private RoleGroupRoleMapping[] GetRoleGroupAssignmentsDefinition()
{
if (this.Organization == null)
{
if (Datacenter.IsMicrosoftHostedOnly(false))
{
return(Datacenter_RoleGroupDefinition.Definition);
}
if (Datacenter.IsPartnerHostedOnly(false))
{
return(Hosting_RoleGroupDefinition.Definition);
}
if (Datacenter.IsDatacenterDedicated(false))
{
return(Dedicated_RoleGroupDefinition.Definition);
}
return(Enterprise_RoleGroupDefinition.Definition);
}
else
{
if (Datacenter.IsPartnerHostedOnly(false))
{
return(HostedTenant_RoleGroupDefinition.Definition);
}
return(Tenant_RoleGroupDefinition.Definition);
}
}
private List <string> GetCannedRoleNames()
{
RoleDefinition[] array;
if (InstallCannedRbacRoleAssignments.isFfoEnvironment)
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedEOPRoles_Datacenter.Definition, CannedUCCRoles_Datacenter.Definition);
}
else if (this.Organization == null)
{
if (Datacenter.IsMicrosoftHostedOnly(false))
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition);
}
else if (Datacenter.IsPartnerHostedOnly(false))
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Hosting.Definition, CannedWebServiceRoles_Hosting.Definition);
}
else if (Datacenter.IsDatacenterDedicated(false))
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Dedicated.Definition, CannedWebServiceRoles_Hosting.Definition);
}
else
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Enterprise.Definition, CannedWebServiceRoles_Enterprise.Definition);
}
}
else if (Datacenter.IsPartnerHostedOnly(false))
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_HostedTenant.Definition, CannedWebServiceRoles_HostedTenant.Definition);
}
else
{
array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Tenant.Definition, CannedWebServiceRoles_Tenant.Definition);
}
List <string> list = new List <string>(array.Length);
foreach (RoleDefinition roleDefinition in array)
{
list.Add(roleDefinition.RoleName);
if (base.ServicePlanSettings != null && Array.BinarySearch <RoleType>(ExchangeRole.EndUserRoleTypes, roleDefinition.RoleType) >= 0)
{
foreach (ServicePlan.MailboxPlan mailboxPlan in base.ServicePlanSettings.MailboxPlans)
{
list.Add(string.Format("{0}_{1}", roleDefinition.RoleName, mailboxPlan.Name));
}
}
}
list.Sort();
return(list);
}
private void CheckRoleAssignmentDefinition(RoleAssignmentDefinition roleAssignment)
{
if (roleAssignment.UseSafeRole)
{
if (!Datacenter.IsMicrosoftHostedOnly(false))
{
Datacenter.IsDatacenterDedicated(false);
}
if (Datacenter.IsMicrosoftHostedOnly(false) || Datacenter.IsDatacenterDedicated(false))
{
OrganizationIdParameter organization = this.Organization;
}
}
}
// Token: 0x06000312 RID: 786 RVA: 0x000109A4 File Offset: 0x0000EBA4
internal void ValidatePartitionFqdn(string fqdn)
{
if (string.IsNullOrEmpty(fqdn))
{
throw new ArgumentNullException("fqdn");
}
if (!Fqdn.IsValidFqdn(fqdn.Trim()))
{
throw new ArgumentException(string.Format("Invalid fqdn parameter value: '{0}'", fqdn.Trim()));
}
if (Datacenter.IsMicrosoftHostedOnly(true) && !Datacenter.IsDatacenterDedicated(true) && !PartitionId.IsLocalForestPartition(fqdn) && !fqdn.EndsWith("outlook.com", StringComparison.OrdinalIgnoreCase) && !fqdn.EndsWith("exchangelabs.com", StringComparison.OrdinalIgnoreCase) && !fqdn.EndsWith("outlook.cn", StringComparison.OrdinalIgnoreCase) && !fqdn.EndsWith("extest.microsoft.com", StringComparison.OrdinalIgnoreCase))
{
throw new ArgumentException(DirectoryStrings.InvalidPartitionFqdn(fqdn));
}
}
internal static RoleGroupCollection RoleGroupsToCreate()
{
RoleGroupCollection roleGroupCollection = new RoleGroupCollection();
Datacenter.ExchangeSku exchangeSku = Datacenter.GetExchangeSku();
RoleGroupRoleMapping[] definition;
if (Datacenter.IsMicrosoftHostedOnly(false))
{
definition = Datacenter_RoleGroupDefinition.Definition;
}
else if (Datacenter.IsPartnerHostedOnly(false))
{
definition = Hosting_RoleGroupDefinition.Definition;
}
else if (Datacenter.IsDatacenterDedicated(false))
{
definition = Dedicated_RoleGroupDefinition.Definition;
}
else
{
definition = Enterprise_RoleGroupDefinition.Definition;
}
using (List <RoleGroupDefinition> .Enumerator enumerator = RoleGroupDefinitions.RoleGroups.GetEnumerator())
{
while (enumerator.MoveNext())
{
RoleGroupDefinition roleGroup = enumerator.Current;
if (roleGroup.AlwaysCreateOnSku != null && roleGroup.AlwaysCreateOnSku.Contains(exchangeSku))
{
roleGroupCollection.Add(new RoleGroupDefinition(roleGroup));
}
else
{
RoleGroupRoleMapping roleGroupRoleMapping = definition.FirstOrDefault((RoleGroupRoleMapping x) => x.RoleGroup.Equals(roleGroup.Name, StringComparison.OrdinalIgnoreCase));
if (roleGroupRoleMapping != null)
{
roleGroupCollection.Add(new RoleGroupDefinition(roleGroup));
}
}
}
}
return(roleGroupCollection);
}
protected void FindAndUpdateDerivedRoles(ExchangeRole updatedParentRole, RoleEntry[] oldParentRoleEntries, RoleDefinition roleDefinition, ref int recursionCount)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction(20005L, "-->FindAndUpdateDerivedRoles: updatedParentRole.Name = {0}, updatedParentRole.RoleEntries.Count = {1}, oldParentRoleEntries.Length = {2}, recursionCount = {3}", new object[]
{
updatedParentRole.Name,
updatedParentRole.RoleEntries.Count,
oldParentRoleEntries.Length,
recursionCount
});
if (++recursionCount >= 1000)
{
return;
}
bool flag = false;
bool flag2 = this.settings.Organization == null && (Datacenter.IsMicrosoftHostedOnly(false) || Datacenter.IsDatacenterDedicated(false)) && roleDefinition.ContainsProhibitedActions(InstallCannedRbacRoles.DCProhibitedActions);
ADPagedReader <ExchangeRole> adpagedReader = this.settings.ConfigurationSession.FindPaged <ExchangeRole>(updatedParentRole.Id, QueryScope.OneLevel, null, null, 0);
foreach (ExchangeRole exchangeRole in adpagedReader)
{
this.settings.LogReadObject(exchangeRole);
RoleEntry[] array = this.PrepareRoleForUpgradeAndGetOldSortedEntries(exchangeRole, false);
List <RoleEntry> value;
if (1 == recursionCount && flag2 && exchangeRole.Name.Equals(RoleDefinition.GetDCSafeNameForRole(updatedParentRole.Name), StringComparison.OrdinalIgnoreCase))
{
value = roleDefinition.GetRoleEntriesFilteringProhibitedActions(null, InstallCannedRbacRoles.DCProhibitedActions);
flag = true;
}
else
{
value = this.GetListOfRoleEntriesForChildRole(oldParentRoleEntries, array, updatedParentRole.RoleEntries.ToArray(), exchangeRole.IsChanged(ADObjectSchema.ExchangeVersion));
}
exchangeRole.RoleEntries = new MultiValuedProperty <RoleEntry>(value);
this.FindAndUpdateDerivedRoles(exchangeRole, array, roleDefinition, ref recursionCount);
this.SaveDerivedRoleAndWarnOnValidationErrors(exchangeRole);
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, int>(20005L, "----FindAndUpdateDerivedRoles: role.Name = {0}, role.RoleEntries.Count = {1}", exchangeRole.Name, exchangeRole.RoleEntries.Count);
}
if (1 == recursionCount && !flag)
{
this.CreateDCSafeRoleIfNeeded(updatedParentRole, roleDefinition);
}
recursionCount--;
ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20005L, "<--FindAndUpdateDerivedRoles: recursionCount = {0}", recursionCount);
}
internal static void CalculateRoleConfigurationForCurrentSKU(OrganizationIdParameter organization, ServicePlan servicePlanSettings, out RoleDefinition[] roles, out RoleNameMappingCollection nameMapping, out string[] rolesToRemove, out RoleEntry[] allAllowedRoleEntriesForSKU)
{
if (InstallCannedRbacRoles.isFfoEnvironment)
{
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedEOPRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition);
roles = InstallCannedRbacRoles.MergeRoleDefinitions(roles, CannedUCCRoles_Datacenter.Definition);
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingDatacenterR4;
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesDatacenter;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableEOPRoleEntries_Datacenter.RoleEntries, AvailableWebServiceRoleEntries_Datacenter.RoleEntries, AvailableUCCRoleEntries_Datacenter.RoleEntries);
return;
}
if (organization == null)
{
if (Datacenter.IsMicrosoftHostedOnly(false))
{
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition);
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingDatacenterR4;
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesDatacenter;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Datacenter.RoleEntries, AvailableWebServiceRoleEntries_Datacenter.RoleEntries, null);
return;
}
if (Datacenter.IsPartnerHostedOnly(false))
{
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Hosting.Definition, CannedWebServiceRoles_Hosting.Definition);
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingHostingR4;
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesHosting;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Hosting.RoleEntries, AvailableWebServiceRoleEntries_Hosting.RoleEntries, null);
return;
}
if (Datacenter.IsDatacenterDedicated(false))
{
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Dedicated.Definition, CannedWebServiceRoles_Dedicated.Definition);
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingEnterpriseR4;
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesEnterprise;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Dedicated.RoleEntries, AvailableWebServiceRoleEntries_Dedicated.RoleEntries, null);
return;
}
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Enterprise.Definition, CannedWebServiceRoles_Enterprise.Definition);
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingEnterpriseR4;
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesEnterprise;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Enterprise.RoleEntries, AvailableWebServiceRoleEntries_Enterprise.RoleEntries, null);
return;
}
else
{
if (Datacenter.IsPartnerHostedOnly(false))
{
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_HostedTenant.Definition, CannedWebServiceRoles_HostedTenant.Definition);
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesHostedTenant;
if (servicePlanSettings != null)
{
List <string> enabledRoleGroupRoleAssignmentFeatures = servicePlanSettings.Organization.GetEnabledRoleGroupRoleAssignmentFeatures();
RoleGroupRoleMapping[] definition = HostedTenant_RoleGroupDefinition.Definition;
List <string> a;
roles = InstallCannedRbacRoles.FilterOrgRolesByRoleGroupFilters(roles, enabledRoleGroupRoleAssignmentFeatures, definition, out a);
rolesToRemove = InstallCannedRbacRoles.AppendIListToarray <string>(rolesToRemove, a);
}
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingHostedTenantR4;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_HostedTenant.RoleEntries, AvailableWebServiceRoleEntries_HostedTenant.RoleEntries, null);
return;
}
roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Tenant.Definition, CannedWebServiceRoles_Tenant.Definition);
rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesTenant;
if (servicePlanSettings != null)
{
List <string> enabledRoleGroupRoleAssignmentFeatures2 = servicePlanSettings.Organization.GetEnabledRoleGroupRoleAssignmentFeatures();
RoleGroupRoleMapping[] definition2 = Tenant_RoleGroupDefinition.Definition;
List <string> a2;
roles = InstallCannedRbacRoles.FilterOrgRolesByRoleGroupFilters(roles, enabledRoleGroupRoleAssignmentFeatures2, definition2, out a2);
rolesToRemove = InstallCannedRbacRoles.AppendIListToarray <string>(rolesToRemove, a2);
}
nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingTenantR4;
allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Tenant.RoleEntries, AvailableWebServiceRoleEntries_Tenant.RoleEntries, null);
return;
}
}
