private bool PreMembershipUpdate()
{
this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(false, ConsistencyMode.IgnoreInvalid, this.mailboxSession.GetADSessionSettings(), 106, "PreMembershipUpdate", "f:\\15.00.1497\\sources\\dev\\UnifiedGroups\\src\\UnifiedGroups\\GroupMailboxAccessLayer\\Commands\\GroupMailboxMembershipUpdater.cs");
this.groupObject = this.recipientSession.FindADUserByObjectId(this.mailboxSession.MailboxOwner.ObjectId);
if (this.groupObject == null)
{
GroupMailboxMembershipUpdater.Tracer.TraceError <string>((long)this.GetHashCode(), "PreMembershipUpdate: Unable to locate the AD object for the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
return(false);
}
if (this.groupObject.RecipientTypeDetails != RecipientTypeDetails.GroupMailbox)
{
GroupMailboxMembershipUpdater.Tracer.TraceError <string>((long)this.GetHashCode(), "PreMembershipUpdate: The mailbox {0} is not of type group mailbox", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
return(false);
}
GroupMailboxMembershipUpdater.Tracer.TraceDebug <string>((long)this.GetHashCode(), "PreMembershipUpdate: Located the AD object of the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
this.previousExternalMemberUser = new ExternalUser(this.mailboxSession.DisplayName, this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString(), SmtpAddress.Parse(this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString()), GroupMailboxMembershipUpdater.EarlierGroupMailboxMemberAccessSecurityIdentifier);
this.currentExternalMemberUser = ExternalUser.CreateExternalUserForGroupMailbox(this.mailboxSession.DisplayName, "Member@local", this.mailboxSession.MailboxGuid, SecurityIdentity.GroupMailboxMemberType.Member);
this.currentExternalOwnerUser = ExternalUser.CreateExternalUserForGroupMailbox(this.mailboxSession.DisplayName, "Owner@local", this.mailboxSession.MailboxGuid, SecurityIdentity.GroupMailboxMemberType.Owner);
using (ExternalUserCollection externalUsers = this.mailboxSession.GetExternalUsers())
{
if (!this.AddToExternalUserCollection(externalUsers, this.previousExternalMemberUser) || !this.AddToExternalUserCollection(externalUsers, this.currentExternalMemberUser) || !this.AddToExternalUserCollection(externalUsers, this.currentExternalOwnerUser))
{
GroupMailboxMembershipUpdater.Tracer.TraceError <string>((long)this.GetHashCode(), "PreMembershipUpdate: Unable to update external user collection to the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
return(false);
}
GroupMailboxMembershipUpdater.Tracer.TraceDebug <string>((long)this.GetHashCode(), "PreMembershipUpdate: Updated external user collection of the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
}
return(true);
}
private static string GetExternalIdentity(ExternalClientContext externalClientContext, MailboxSession session)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, ExternalClientContext, IExchangePrincipal>(0L, "{0}: searching for external identity for caller {1} in mailbox {2}", TraceContext.Get(), externalClientContext, session.MailboxOwner);
Stopwatch stopwatch = Stopwatch.StartNew();
try
{
PersonalClientContext personalClientContext = externalClientContext as PersonalClientContext;
if (personalClientContext != null)
{
using (ExternalUserCollection externalUsers = session.GetExternalUsers())
{
ExternalUser externalUser = externalUsers.FindExternalUser(personalClientContext.ExternalId.ToString());
if (externalUser != null)
{
string text = externalUser.Sid.ToString();
FreeBusyPermission.SecurityTracer.TraceDebug <object, string>(0L, "{0}: found personal client context from external identity: {1}", TraceContext.Get(), text);
return(text);
}
}
}
}
finally
{
stopwatch.Stop();
PerformanceCounters.AverageExternalAuthenticationIdentityMappingTime.IncrementBy(stopwatch.ElapsedTicks);
PerformanceCounters.AverageExternalAuthenticationIdentityMappingTimeBase.Increment();
}
return(null);
}
private bool RemoveFromExternalUserCollection(ExternalUserCollection externalUserCollection, ExternalUser externalUser)
{
if (externalUserCollection.Contains(externalUser))
{
externalUserCollection.Remove(externalUser);
}
externalUserCollection.Save();
if (externalUserCollection.Contains(externalUser))
{
GroupMailboxMembershipUpdater.Tracer.TraceError <ExternalUser, string>((long)this.GetHashCode(), "Unable to remove external user {0} from the group mailbox {1}", externalUser, this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
return(false);
}
return(true);
}
internal static ExternalIdentityToken GetExternalIdentityToken(MailboxSession session, SmtpAddress externalId)
{
if (session != null && session.Capabilities.CanHaveExternalUsers)
{
using (ExternalUserCollection externalUsers = session.GetExternalUsers())
{
ExternalUser externalUser = externalUsers.FindExternalUser(externalId.ToString());
if (externalUser != null)
{
return(new ExternalIdentityToken(externalUser.Sid));
}
ExternalIdentityToken.Tracer.TraceError <SmtpAddress, IExchangePrincipal>(0L, "{0}: Unable to find the requester in the external user collection in mailbox {1}.", externalId, session.MailboxOwner);
}
}
return(null);
}
private void PostMembershipUpdate()
{
ArgumentValidator.ThrowIfNull("previousExternalMemberUser", this.previousExternalMemberUser);
using (ExternalUserCollection externalUsers = this.mailboxSession.GetExternalUsers())
{
if (!this.RemoveFromExternalUserCollection(externalUsers, this.previousExternalMemberUser))
{
GroupMailboxMembershipUpdater.Tracer.TraceError <string>((long)this.GetHashCode(), "PostMembershipUpdate: Unable to update external user collection of the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
}
else
{
GroupMailboxMembershipUpdater.Tracer.TraceDebug <string>((long)this.GetHashCode(), "PostMembershipUpdate: Updated external user collection of the group mailbox {0} successfully", this.mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString());
}
}
this.mailboxSession.Mailbox[MailboxSchema.GroupMailboxPermissionsVersion] = GroupMailboxPermissionHandler.GroupMailboxPermissionVersion;
this.mailboxSession.Mailbox.Save();
this.mailboxSession.Mailbox.Load();
}
internal void EnsureExternalUser(MailboxSession mailboxSession)
{
if (this.UserType != MailboxFolderUserId.MailboxFolderUserType.External)
{
throw new InvalidOperationException("Only support External user type.");
}
if (this.externalUser != null)
{
return;
}
using (ExternalUserCollection externalUsers = mailboxSession.GetExternalUsers())
{
ExternalUser externalUser = externalUsers.FindExternalUser(this.smtpAddress);
if (externalUser == null)
{
throw new InvalidExternalUserIdException(this.smtpAddress.ToString());
}
this.externalUser = externalUser;
}
}
// Token: 0x06000E4E RID: 3662 RVA: 0x00056098 File Offset: 0x00054298
private static bool HasExternalUser(ExternalUserCollection externalUserCollection, RawSecurityDescriptor securityDescriptor)
{
if (securityDescriptor.DiscretionaryAcl != null)
{
foreach (GenericAce genericAce in securityDescriptor.DiscretionaryAcl)
{
if (genericAce.AceType == AceType.AccessAllowed || genericAce.AceType == AceType.AccessDenied)
{
CommonAce commonAce = genericAce as CommonAce;
if (commonAce != null)
{
ExternalUser externalUser = externalUserCollection.FindExternalUser(commonAce.SecurityIdentifier);
if (externalUser != null)
{
return(true);
}
}
}
}
}
return(false);
}
private void SetFolderPermissions()
{
ExternalUser externalUser = ExternalUser.CreateExternalUserForGroupMailbox(this.MailboxPrincipal.MailboxInfo.DisplayName, "Member@local", this.MailboxPrincipal.MailboxInfo.MailboxGuid, SecurityIdentity.GroupMailboxMemberType.Member);
ExternalUser externalUser2 = ExternalUser.CreateExternalUserForGroupMailbox(this.MailboxPrincipal.MailboxInfo.DisplayName, "Owner@local", this.MailboxPrincipal.MailboxInfo.MailboxGuid, SecurityIdentity.GroupMailboxMemberType.Owner);
using (ExternalUserCollection externalUsers = this.mailboxSession.GetExternalUsers())
{
if (!externalUsers.Contains(externalUser))
{
externalUsers.Add(externalUser);
}
if (!externalUsers.Contains(externalUser2))
{
externalUsers.Add(externalUser2);
}
externalUsers.Save();
if (!externalUsers.Contains(externalUser))
{
throw new GroupMailboxFailedToAddExternalUserException(Strings.ErrorUnableToAddExternalUser(externalUser.Name));
}
if (!externalUsers.Contains(externalUser2))
{
throw new GroupMailboxFailedToAddExternalUserException(Strings.ErrorUnableToAddExternalUser(externalUser2.Name));
}
this.TraceDebug("Added external member user {0} to external user collection", new object[]
{
externalUser.Name
});
this.TraceDebug("Added external owner user {0} to external user collection", new object[]
{
externalUser2.Name
});
}
PermissionSecurityPrincipal userSecurityPrincipal = new PermissionSecurityPrincipal(externalUser);
PermissionSecurityPrincipal userSecurityPrincipal2 = new PermissionSecurityPrincipal(externalUser2);
int num = 0;
List <PermissionEntry> list = new List <PermissionEntry>(3);
var array = new < > f__AnonymousType0 <DefaultFolderType, MemberRights, MemberRights>[]
{
new
{
Folder = DefaultFolderType.MailboxAssociation,
OwnerPermission = GroupMailboxPermissionHandler.MailboxAssociationPermission,
MemberPermission = GroupMailboxPermissionHandler.MailboxAssociationPermission
},
new
{
Folder = DefaultFolderType.SearchFolders,
OwnerPermission = (GroupMailboxPermissionHandler.SearchFolderPermission | GroupMailboxPermissionHandler.OwnerSpecificPermission),
MemberPermission = GroupMailboxPermissionHandler.SearchFolderPermission
},
new
{
Folder = DefaultFolderType.Calendar,
OwnerPermission = GroupMailboxPermissionHandler.CalendarFolderPermission,
MemberPermission = GroupMailboxPermissionHandler.CalendarFolderPermission
}
};
list.Add(new PermissionEntry(userSecurityPrincipal2, GroupMailboxPermissionHandler.ConfigurationFolderPermission));
int num2;
GroupMailboxPermissionHandler.AssignMemberRight(this.mailboxSession, list, DefaultFolderType.Configuration, out num2);
num += num2;
var array2 = array;
for (int i = 0; i < array2.Length; i++)
{
var <> f__AnonymousType = array2[i];
list.Clear();
list.Add(new PermissionEntry(userSecurityPrincipal2, <> f__AnonymousType.OwnerPermission));
list.Add(new PermissionEntry(userSecurityPrincipal, <> f__AnonymousType.MemberPermission));
if (!GroupMailboxPermissionHandler.AssignMemberRight(this.mailboxSession, list, <> f__AnonymousType.Folder, out num2))
{
throw new GroupMailboxFailedToConfigureMailboxException(Strings.ErrorUnableToConfigureMailbox(< > f__AnonymousType.Folder.ToString(), this.MailboxPrincipal.MailboxInfo.DisplayName));
}
num += num2;
}
this.report.FoldersPrivilegedCount = num;
this.mailboxSession.Mailbox[MailboxSchema.GroupMailboxPermissionsVersion] = GroupMailboxPermissionHandler.GroupMailboxPermissionVersion;
this.mailboxSession.Mailbox.Save();
this.mailboxSession.Mailbox.Load();
}
