan == (RecipientTypeDetails)adrawEntry[ADRecipientSchema.RecipientTypeDetails])
{
roleAssigneeType = RoleAssigneeType.MailboxPlan;
break;
}
roleAssigneeType = RoleAssigneeType.User;
break;
}
}
ConfigWriteScopeType configWriteScopeType = assignment.ConfigWriteScope;
ScopeType scopeType = assignment.ConfigReadScope;
if (configWriteScopeType == ConfigWriteScopeType.None)
{
ExchangeRole exchangeRole = this.configurationSession.Read <ExchangeRole>(assignment.Role);
if (exchangeRole != null)
{
base.LogReadObject(exchangeRole);
ValidationError[] array = exchangeRole.Validate();
if (array.Length > 0)
{
this.WriteWarning(Strings.WarningCannotUpgradeRole(exchangeRole.Identity.ToString(), array[0].Description));
return(false);
}
scopeType = exchangeRole.ImplicitConfigReadScope;
configWriteScopeType = (ConfigWriteScopeType)exchangeRole.ImplicitConfigWriteScope;
}
}
if (assignment.RoleAssigneeType != roleAssigneeType || assignment.ConfigWriteScope != configWriteScopeType || assignment.ConfigReadScope != scopeType)
{
assignment.RoleAssigneeType = roleAssigneeType;
assignment.ConfigReadScope = scopeType;
assignment.ConfigWriteScope = configWriteScopeType;
}
return(true);
}
// Token: 0x06005451 RID: 21585 RVA: 0x00131B4E File Offset: 0x0012FD4E
public ExchangeRoleAssignmentPresentation(ExchangeRoleAssignment dataObject, ADObjectId userId, AssignmentMethod assignmentMethod, string userName) : this(dataObject, userId, assignmentMethod, userName, null, null)
{
}
