// Token: 0x0600108B RID: 4235 RVA: 0x0004FC28 File Offset: 0x0004DE28
internal static ScopeSet GetAllTenantsDefaultScopeSet(string partitionFqdn)
{
ADScope item = new ADScope(ADSession.GetHostedOrganizationsRoot(partitionFqdn), null);
ADScopeCollection item2 = new ADScopeCollection(new List <ADScope>(1)
{
item
});
return(new ScopeSet(item, new List <ADScopeCollection>(1)
{
item2
}, new ADScope(ADSession.GetHostedOrganizationsRoot(partitionFqdn), null), null));
}
// Token: 0x0600108A RID: 4234 RVA: 0x0004FBBC File Offset: 0x0004DDBC
internal static ScopeSet GetOrgWideDefaultScopeSet(OrganizationId organizationId, QueryFilter recipientReadFilter)
{
if (organizationId == null)
{
throw new ArgumentNullException("organizationId");
}
ADScopeCollection item = new ADScopeCollection(new List <ADScope>
{
new ADScope(organizationId.OrganizationalUnit, null)
});
IList <ADScopeCollection> list = new List <ADScopeCollection>();
list.Add(item);
return(new ScopeSet(new ADScope(organizationId.OrganizationalUnit, recipientReadFilter), list, new ADScope(organizationId.ConfigurationUnit, null), null));
}
internal static ADScope CombineScopeCollections(IList <ADScopeCollection> combinableScopeCollections)
{
QueryFilter[] array = new QueryFilter[combinableScopeCollections.Count];
for (int i = 0; i < combinableScopeCollections.Count; i++)
{
ADScopeCollection combinableScopes = combinableScopeCollections[i];
if (combinableScopeCollections[i][0].Root != combinableScopeCollections[0][0].Root)
{
throw new ArgumentException("combinableScopeCollections");
}
array[i] = ADScope.CombineScopes(combinableScopes);
}
QueryFilter queryFilter = (array.Length == 1) ? array[0] : new AndFilter(array);
return(new ADScope(combinableScopeCollections[0][0].Root, queryFilter));
}
public static void VerifyIsWithinScopes(ADRawEntry obj, ADScope readScope, IList <ADScopeCollection> writeScopes, ADScopeCollection invalidScopes, bool emptyObjectSessionOnException)
{
ADScopeException ex;
if (!ADSession.TryVerifyIsWithinScopes(obj, readScope, writeScopes, invalidScopes, emptyObjectSessionOnException, out ex))
{
throw ex;
}
}
public static bool TryVerifyIsWithinScopes(ADRawEntry obj, ADScope readScope, IList <ADScopeCollection> writeScopes, ADScopeCollection exclusiveScopes, bool emptyObjectSessionOnException, out ADScopeException exception)
{
return(ADSession.TryVerifyIsWithinScopes(obj, readScope, writeScopes, exclusiveScopes, null, emptyObjectSessionOnException, out exception));
}
internal static bool TryVerifyIsWithinScopes(ADRawEntry obj, ADScope readScope, IList <ADScopeCollection> writeScopes, ADScopeCollection exclusiveScopes, IList <ValidationRule> validationRules, bool emptyObjectSessionOnException, ConfigScopes sessionScopeHint, out ADScopeException exception)
{
if (readScope == null)
{
throw new ArgumentNullException("readScope");
}
if (writeScopes == null)
{
throw new ArgumentNullException("writeScopes");
}
exception = null;
bool flag;
if (!ADSession.IsWithinScope(obj, readScope, out flag))
{
if (!flag || sessionScopeHint != ConfigScopes.RootOrg || ADSession.IsTenantIdentity(obj.Id, obj.Id.GetPartitionId().ForestFQDN))
{
if (obj is ADObject && emptyObjectSessionOnException)
{
((ADObject)obj).m_Session = null;
}
exception = new ADScopeException(DirectoryStrings.ErrorNotInReadScope(obj.Id.ToString()));
return(false);
}
ExTraceGlobals.ScopeVerificationTracer.TraceDebug <ADObjectId>(0L, "ADSession::TryVerifyIsWithinScopes Allowing unfilterable object '{0}' in RootOrg-scoped session to bypass filter verification", obj.Id);
}
bool flag2 = false;
if (exclusiveScopes != null)
{
foreach (ADScope scope in exclusiveScopes)
{
if (ADSession.IsWithinScope(obj, scope))
{
flag2 = true;
break;
}
}
}
foreach (ADScopeCollection adscopeCollection in writeScopes)
{
bool flag3 = false;
foreach (ADScope adscope in adscopeCollection)
{
bool flag4 = false;
bool flag5 = false;
bool flag6 = false;
if (adscope is RbacScope)
{
RbacScope rbacScope = (RbacScope)adscope;
flag4 = rbacScope.Exclusive;
flag5 = rbacScope.IsFromEndUserRole;
flag6 = (rbacScope.ScopeType == ScopeType.Self);
}
if (!flag2 && flag4)
{
ExTraceGlobals.ScopeVerificationTracer.TraceDebug(0L, "ADSession::TryVerifyIsWithinScopes Ignoring scope ScopeRoot '{0}', ScopeFilter '{1}', IsWithinExclusiveScope '{2}', IsExclusive '{3}'", new object[]
{
(adscope.Root == null) ? "<null>" : adscope.Root.ToDNString(),
(adscope.Filter == null) ? "<null>" : adscope.Filter.ToString(),
flag2,
flag4
});
}
else
{
ADScope adscope2 = adscope;
if (flag2 && !flag4)
{
if (!flag5)
{
ExTraceGlobals.ScopeVerificationTracer.TraceDebug(0L, "ADSession::TryVerifyIsWithinScopes Ignoring scope ScopeRoot '{0}', ScopeFilter '{1}', IsWithinExclusiveScope '{2}', IsExclusive '{3}'", new object[]
{
(adscope2.Root == null) ? "<null>" : adscope2.Root.ToDNString(),
(adscope2.Filter == null) ? "<null>" : adscope2.Filter.ToString(),
flag2,
flag4
});
continue;
}
if (!flag6)
{
if (((RbacScope)adscope2).SelfFilter == null)
{
exception = new ADScopeException(DirectoryStrings.ExArgumentNullException("RbacScope.SelfFilter"));
return(false);
}
adscope2 = new RbacScope(ScopeType.Self)
{
Root = ((RbacScope)adscope2).SelfRoot,
Filter = ((RbacScope)adscope2).SelfFilter
};
}
}
if (ADSession.IsWithinScope(obj, adscope2))
{
flag3 = true;
break;
}
}
}
if (!flag3)
{
if (obj is ADObject && emptyObjectSessionOnException)
{
((ADObject)obj).m_Session = null;
}
exception = new ADScopeException(DirectoryStrings.ErrorNoWriteScope(obj.Id.ToString()));
return(false);
}
}
if (validationRules != null)
{
RuleValidationException ex = null;
foreach (ValidationRule validationRule in validationRules)
{
if (!validationRule.TryValidate(obj, out ex))
{
exception = ex;
return(false);
}
}
}
return(true);
}