private static FreeBusyPermissionLevel FromExternalClient(ExternalClientContext externalClientContext, MailboxSession mailboxSession, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery) { FreeBusyPermissionLevel val = FreeBusyPermission.FromExternalClientWithPersonalRelationship(externalClientContext, mailboxSession, securityDescriptor, freeBusyQuery); FreeBusyPermissionLevel val2 = FreeBusyPermission.FromExternalClientWithOrganizationalRelationship(externalClientContext, mailboxSession, securityDescriptor, freeBusyQuery); FreeBusyPermissionLevel freeBusyPermissionLevel = (FreeBusyPermissionLevel)Math.Max((int)val2, (int)val); FreeBusyPermission.SecurityTracer.TraceDebug <object, SmtpAddress, FreeBusyPermissionLevel>(0L, "{0}: permission level for {1} is {2}", TraceContext.Get(), externalClientContext.EmailAddress, freeBusyPermissionLevel); return(freeBusyPermissionLevel); }
private static FreeBusyPermissionLevel FromExternalClientWithOrganizationalRelationship(ExternalClientContext externalClientContext, MailboxSession mailboxSession, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery) { OrganizationRelationship organizationRelationship = FreeBusyPermission.GetOrganizationRelationship(mailboxSession.MailboxOwner.MailboxInfo.OrganizationId, externalClientContext.EmailAddress.Domain); if (organizationRelationship == null) { FreeBusyPermission.SecurityTracer.TraceDebug <object, SmtpAddress, string>(0L, "{0}: No organization relationship for {1} with organization id {2}", TraceContext.Get(), externalClientContext.EmailAddress, (mailboxSession.MailboxOwner.MailboxInfo.OrganizationId == null) ? "<null>" : mailboxSession.MailboxOwner.MailboxInfo.OrganizationId.ToString()); return(FreeBusyPermissionLevel.None); } FreeBusyPermissionLevel freeBusyPermissionLevel = FreeBusyPermissionLevel.Detail; if (organizationRelationship != null) { freeBusyPermissionLevel = FreeBusyPermission.GetMaximumFreeBusyPermissionLevel(organizationRelationship); if (freeBusyPermissionLevel == FreeBusyPermissionLevel.None) { FreeBusyPermission.SecurityTracer.TraceDebug <object, ADObjectId>(0L, "{0}: OrganizationRelationship {1} restricts permission level to None.", TraceContext.Get(), organizationRelationship.Id); return(FreeBusyPermissionLevel.None); } } FreeBusyPermissionLevel freeBusyPermissionLevel2 = FreeBusyPermission.AccessCheck(securityDescriptor, ClientSecurityContext.FreeBusyPermissionDefaultClientSecurityContext); if (freeBusyPermissionLevel2 == FreeBusyPermissionLevel.None) { return(FreeBusyPermissionLevel.None); } if (freeBusyPermissionLevel2 > freeBusyPermissionLevel) { FreeBusyPermission.SecurityTracer.TraceDebug(0L, "{0}: OrganizationRelationship {1} restricts permission level to {2}. Lowering permission from {3}.", new object[] { TraceContext.Get(), organizationRelationship.Id, freeBusyPermissionLevel, freeBusyPermissionLevel2 }); freeBusyPermissionLevel2 = freeBusyPermissionLevel; } if (!FreeBusyPermission.IsAllowedByFreeBusyAccessScope(freeBusyQuery, organizationRelationship)) { freeBusyPermissionLevel2 = FreeBusyPermissionLevel.None; } return(freeBusyPermissionLevel2); }
public static FreeBusyPermissionLevel AccessCheck(RawSecurityDescriptor securityDescriptor, ClientSecurityContext clientContext) { int grantedAccess = clientContext.GetGrantedAccess(securityDescriptor, AccessMask.MaximumAllowed); FreeBusyPermissionLevel freeBusyPermissionLevel = FreeBusyPermissionLevel.None; if ((grantedAccess & 2) != 0) { freeBusyPermissionLevel = FreeBusyPermissionLevel.Detail; } else if ((grantedAccess & 1) != 0) { freeBusyPermissionLevel = FreeBusyPermissionLevel.Simple; } FreeBusyPermission.SecurityTracer.TraceDebug(0L, "{0}: Access check for {1} resulted in granted access {2}, permission level {3}", new object[] { TraceContext.Get(), clientContext, grantedAccess, freeBusyPermissionLevel }); return(freeBusyPermissionLevel); }
private static FreeBusyViewType GetReturnView(FreeBusyViewType requestedView, FreeBusyPermissionLevel freeBusyPermissionLevel) { FreeBusyViewType freeBusyViewType = FreeBusyViewType.None; switch (freeBusyPermissionLevel) { case FreeBusyPermissionLevel.None: freeBusyViewType = FreeBusyViewType.None; break; case FreeBusyPermissionLevel.Simple: freeBusyViewType = FreeBusyViewType.FreeBusy; break; case FreeBusyPermissionLevel.Detail: case FreeBusyPermissionLevel.Owner: freeBusyViewType = FreeBusyViewType.Detailed; break; } bool flag = FreeBusyViewOptions.IsMerged(requestedView); int num; int num2; if (flag) { num = (int)(requestedView | FreeBusyViewType.MergedOnly); num2 = (int)(freeBusyViewType | FreeBusyViewType.MergedOnly); } else { num = (int)requestedView; num2 = (int)freeBusyViewType; } int result; if (num <= num2) { result = num; } else { result = num2; } return((FreeBusyViewType)result); }
private FreeBusyQueryResult InternalGetCalendarData(FreeBusyQuery freeBusyQuery, MailboxSession session) { FreeBusyViewType freeBusyViewType = FreeBusyViewType.None; CalendarEvent[] calendarEventArray = null; string mergedFreeBusy = null; WorkingHours workingHours = null; EmailAddress email = freeBusyQuery.Email; StoreObjectId associatedFolderId = freeBusyQuery.RecipientData.AssociatedFolderId; StoreObjectId defaultFolderId = session.GetDefaultFolderId(DefaultFolderType.Calendar); if (defaultFolderId == null) { return(this.HandleException(email, new NoCalendarException())); } if (associatedFolderId != null && !associatedFolderId.Equals(defaultFolderId)) { return(this.HandleException(email, new NotDefaultCalendarException())); } session.ExTimeZone = this.clientContext.TimeZone; using (CalendarFolder calendarFolder = CalendarFolder.Bind(session, DefaultFolderType.Calendar, CalendarQuery.CalendarFolderQueryProps)) { TimeSpan t = this.deadline - DateTime.UtcNow; if (t <= TimeSpan.Zero) { return(this.HandleException(email, new TimeoutExpiredException("Determine-Allowed-Access"))); } FreeBusyPermissionLevel freeBusyPermissionLevel = FreeBusyPermission.DetermineAllowedAccess(this.clientContext, session, calendarFolder, freeBusyQuery, this.defaultFreeBusyOnly); CalendarQuery.CalendarViewTracer.TraceDebug((long)this.GetHashCode(), "{0}: AccessCheck returned {1} for user {2} on mailbox {3}", new object[] { TraceContext.Get(), freeBusyPermissionLevel, this.clientContext, email }); if (freeBusyPermissionLevel == FreeBusyPermissionLevel.None) { CalendarQuery.CalendarViewTracer.TraceDebug <object, EmailAddress>((long)this.GetHashCode(), "{0}: No mailbox data will be returned for mailbox {1} since the granted access level to caller is None.", TraceContext.Get(), email); return(new FreeBusyQueryResult(new NoFreeBusyAccessException(44348U))); } t = this.deadline - DateTime.UtcNow; if (t <= TimeSpan.Zero) { return(this.HandleException(email, new TimeoutExpiredException("Get-Calendar-View"))); } freeBusyViewType = CalendarQuery.GetReturnView(this.requestedFreeBusyView.RequestedView, freeBusyPermissionLevel); ExDateTime windowStart = new ExDateTime(this.clientContext.TimeZone, this.requestedFreeBusyView.TimeWindow.StartTime); ExDateTime windowEnd = new ExDateTime(this.clientContext.TimeZone, this.requestedFreeBusyView.TimeWindow.EndTime); try { calendarEventArray = InternalCalendarQuery.GetCalendarEvents(email, calendarFolder, windowStart, windowEnd, freeBusyViewType, freeBusyPermissionLevel == FreeBusyPermissionLevel.Owner, this.clientContext.RequestSchemaVersion); } catch (ResultSetTooBigException e) { return(this.HandleException(email, e)); } if (FreeBusyViewOptions.IsMerged(freeBusyViewType)) { t = this.deadline - DateTime.UtcNow; if (t <= TimeSpan.Zero) { return(this.HandleException(email, new TimeoutExpiredException("Generate-Merged-FreeBusy"))); } int mergedFreeBusyIntervalInMinutes = this.requestedFreeBusyView.MergedFreeBusyIntervalInMinutes; mergedFreeBusy = MergedFreeBusy.GenerateMergedFreeBusyString(this.clientContext.TimeZone, mergedFreeBusyIntervalInMinutes, windowStart, windowEnd, calendarEventArray, false, null, this.clientContext.RequestSchemaVersion); } t = this.deadline - DateTime.UtcNow; if (t <= TimeSpan.Zero) { return(this.HandleException(email, new TimeoutExpiredException("Getting-Work-Hours"))); } workingHours = this.GetWorkingHours(email, session, calendarFolder); } return(new FreeBusyQueryResult(freeBusyViewType, calendarEventArray, mergedFreeBusy, workingHours)); }