private void LoadPublishedCalendarOptionsForReachUser()
{
this.publishedOptions = new MailboxCalendarFolder();
PermissionSecurityPrincipal targetPrincipal = null;
using (ExternalUserCollection externalUsers = base.MailboxSession.GetExternalUsers())
{
ExternalUser externalUser = externalUsers.FindExternalUser(this.reachUserSid);
if (externalUser == null || !externalUser.IsReachUser)
{
ExTraceGlobals.SharingTracer.TraceDebug <SecurityIdentifier, bool, bool>((long)this.GetHashCode(), "ReachAccessSid={0}, Found ExternalUser:{1}, IsReachUser:{2}", this.reachUserSid, externalUser != null, externalUser != null && externalUser.IsReachUser);
throw new PublishedFolderAccessDeniedException();
}
targetPrincipal = new PermissionSecurityPrincipal(externalUser);
}
DetailLevelEnumType?freeBusyAccessLevel = this.GetFreeBusyAccessLevel(targetPrincipal);
if (freeBusyAccessLevel == null)
{
throw new PublishedFolderAccessDeniedException();
}
this.publishedOptions.DetailLevel = freeBusyAccessLevel.Value;
this.publishedOptions.PublishEnabled = true;
this.publishedOptions.PublishDateRangeFrom = DateRangeEnumType.OneMonth;
this.publishedOptions.PublishDateRangeTo = DateRangeEnumType.SixMonths;
}
protected override PerformInvitationResults InternalPerformInvitation(MailboxSession mailboxSession, SharingContext context, ValidRecipient[] recipients, IFrontEndLocator frontEndLocator)
{
if (recipients.Length != 1)
{
throw new InvalidOperationException("Only single recipient is allowed.");
}
ValidRecipient validRecipient = recipients[0];
string folderId = context.FolderId.ToBase64String();
ExternalUser externalUser = this.ApplyPermission(mailboxSession, new SmtpAddress(validRecipient.SmtpAddress), context);
IRecipientSession adrecipientSession = mailboxSession.GetADRecipientSession(false, ConsistencyMode.FullyConsistent);
ADUser aduser = (ADUser)adrecipientSession.Read(mailboxSession.MailboxOwner.ObjectId);
string text = aduser.SharingAnonymousIdentities.FindExistingUrlId(SharingDataType.ReachCalendar.PublishResourceName, folderId);
Uri owaVdirUrl = OwaAnonymousVdirLocater.Instance.GetOwaVdirUrl(mailboxSession.MailboxOwner, frontEndLocator);
SmtpAddress primarySmtpAddress = mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress;
ObscureUrl obscureUrl = ObscureUrl.CreatePublishReachCalendarUrl(owaVdirUrl.ToString(), mailboxSession.MailboxGuid, primarySmtpAddress.Domain, text, externalUser.Sid);
if (string.IsNullOrEmpty(text))
{
aduser.SharingAnonymousIdentities.AddOrUpdate(SharingDataType.ReachCalendar.PublishResourceName, obscureUrl.Identity, folderId);
adrecipientSession.Save(aduser);
}
context.BrowseUrl = obscureUrl.ToString() + ".html";
context.ICalUrl = obscureUrl.ToString() + ".ics";
return(new PerformInvitationResults(recipients));
}
public static ObscureUrl CreatePublishReachCalendarUrl(string externalUrl, Guid mailboxGuid, string domain, string existingIdentity, SecurityIdentifier reachUserSid)
{
Util.ThrowOnNullOrEmptyArgument(externalUrl, "externalUrl");
Util.ThrowOnNullOrEmptyArgument(domain, "domain");
Util.ThrowOnNullArgument(reachUserSid, "reachUserSid");
if (!ExternalUser.IsValidReachSid(reachUserSid))
{
throw new ArgumentException("Not an valid reach user sid.", "reachUserSid");
}
SharingDataType reachCalendar = SharingDataType.ReachCalendar;
string text = string.IsNullOrEmpty(existingIdentity) ? Guid.NewGuid().ToString("N") : ObscureUrl.ParseGuidIdentity(reachCalendar, existingIdentity).ToString("N");
string text2 = ObscureUrl.CalculateHashString(ObscureKind.Normal, text);
string uriString = string.Format("{0}/{1}/{2}@{3}/{4}{5}/{6}/{7}", new object[]
{
externalUrl.TrimEnd(new char[]
{
'/'
}),
reachCalendar.ExternalName,
mailboxGuid.ToString("N"),
domain,
text,
text2,
reachUserSid.ToString(),
reachCalendar.PublishResourceName
});
ObscureUrl obscureUrl = new ObscureUrl(new Uri(uriString, UriKind.Absolute), reachCalendar, mailboxGuid, domain, text, ObscureKind.Normal, reachUserSid);
ExTraceGlobals.SharingTracer.TraceDebug <ObscureUrl, string>(0L, "ObscureUrl.CreatePublishReachCalendarUrl(): Created an instance of ObscureUrl: {0} - {1}.", obscureUrl, obscureUrl.TraceInfo);
return(obscureUrl);
}
private ExternalUser ApplyPermission(MailboxSession mailboxSession, SmtpAddress smtpAddress, SharingContext context)
{
ExternalUser externalUser = null;
ExternalUser externalUser2;
using (ExternalUserCollection externalUsers = mailboxSession.GetExternalUsers())
{
externalUser2 = externalUsers.FindReachUserWithOriginalSmtpAddress(smtpAddress);
externalUser = externalUsers.FindFederatedUserWithOriginalSmtpAddress(smtpAddress);
if (externalUser2 == null)
{
externalUser2 = externalUsers.AddReachUser(smtpAddress);
externalUsers.Save();
}
}
using (FolderPermissionContext current = FolderPermissionContext.GetCurrent(mailboxSession, context))
{
FreeBusyAccess freeBusy = this.GetFreeBusy(context);
PermissionSecurityPrincipal principal = new PermissionSecurityPrincipal(externalUser2);
PermissionLevel permissionLevel = (context.SharingDetail == SharingContextDetailLevel.FullDetails) ? PermissionLevel.Reviewer : PermissionLevel.None;
current.AddOrChangePermission(principal, permissionLevel, new FreeBusyAccess?(freeBusy));
if (externalUser != null)
{
current.RemovePermission(new PermissionSecurityPrincipal(externalUser));
}
}
return(externalUser2);
}
internal static ExternalUser TryGetExternalUser(SecurityIdentifier sid, ExternalUserCollection externalUsers)
{
ExternalUser result = null;
if (ExternalUser.IsExternalUserSid(sid) && externalUsers != null)
{
result = externalUsers.FindExternalUser(sid);
}
return(result);
}
private PermissionSecurityPrincipal CreatePermissionSecurityPrincipal(string recipient, ExternalUserCollection externalUserCollection)
{
ExternalUser externalUser = externalUserCollection.FindExternalUser(new SmtpAddress(recipient));
if (externalUser == null)
{
return(null);
}
return(new PermissionSecurityPrincipal(externalUser));
}
private void AddNonADEntry(MapiAclTableAdapter mapiAclTableAdapter, ref ExternalUserCollection externalUsers, string memberName, long memberId, byte[] memberEntryId, MemberRights rights)
{
ExternalUser externalUser = mapiAclTableAdapter.TryGetExternalUser(memberEntryId, ref externalUsers);
if (externalUser != null)
{
PermissionSecurityPrincipal securityPrincipal = new PermissionSecurityPrincipal(externalUser);
Permission permission = this.permissionSet.CreatePermission(securityPrincipal, rights, memberId);
this.AddPermissionEntry(securityPrincipal, permission);
return;
}
ExTraceGlobals.StorageTracer.TraceDebug <string>(0L, "PermissionTable::PermissionTable. Member has invalid entry id, member name = {0}.", memberName);
this.AddUnknownEntry(memberName, memberId, memberEntryId, rights);
}
internal static bool IsValidReachSid(SecurityIdentifier sid)
{
if (!ExternalUser.IsExternalUserSid(sid))
{
return(false);
}
string text = sid.ToString();
int num = text.LastIndexOf('-');
string a = text.Substring(num + 1);
string input = text.Substring(0, num + 1);
string b = ExternalUser.ComputeHash(input);
return(string.Equals(a, b, StringComparison.Ordinal));
}
private static bool ResolveLocalDirectoryUserFromAddressBookEntryId(byte[] entryId, LazilyInitialized <ExternalUserCollection> externalUsers, out SecurityIdentifier securityIdentifier, out bool isGroup, out string displayName)
{
securityIdentifier = null;
isGroup = false;
displayName = string.Empty;
securityIdentifier = AddressBookEntryId.MakeSidFromLocalDirctoryAddressBookEntryId(entryId);
ExternalUser externalUser = AclHelper.TryGetExternalUser(securityIdentifier, externalUsers);
if (externalUser == null)
{
throw new ExternalUserNotFoundException(securityIdentifier);
}
displayName = externalUser.Name;
return(true);
}
private static SecurityIdentifier GenerateSid(string source, bool forReachUser)
{
if (forReachUser)
{
source = Guid.NewGuid() + source;
}
byte[] sha1Hash = CryptoUtil.GetSha1Hash(Encoding.Unicode.GetBytes(source));
for (int i = 0; i < 4; i++)
{
byte[] array = sha1Hash;
int num = i;
array[num] ^= sha1Hash[i + 16];
}
BinaryReader binaryReader = null;
SecurityIdentifier result;
try
{
binaryReader = new BinaryReader(new MemoryStream(sha1Hash));
StringBuilder stringBuilder = new StringBuilder("S-1-8-");
for (int j = 0; j < 4; j++)
{
if (j == 3 && forReachUser)
{
stringBuilder.Append(ExternalUser.ComputeHash(stringBuilder.ToString()));
}
else
{
stringBuilder.Append(binaryReader.ReadUInt32().ToString(NumberFormatInfo.InvariantInfo));
}
if (j < 3)
{
stringBuilder.Append('-');
}
}
result = new SecurityIdentifier(stringBuilder.ToString());
}
finally
{
if (binaryReader != null)
{
binaryReader.Dispose();
binaryReader = null;
}
}
return(result);
}
public static byte[] MakeAddressBookEntryIDFromLocalDirectorySid(SecurityIdentifier sid)
{
if (!ExternalUser.IsExternalUserSid(sid))
{
throw new InvalidParamException(ServerStrings.InvalidLocalDirectorySecurityIdentifier(sid.ToString()));
}
byte[] array = new byte[AddressBookEntryId.AddressBookEntryIdSize + sid.BinaryLength];
Eidt dw = Eidt.User;
int num = 0;
AddressBookEntryId.BinaryHelper.SetDword(array, ref num, 0U);
Buffer.BlockCopy(AddressBookEntryId.MuidLocalDirectoryUser, 0, array, num, AddressBookEntryId.MuidLocalDirectoryUser.Length);
num += AddressBookEntryId.ExchAddrGuid.Length;
AddressBookEntryId.BinaryHelper.SetDword(array, ref num, AddressBookEntryId.AddressBookEntryIdVersion);
AddressBookEntryId.BinaryHelper.SetDword(array, ref num, (uint)dw);
sid.GetBinaryForm(array, num);
return array;
}
private static FolderSecurity.SecurityIdentifierType GetSecurityIdentifierType(IRecipientSession recipientSession, SecurityIdentifier securityIdentifier)
{
if (ExternalUser.IsExternalUserSid(securityIdentifier))
{
return(FolderSecurity.SecurityIdentifierType.User);
}
ADRecipient adrecipient = recipientSession.FindBySid(securityIdentifier);
if (adrecipient == null)
{
return(FolderSecurity.SecurityIdentifierType.Unknown);
}
if (!AclHelper.IsGroupRecipientType(adrecipient.RecipientType))
{
return(FolderSecurity.SecurityIdentifierType.User);
}
return(FolderSecurity.SecurityIdentifierType.Group);
}
private MapiAclTableRestriction.ExternalUserPermission TryGetExternalUserPermission(AclTableEntry aclTableEntry, MapiAclTableAdapter mapiAclTableAdapter, ref ExternalUserCollection externalUsers)
{
Util.ThrowOnNullArgument(aclTableEntry, "aclTableEntry");
Util.ThrowOnNullArgument(mapiAclTableAdapter, "mapiAclTableAdapter");
MailboxSession mailboxSession = this.session as MailboxSession;
if (mailboxSession == null)
{
return(null);
}
byte[] memberEntryId = aclTableEntry.MemberEntryId;
MemberRights memberRights = aclTableEntry.MemberRights;
long memberId = aclTableEntry.MemberId;
if (memberEntryId == null || memberEntryId.Length == 0)
{
if (memberId <= 0L)
{
return(null);
}
ExTraceGlobals.StorageTracer.TraceDebug <IExchangePrincipal, long>((long)this.GetHashCode(), "{0}: Getting memberEntryId from current ACL table for MemberId {1}.", mailboxSession.MailboxOwner, memberId);
AclTableEntry byMemberId = mapiAclTableAdapter.GetByMemberId(memberId);
if (byMemberId == null || byMemberId.MemberEntryId == null)
{
ExTraceGlobals.StorageTracer.TraceDebug <IExchangePrincipal, long>((long)this.GetHashCode(), "{0}: Not found memberEntryId from current ACL table for MemberId {1}. Skipped.", mailboxSession.MailboxOwner, memberId);
return(null);
}
memberEntryId = byMemberId.MemberEntryId;
}
if (mapiAclTableAdapter.TryGetParticipantEntryId(memberEntryId) != null)
{
ExTraceGlobals.StorageTracer.TraceDebug <IExchangePrincipal>((long)this.GetHashCode(), "{0}: MemberEntryId indicates internal user. Skipped.", mailboxSession.MailboxOwner);
return(null);
}
ExternalUser externalUser = mapiAclTableAdapter.TryGetExternalUser(memberEntryId, ref externalUsers);
if (externalUser == null)
{
ExTraceGlobals.StorageTracer.TraceDebug <IExchangePrincipal>((long)this.GetHashCode(), "{0}: MemberEntryId is not external user. Skipped.", mailboxSession.MailboxOwner);
return(null);
}
return(new MapiAclTableRestriction.ExternalUserPermission(externalUser, memberRights));
}
private static SharedFolderDataRecipient GetExternalIdentity(ExternalUserCollection externalUserCollection, ValidRecipient recipient)
{
if (!SmtpAddress.IsValidSmtpAddress(recipient.SmtpAddress))
{
throw new ArgumentOutOfRangeException(ServerStrings.InvalidSmtpAddress(recipient.SmtpAddress));
}
SmtpAddress smtpAddress = new SmtpAddress(recipient.SmtpAddress);
ExternalUser externalUser = externalUserCollection.FindFederatedUserWithOriginalSmtpAddress(smtpAddress);
if (externalUser == null)
{
externalUser = externalUserCollection.AddFederatedUser(smtpAddress);
}
return(new SharedFolderDataRecipient
{
SmtpAddress = recipient.SmtpAddressForEncryption,
SharingKey = externalUser.ExternalId.ToString()
});
}
public ExternalUser(string externalId, SmtpAddress address, bool isReachUser) : this(new MemoryPropertyBag())
{
if (address.Local.StartsWith("ExchangePublishedUser."))
{
throw new ArgumentException(string.Format("Cannot add external user with prefix {0}", "ExchangePublishedUser."), "address");
}
this.IsReachUser = isReachUser;
this.OriginalSmtpAddress = address;
if (this.IsReachUser)
{
this.ExternalId = "ReachUser_" + externalId;
this.Name = address.ToString() + " (Published)";
this.SmtpAddress = ExternalUser.ConvertToReachSmtpAddress(address);
this.Sid = ExternalUser.GenerateSid(this.SmtpAddress.ToString(), true);
return;
}
this.ExternalId = externalId;
this.Name = address.ToString();
this.SmtpAddress = address;
this.Sid = ExternalUser.GenerateSid(this.SmtpAddress.ToString(), false);
}
private void AddPermissionEntriesForAddOrModify(MapiAclTableAdapter mapiAclTableAdapter)
{
foreach (Permission permission in this.permissions.Values)
{
byte[] array = null;
if (permission.Origin == PermissionOrigin.New)
{
if (permission.Principal.Type == PermissionSecurityPrincipal.SecurityPrincipalType.ADRecipientPrincipal)
{
ParticipantEntryId participantEntryId = ParticipantEntryId.FromParticipant(new Participant(permission.Principal.ADRecipient), ParticipantEntryIdConsumer.SupportsADParticipantEntryId);
array = participantEntryId.ToByteArray();
}
else if (permission.Principal.Type == PermissionSecurityPrincipal.SecurityPrincipalType.ExternalUserPrincipal)
{
ExternalUser externalUser = permission.Principal.ExternalUser;
byte[] array2 = new byte[externalUser.Sid.BinaryLength];
externalUser.Sid.GetBinaryForm(array2, 0);
array = MapiStore.GetAddressBookEntryIdFromLocalDirectorySID(array2);
}
if (array != null)
{
mapiAclTableAdapter.AddPermissionEntry(array, permission.MemberRights);
}
}
else if (permission.IsDirty)
{
mapiAclTableAdapter.ModifyPermissionEntry(permission.MemberId, permission.MemberRights);
}
}
if (this.anonymousMemberPermission != null && this.anonymousMemberPermission.IsDirty)
{
mapiAclTableAdapter.ModifyPermissionEntry(this.anonymousMemberPermission.MemberId, this.anonymousMemberPermission.MemberRights);
}
if (this.defaultMemberPermission != null && this.defaultMemberPermission.IsDirty)
{
mapiAclTableAdapter.ModifyPermissionEntry(this.defaultMemberPermission.MemberId, this.defaultMemberPermission.MemberRights);
}
}
private static List <AclTableEntry> BuildAclTableFromSecurityDescriptor(RawSecurityDescriptor securityDescriptor, RawSecurityDescriptor freeBusySecurityDescriptor, LazilyInitialized <ExternalUserCollection> lazilyInitializedExternalUserCollection, IRecipientSession recipientSession, AclTableIdMap aclTableIdMap, out bool isCanonical, out string canonicalErrorInformation)
{
FolderSecurity.AnnotatedAceList annotatedAceList = new FolderSecurity.AnnotatedAceList(securityDescriptor, freeBusySecurityDescriptor, (SecurityIdentifier securityIdentifier) => AclModifyTable.GetSecurityIdentifierType(recipientSession, securityIdentifier));
isCanonical = annotatedAceList.IsCanonical(out canonicalErrorInformation);
IList <FolderSecurity.SecurityIdentifierAndFolderRights> list;
if (isCanonical)
{
list = annotatedAceList.GetSecurityIdentifierAndRightsList();
}
else
{
ExTraceGlobals.StorageTracer.TraceWarning <string, string>(0L, "Got non canonical SD: {0}, ErrorInfo: ", securityDescriptor.GetSddlForm(AccessControlSections.All), canonicalErrorInformation);
list = Array <FolderSecurity.SecurityIdentifierAndFolderRights> .Empty;
}
List <AclTableEntry> list2 = new List <AclTableEntry>(list.Count + 1);
foreach (FolderSecurity.SecurityIdentifierAndFolderRights securityIdentifierAndFolderRights in list)
{
MemberRights memberRights = (MemberRights)(securityIdentifierAndFolderRights.AllowRights & ~(MemberRights)securityIdentifierAndFolderRights.DenyRights);
bool flag = false;
bool flag2 = false;
byte[] entryId;
string text;
List <SecurityIdentifier> list3;
SecurityIdentifier securityIdentifier;
if (securityIdentifierAndFolderRights.SecurityIdentifier.IsWellKnown(WellKnownSidType.WorldSid))
{
entryId = Array <byte> .Empty;
text = string.Empty;
string legacyDN = string.Empty;
securityIdentifier = securityIdentifierAndFolderRights.SecurityIdentifier;
list3 = null;
flag2 = true;
}
else if (securityIdentifierAndFolderRights.SecurityIdentifier.IsWellKnown(WellKnownSidType.AnonymousSid))
{
entryId = Array <byte> .Empty;
text = "Anonymous";
securityIdentifier = securityIdentifierAndFolderRights.SecurityIdentifier;
list3 = null;
}
else if (ExternalUser.IsExternalUserSid(securityIdentifierAndFolderRights.SecurityIdentifier))
{
ExternalUser externalUser = AclHelper.TryGetExternalUser(securityIdentifierAndFolderRights.SecurityIdentifier, lazilyInitializedExternalUserCollection);
if (externalUser == null)
{
ExTraceGlobals.StorageTracer.TraceWarning <SecurityIdentifier>(0L, "Cannot find external user with SID {0}, build entry from information we have", securityIdentifierAndFolderRights.SecurityIdentifier);
string text2 = AclHelper.CreateLocalUserStrignRepresentation(securityIdentifierAndFolderRights.SecurityIdentifier);
text = text2;
}
else
{
text = externalUser.Name;
string legacyDN = externalUser.LegacyDn;
}
entryId = AddressBookEntryId.MakeAddressBookEntryIDFromLocalDirectorySid(securityIdentifierAndFolderRights.SecurityIdentifier);
securityIdentifier = securityIdentifierAndFolderRights.SecurityIdentifier;
list3 = null;
}
else
{
MiniRecipient miniRecipient = recipientSession.FindMiniRecipientBySid <MiniRecipient>(securityIdentifierAndFolderRights.SecurityIdentifier, Array <PropertyDefinition> .Empty);
string legacyDN;
if (miniRecipient == null)
{
ExTraceGlobals.StorageTracer.TraceWarning <SecurityIdentifier>(0L, "Cannot find recipient with SID {0}, build entry from the information we have", securityIdentifierAndFolderRights.SecurityIdentifier);
flag = (securityIdentifierAndFolderRights.SecurityIdentifierType == FolderSecurity.SecurityIdentifierType.Group);
string text3 = AclHelper.CreateNTUserStrignRepresentation(securityIdentifierAndFolderRights.SecurityIdentifier);
text = text3;
legacyDN = text3;
securityIdentifier = securityIdentifierAndFolderRights.SecurityIdentifier;
list3 = null;
}
else
{
flag = AclHelper.IsGroupRecipientType(miniRecipient.RecipientType);
if (string.IsNullOrEmpty(miniRecipient.DisplayName))
{
text = AclHelper.CreateNTUserStrignRepresentation(securityIdentifierAndFolderRights.SecurityIdentifier);
}
else
{
text = miniRecipient.DisplayName;
}
if (string.IsNullOrEmpty(miniRecipient.LegacyExchangeDN))
{
legacyDN = text;
}
else
{
legacyDN = miniRecipient.LegacyExchangeDN;
}
SecurityIdentifier masterAccountSid = miniRecipient.MasterAccountSid;
if (masterAccountSid != null && !masterAccountSid.IsWellKnown(WellKnownSidType.SelfSid))
{
securityIdentifier = masterAccountSid;
list3 = null;
}
else
{
securityIdentifier = miniRecipient.Sid;
MultiValuedProperty <SecurityIdentifier> sidHistory = miniRecipient.SidHistory;
if (sidHistory != null && sidHistory.Count != 0)
{
list3 = new List <SecurityIdentifier>(sidHistory);
}
else
{
list3 = null;
}
}
}
entryId = AddressBookEntryId.MakeAddressBookEntryID(legacyDN, flag);
}
AclTableEntry aclTableEntry = list2.Find((AclTableEntry entry) => entry.SecurityIdentifier == securityIdentifier);
if (aclTableEntry == null && list3 != null)
{
using (List <SecurityIdentifier> .Enumerator enumerator2 = list3.GetEnumerator())
{
while (enumerator2.MoveNext())
{
SecurityIdentifier sid = enumerator2.Current;
aclTableEntry = list2.Find((AclTableEntry entry) => entry.SecurityIdentifier == sid);
if (aclTableEntry != null)
{
break;
}
}
}
}
if (aclTableEntry == null)
{
aclTableEntry = new AclTableEntry(AclModifyTable.GetIdForSecurityIdentifier(securityIdentifier, list3, aclTableIdMap), entryId, text, memberRights);
aclTableEntry.SetSecurityIdentifier(securityIdentifier, flag);
if (flag2)
{
list2.Insert(0, aclTableEntry);
}
else
{
list2.Add(aclTableEntry);
}
}
else
{
aclTableEntry.MemberRights &= memberRights;
if (aclTableEntry.IsGroup != flag)
{
throw new NonCanonicalACLException(annotatedAceList.CreateErrorInformation((LID)35788U, new int[0]));
}
aclTableEntry.SetSecurityIdentifier(securityIdentifier, flag);
}
}
return(list2);
}
internal static bool TryParse(string url, out ObscureUrl obscureUrl)
{
obscureUrl = null;
if (!Uri.IsWellFormedUriString(url, UriKind.Absolute))
{
ExTraceGlobals.SharingTracer.TraceError <string>(0L, "ObscureUrl.TryParse(): The string '{0}' is not an Absolute Uri.", url);
return(false);
}
Uri uri = new Uri(url, UriKind.Absolute);
string localPath = uri.LocalPath;
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): Get path of url: {0}", localPath);
Match match = ObscureUrl.ObscureUrlRegex.Match(localPath);
if (!match.Success)
{
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): The string '{0}' is not desired ObscureUrl. ", url);
return(false);
}
SharingDataType sharingDataType = SharingDataType.FromPublishResourceName(match.Result("${datatype}"));
Guid guid = Guid.Empty;
Exception ex = null;
try
{
guid = new Guid(match.Result("${mailboxguid}"));
}
catch (FormatException ex2)
{
ex = ex2;
}
catch (OverflowException ex3)
{
ex = ex3;
}
if (ex != null)
{
ExTraceGlobals.SharingTracer.TraceDebug <string, Exception>(0L, "ObscureUrl.TryParse(): The string '{0}' is not desired ObscureUrl. Exception = {1}.", url, ex);
return(false);
}
string text = match.Result("${guid}");
string x = match.Result("${hash}");
SecurityIdentifier securityIdentifier = null;
string text2 = match.Result("${sid}");
if (sharingDataType == SharingDataType.ReachCalendar)
{
if (!StringComparer.Ordinal.Equals(x, ObscureUrl.CalculateHashString(ObscureKind.Normal, text)))
{
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): Incorrect hash value for reachUrl:'{0}'", url);
return(false);
}
if (string.IsNullOrEmpty(text2))
{
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): sid value missing for reachUrl:'{0}'", url);
return(false);
}
securityIdentifier = new SecurityIdentifier(text2);
if (!ExternalUser.IsValidReachSid(securityIdentifier))
{
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): Not a valid reach sid:'{0}'", url);
return(false);
}
obscureUrl = new ObscureUrl(uri, sharingDataType, guid, match.Result("${domain}"), text, ObscureKind.Normal, securityIdentifier);
ExTraceGlobals.SharingTracer.TraceDebug <string, string>(0L, "ObscureUrl.TryParse(): The url {0} is parsed as ReachCalendar ObscureUrl {1}.", url, obscureUrl.TraceInfo);
return(true);
}
else
{
if (sharingDataType != SharingDataType.Calendar)
{
ExTraceGlobals.SharingTracer.TraceDebug <SharingDataType>(0L, "ObscureUrl.TryParse(): Sharing Datatype:{0} is not supported ", sharingDataType);
return(false);
}
if (!string.IsNullOrEmpty(text2))
{
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): SID is not applicable for published calendar url:'{0}'", url);
return(false);
}
foreach (object obj in Enum.GetValues(typeof(ObscureKind)))
{
ObscureKind obscureKind = (ObscureKind)obj;
if (StringComparer.Ordinal.Equals(x, ObscureUrl.CalculateHashString(obscureKind, text)))
{
obscureUrl = new ObscureUrl(uri, sharingDataType, guid, match.Result("${domain}"), text, obscureKind, securityIdentifier);
ExTraceGlobals.SharingTracer.TraceDebug <string, string>(0L, "ObscureUrl.TryParse(): The url {0} is parsed as Calendar ObscureUrl {1}.", url, obscureUrl.TraceInfo);
return(true);
}
}
ExTraceGlobals.SharingTracer.TraceDebug <string>(0L, "ObscureUrl.TryParse(): Incorrect hash value for Calendar url:{0}", url);
return(false);
}
}
internal ExternalUserPermission(ExternalUser externalUser, MemberRights memberRights)
{
this.Principal = new PermissionSecurityPrincipal(externalUser);
this.MemberRights = memberRights;
}
public PermissionSecurityPrincipal(ExternalUser externalUser)
{
this.type = PermissionSecurityPrincipal.SecurityPrincipalType.ExternalUserPrincipal;
this.externalUser = externalUser;
}
protected override PerformInvitationResults InternalPerformInvitation(MailboxSession mailboxSession, SharingContext context, ValidRecipient[] recipients, IFrontEndLocator frontEndLocator)
{
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (!current.Enabled)
{
ExTraceGlobals.SharingTracer.TraceError <string>((long)this.GetHashCode(), "{0}: The organization is not federated for external sharing.", context.InitiatorSmtpAddress);
return(new PerformInvitationResults(new InvalidSharingRecipientsException(ValidRecipient.ConvertToStringArray(recipients), new OrganizationNotFederatedException())));
}
SharedFolderDataEncryption sharedFolderDataEncryption = new SharedFolderDataEncryption(current);
string text = StoreId.StoreIdToEwsId(mailboxSession.MailboxOwner.MailboxInfo.MailboxGuid, context.FolderId);
PerformInvitationResults result;
using (ExternalUserCollection externalUsers = mailboxSession.GetExternalUsers())
{
PerformInvitationResults performInvitationResults = null;
EncryptionResults encryptionResults = null;
Exception ex = null;
try
{
encryptionResults = sharedFolderDataEncryption.Encrypt(mailboxSession.MailboxOwner, mailboxSession.GetADRecipientSession(true, ConsistencyMode.IgnoreInvalid), externalUsers, recipients, context.InitiatorSmtpAddress, context.FolderClass, text, frontEndLocator);
}
catch (UserWithoutFederatedProxyAddressException ex2)
{
ex = ex2;
}
catch (InvalidFederatedOrganizationIdException ex3)
{
ex = ex3;
}
catch (StoragePermanentException ex4)
{
ex = ex4;
}
if (ex != null)
{
ExTraceGlobals.SharingTracer.TraceError <string, Exception>((long)this.GetHashCode(), "{0}: Error occurred when trying to encrypt. Exception = {1}", context.InitiatorSmtpAddress, ex);
result = new PerformInvitationResults(new InvalidSharingRecipientsException(ValidRecipient.ConvertToStringArray(recipients), ex));
}
else
{
if (encryptionResults.InvalidRecipients != null && encryptionResults.InvalidRecipients.Length > 0)
{
InvalidSharingRecipientsException exception = new InvalidSharingRecipientsException(encryptionResults.InvalidRecipients);
if (encryptionResults.InvalidRecipients.Length == recipients.Length)
{
return(new PerformInvitationResults(exception));
}
performInvitationResults = new PerformInvitationResults(recipients, exception);
recipients = performInvitationResults.SucceededRecipients;
}
else
{
performInvitationResults = new PerformInvitationResults(recipients);
}
PermissionLevel permissionLevel = this.GetPermissionLevel(context);
FreeBusyAccess? freeBusy = this.GetFreeBusy(context);
using (FolderPermissionContext current2 = FolderPermissionContext.GetCurrent(mailboxSession, context))
{
foreach (ValidRecipient validRecipient in recipients)
{
PermissionSecurityPrincipal principal = this.CreatePermissionSecurityPrincipal(validRecipient.SmtpAddress, externalUsers);
current2.AddOrChangePermission(principal, permissionLevel, freeBusy);
ExternalUser externalUser = externalUsers.FindReachUserWithOriginalSmtpAddress(new SmtpAddress(validRecipient.SmtpAddress));
if (externalUser != null)
{
current2.RemovePermission(new PermissionSecurityPrincipal(externalUser));
}
}
}
context.FolderEwsId = text;
context.EncryptedSharedFolderDataCollection = encryptionResults.EncryptedSharedFolderDataCollection;
result = performInvitationResults;
}
}
return(result);
}
