internal static bool ShouldBlockConnection(OrganizationId organizationId, string username, ClientAccessProtocol protocol, IPEndPoint remoteEndpoint, ClientAccessAuthenticationMethod authenticationType, IReadOnlyPropertyBag propertyBag, Action <ClientAccessRulesEvaluationContext> blockLoggerDelegate, Action <double> latencyLoggerDelegate)
{
DateTime utcNow = DateTime.UtcNow;
bool shouldBlock = false;
long ticks = utcNow.Ticks;
if (organizationId == null)
{
ExTraceGlobals.ClientAccessRulesTracer.TraceDebug(ticks, "[Client Access Rules] ShouldBlockConnection assuming OrganizationId.ForestWideOrgId for null OrganizationId");
organizationId = OrganizationId.ForestWideOrgId;
}
if (remoteEndpoint != null)
{
ExTraceGlobals.ClientAccessRulesTracer.TraceDebug(ticks, "[Client Access Rules] ShouldBlockConnection - Initializing context to run rules");
ClientAccessRuleCollection collection = ClientAccessRulesCache.Instance.GetCollection(organizationId);
ClientAccessRulesEvaluationContext context = new ClientAccessRulesEvaluationContext(collection, username, remoteEndpoint, protocol, authenticationType, propertyBag, ObjectSchema.GetInstance <ClientAccessRulesRecipientFilterSchema>(), delegate(ClientAccessRulesEvaluationContext evaluationContext)
{
shouldBlock = true;
blockLoggerDelegate(evaluationContext);
}, null, ticks);
collection.Run(context);
}
ClientAccessRulesPerformanceCounters.TotalClientAccessRulesEvaluationCalls.Increment();
if (shouldBlock)
{
ClientAccessRulesPerformanceCounters.TotalConnectionsBlockedByClientAccessRules.Increment();
}
double totalMilliseconds = (DateTime.UtcNow - utcNow).TotalMilliseconds;
latencyLoggerDelegate(totalMilliseconds);
if (totalMilliseconds > 50.0)
{
ClientAccessRulesPerformanceCounters.TotalClientAccessRulesEvaluationCallsOver50ms.Increment();
}
if (totalMilliseconds > 10.0)
{
ClientAccessRulesPerformanceCounters.TotalClientAccessRulesEvaluationCallsOver10ms.Increment();
}
ExTraceGlobals.ClientAccessRulesTracer.TraceDebug(ticks, string.Format("[Client Access Rules] ShouldBlockConnection - Evaluate - Org: {0} - Protocol: {1} - Username: {2} - IP: {3} - Port: {4} - Auth Type: {5} - Blocked: {6} - Latency: {7}", new object[]
{
organizationId.ToString(),
protocol.ToString(),
username.ToString(),
remoteEndpoint.Address.ToString(),
remoteEndpoint.Port.ToString(),
authenticationType.ToString(),
shouldBlock.ToString(),
totalMilliseconds.ToString()
}));
return(shouldBlock);
}
internal ClientAccessRulesLogEvent(OrganizationId orgId, string username, IPEndPoint endpoint, ClientAccessAuthenticationMethod authenticationType, string blockingRuleName, double latency, bool blocked)
{
ActivityContext.ActivityId.FormatForLog();
this.datapointProperties = new Dictionary <string, object>
{
{
"ORGID",
orgId.ToString()
},
{
"USER",
username
},
{
"IP",
endpoint.Address.ToString()
},
{
"PORT",
endpoint.Port.ToString()
},
{
"AUTHTYPE",
authenticationType.ToString()
},
{
"RULE",
blockingRuleName
},
{
"LATENCY",
latency.ToString()
},
{
"BLOCKED",
blocked.ToString()
}
};
}