public EnableOrganizationCustomizationThrottlingModule(TaskContext context) : base(context)
{
this.budgets.Add(new BudgetInformation
{
Budget = PowerShellBudget.Acquire(TenantHydrationBudgetKey.Singleton),
ThrottledEventInfo = TaskEventLogConstants.Tuple_SlimTenantTaskThrottled
});
}
private IPowerShellBudget GetBudget(HttpContext context)
{
if (context.User is DelegatedPrincipal)
{
using (new MonitoredScope("ThrottlingHttpModule", "AcquireDelegatedPrincipalBudget", HttpModuleHelper.HttpPerfMonitors))
{
return(PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey((DelegatedPrincipal)context.User, BudgetType.WSMan)));
}
}
if (context.CurrentUserToken() == null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] No CAT.");
return(null);
}
SecurityIdentifier userSid = context.CurrentUserToken().UserSid;
if (userSid == null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] sid = null.");
return(null);
}
OrganizationId organization = context.CurrentUserToken().Organization;
if (organization == null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] orgId = null.");
return(null);
}
ADObjectId adobjectId;
if (organization.Equals(OrganizationId.ForestWideOrgId))
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] Forest Wide Org Id.");
adobjectId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
}
else
{
adobjectId = ADSystemConfigurationSession.GetRootOrgContainerId(organization.PartitionId.ForestFQDN, null, null);
}
ExTraceGlobals.HttpModuleTracer.TraceDebug <string>((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] rootOrgId = {0}.", (adobjectId == null) ? null : adobjectId.DistinguishedName);
IPowerShellBudget result;
using (new MonitoredScope("ThrottlingHttpModule", "AcquireBudget", HttpModuleHelper.HttpPerfMonitors))
{
result = PowerShellBudget.Acquire(userSid, BudgetType.WSMan, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(adobjectId, organization, organization, true));
}
return(result);
}
private static IPowerShellBudget AcquirePowerShellBudget(ExchangeRunspaceConfiguration configuration)
{
IPowerShellBudget powerShellBudget;
SecurityIdentifier callerSid;
if (configuration.DelegatedPrincipal != null)
{
powerShellBudget = PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey(configuration.DelegatedPrincipal, BudgetType.PowerShell));
}
else if (!configuration.TryGetExecutingUserSid(out callerSid))
{
ADObjectId adobjectId;
if (!configuration.TryGetExecutingUserId(out adobjectId))
{
throw new ExecutingUserPropertyNotFoundException("ExecutingUserSid");
}
powerShellBudget = PowerShellBudget.AcquireFallback(adobjectId.ObjectGuid.ToString(), BudgetType.PowerShell);
}
else
{
ADObjectId rootOrgId;
if (configuration.ExecutingUserOrganizationId == null || configuration.ExecutingUserOrganizationId.Equals(OrganizationId.ForestWideOrgId))
{
rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
}
else
{
rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerId(configuration.ExecutingUserOrganizationId.PartitionId.ForestFQDN, null, null);
}
powerShellBudget = PowerShellBudget.Acquire(callerSid, BudgetType.PowerShell, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgId, configuration.ExecutingUserOrganizationId, configuration.ExecutingUserOrganizationId, true));
}
PowerShellThrottlingPolicyUpdater.RevertExpiredThrottlingPolicyIfNeeded(powerShellBudget);
if (configuration.IsPowerShellWebService)
{
IPowerShellBudget result = new PswsBudgetWrapper(((BudgetWrapper <PowerShellBudget>)powerShellBudget).GetInnerBudget());
if (powerShellBudget != null)
{
powerShellBudget.Dispose();
}
return(result);
}
return(powerShellBudget);
}
internal virtual IPowerShellBudget CreateBudget(BudgetType budgetType)
{
IPowerShellBudget result = null;
if (this.DelegatedPrincipal != null)
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <BudgetType, string>(0L, "Create Budge {0} for AuthZPluginUserToken {1} using DelegatedPrincipal.", budgetType, this.UserName);
result = PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey(this.DelegatedPrincipal, budgetType));
}
else
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <BudgetType, string>(0L, "Create Budge {0} for AuthZPluginUserToken {1} using UserEntry.", budgetType, this.UserName);
if (budgetType == BudgetType.WSManTenant)
{
return(PowerShellBudget.Acquire(new TenantBudgetKey(this.OrgId, budgetType)));
}
SecurityIdentifier securityIdentifier = (SecurityIdentifier)this.UserEntry[IADSecurityPrincipalSchema.Sid];
if (securityIdentifier != null)
{
ADObjectId rootOrgId;
if (this.OrgId == null || this.OrgId.Equals(OrganizationId.ForestWideOrgId))
{
rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
}
else
{
rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerId(this.OrgId.PartitionId.ForestFQDN, null, null);
}
result = PowerShellBudget.Acquire(securityIdentifier, budgetType, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgId, this.OrgId, this.OrgId, true));
}
else
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <string>(0L, "Sid is null, return null budget for AuthZPluginUserToken {0}.", this.UserName);
}
}
return(result);
}
