public bool WorkerOperation(UserSensitiveMailQueueInfo info)
{
ErrorCodeInfo error = new ErrorCodeInfo();
string message = string.Empty;
string resultmessage = string.Empty;
Guid transactionid = Guid.NewGuid();
string paramstr = string.Empty;
paramstr += $"SensitiveID:{info.ID}";
paramstr += $"||Keywords:{info.Keywords}";
paramstr += $"||StartTime:{info.StartTime}";
paramstr += $"||EndTime:{info.EndTime}";
paramstr += $"||UserID:{info.UserID}";
bool bResult = true;
try
{
do
{
Log4netHelper.Info($"RemoveSensitiveMail Begin: {paramstr}");
CommonProvider commonProvider = new CommonProvider();
DirectoryEntry userEntry = new DirectoryEntry();
SensitiveMailDBProvider provider = new SensitiveMailDBProvider();
if (!commonProvider.GetADEntryByGuid(info.UserID, out userEntry, out message))
{
Log4netHelper.Error($"RemoveSensitiveMail GetADEntryByGuid ID:{info.UserID}, Error:{message}");
info.Status = SensitiveMailStatus.Failed;
resultmessage = "用户不存在。";
provider.UpdateUserSensitiveMailQueue(transactionid, info, resultmessage, out error);
bResult = false;
break;
}
string userMail = userEntry.Properties["mail"].Value == null ? "" : Convert.ToString(userEntry.Properties["mail"].Value);
ADManagerWebService.ManagerWebService webService = new ADManagerWebService.ManagerWebService();
webService.Timeout = -1;
if (!webService.RemoveSensitiveMail(transactionid, userMail, info.Keywords, info.StartTime, info.EndTime, out resultmessage, out message))
{
info.Status = SensitiveMailStatus.Failed;
provider.UpdateUserSensitiveMailQueue(transactionid, info, resultmessage, out error);
Log4netHelper.Error($"RemoveSensitiveMail ID:{info.ID}, Error:{message}");
bResult = false;
break;
}
//记录执行日志
info.Status = SensitiveMailStatus.Success;
provider.UpdateUserSensitiveMailQueue(transactionid, info, resultmessage, out error);
Log4netHelper.Info($"RemoveSensitiveMail End: {paramstr}");
} while (false);
}
catch (Exception ex)
{
Log4netHelper.Error("RemoveSensitiveMail异常", paramstr, ex.ToString(), transactionid);
bResult = false;
}
return(bResult);
}
public bool DeleteOu(Guid transactionid, AdminInfo admin, OuInfo ou, out ErrorCodeInfo error)
{
bool bResult = true;
error = new ErrorCodeInfo();
string strError = string.Empty;
string paramstr = string.Empty;
paramstr += $"userID:{admin.UserID}";
paramstr += $"||UserAccount:{admin.UserAccount}";
paramstr += $"||Id:{ou.id}";
DirectoryEntry OuEntry = new DirectoryEntry();
try
{
do
{
CommonProvider commonProvider = new CommonProvider();
if (!commonProvider.GetADEntryByGuid(ou.id, out OuEntry, out strError))
{
error.Code = ErrorCode.SearchADDataError;
bResult = false;
break;
}
// OuEntry.Parent.Children.Remove(OuEntry);
OuEntry.DeleteTree();
OuEntry.CommitChanges();
OuEntry.Close();
} while (false);
}
catch (Exception ex)
{
LoggerHelper.Error("OuProvider调用DeleteOU异常", paramstr, ex.ToString(), transactionid);
error.Code = ErrorCode.Exception;
bResult = false;
}
finally
{
if (OuEntry != null)
{
OuEntry.Close();
}
}
return(bResult);
}
public bool ChangeMailDataBase(Guid transactionid, AdminInfo admin, MailDataBaseInfo maildb, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string errormsg = string.Empty;
string paramstr = string.Empty;
paramstr += $"AdminID:{admin.UserID}";
paramstr += $"||AdminAccount:{admin.UserAccount}";
paramstr += $"||OuID:{maildb.OuID}";
paramstr += $"||MailboxDB:{maildb.MailboxDB}";
string funname = "ChangeMailDataBase";
try
{
do
{
DirectoryEntry ouEntry = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
if (!commonProvider.GetADEntryByGuid(maildb.OuID, out ouEntry, out errormsg))
{
error.Code = ErrorCode.SearchADDataError;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("GetADEntryByGuid异常", paramstr, errormsg, transactionid);
result = false;
break;
}
maildb.OUdistinguishedName = ouEntry.Properties["distinguishedName"].Value == null ? string.Empty : Convert.ToString(ouEntry.Properties["distinguishedName"].Value);
maildb.OuName = ouEntry.Properties["name"].Value == null ? string.Empty : Convert.ToString(ouEntry.Properties["name"].Value);
MailDataBaseDBProvider Provider = new MailDataBaseDBProvider();
MailDataBaseInfo oldinfo = new MailDataBaseInfo();
oldinfo.ID = maildb.ID;
if (!Provider.GetMailDataBaseInfo(transactionid, admin, ref oldinfo, out error))
{
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
break;
}
if (!Provider.ChangeMailDataBase(transactionid, admin, maildb, out error))
{
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
break;
}
error.Code = ErrorCode.None;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info);
//添加日志
#region 操作日志
LogInfo operateLog = new LogInfo();
operateLog.AdminID = admin.UserID;
operateLog.AdminAccount = admin.UserAccount;
operateLog.RoleID = admin.RoleID;
operateLog.ClientIP = _clientip;
operateLog.OperateResult = true;
operateLog.OperateType = "修改邮箱数据库对应关系";
operateLog.OperateLog = $"{admin.UserAccount}于{DateTime.Now}修改邮箱数据库对应关系。" +
$"原OU:{oldinfo.OUdistinguishedName},现OU:{maildb.OUdistinguishedName}," +
$"原MailboxDataBase:{oldinfo.MailboxDB},现MailboxDataBase:{maildb.MailboxDB}";
LogManager.AddOperateLog(transactionid, operateLog);
#endregion
result = true;
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("MailDataBaseManager调用ChangeMailDataBase异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
public bool ModifyMailAudit(Guid transactionid, AdminInfo admin, MailAuditInfo mailAuditInfo, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string message = string.Empty;
string paramstr = string.Empty;
paramstr += $"AdminID:{admin.UserID}";
paramstr += $"||AdminAccount:{admin.UserAccount}";
paramstr += $"||GroupID:{mailAuditInfo.Group.GroupID}";
for (int i = 0; i < mailAuditInfo.Audits.Count; i++)
{
paramstr += $"||AuditID:{mailAuditInfo.Audits[i].UserID}";
}
string funname = "ModifyMailAudit";
try
{
do
{
error = mailAuditInfo.ChangeCheckProp();
if (error.Code != ErrorCode.None)
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
MailAuditDBProvider provider = new MailAuditDBProvider();
MailAuditInfo oldMailAuditInfo = new MailAuditInfo();
oldMailAuditInfo.ID = mailAuditInfo.ID;
if (!provider.GetMailAuditInfo(transactionid, admin, ref oldMailAuditInfo, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
//判断审批人有效性
DirectoryEntry entry = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
List <UserInfo> audits = new List <UserInfo>();
List <Guid> users = new List <Guid>();
if (mailAuditInfo.Audits.Count > 0)
{
for (int i = 0; i < mailAuditInfo.Audits.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(mailAuditInfo.Audits[i].UserID, out entry, out message))
{
continue;
}
mailAuditInfo.Audits[i].DisplayName = entry.Properties["cn"].Value == null ? "" : Convert.ToString(entry.Properties["cn"].Value);
mailAuditInfo.Audits[i].UserAccount = entry.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(entry.Properties["userPrincipalName"].Value);
mailAuditInfo.Audits[i].IsCreateMail = entry.Properties["mail"].Value == null ? false : true;
if (!mailAuditInfo.Audits[i].IsCreateMail)
{
error.Code = ErrorCode.UserNotExchange;
error.SetInfo(mailAuditInfo.Audits[i].DisplayName + "(" + mailAuditInfo.Audits[i].UserAccount + ")");
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
mailAuditInfo.AuditUsers += mailAuditInfo.Audits[i].DisplayName + "(" + mailAuditInfo.Audits[i].UserAccount + "),";
users.Add(mailAuditInfo.Audits[i].UserID);
audits.Add(mailAuditInfo.Audits[i]);
}
}
if (result)
{
mailAuditInfo.AuditUsers = string.IsNullOrEmpty(mailAuditInfo.AuditUsers) ? string.Empty : mailAuditInfo.AuditUsers.Remove(mailAuditInfo.AuditUsers.LastIndexOf(','), 1);
DirectoryEntry groupEntry = new DirectoryEntry();
if (!commonProvider.GetADEntryByGuid(mailAuditInfo.Group.GroupID, out groupEntry, out message))
{
error.Code = ErrorCode.SearchADDataError;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("ModifyMailAudit调用GetADEntryByGuid异常", paramstr, message, transactionid);
result = false;
break;
}
mailAuditInfo.Group.Account = groupEntry.Properties["mail"].Value == null ? "" : Convert.ToString(groupEntry.Properties["mail"].Value);
mailAuditInfo.Group.DisplayName = groupEntry.Properties["cn"].Value == null ? "" : Convert.ToString(groupEntry.Properties["cn"].Value);
ADManagerWebService.ManagerWebService webService = new ADManagerWebService.ManagerWebService();
webService.Timeout = -1;
//Set Group Exchange
webService.SetDistributionGroupModeratedBy(transactionid, mailAuditInfo.Group.GroupID.ToString(), false, new List <Guid>().ToArray(), out message);
//Set Group Exchange
if (!webService.SetDistributionGroupModeratedBy(transactionid, mailAuditInfo.Group.GroupID.ToString(), true, users.ToArray(), out message))
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("MailAuditManager调用AddMailAudit异常", paramstr, message, transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
break;
}
if (!provider.ModifyMailAudit(transactionid, admin, mailAuditInfo, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
foreach (UserInfo u in audits)
{
if (!provider.AddMailAuditUsers(transactionid, mailAuditInfo, u, out error))
{
continue;
}
}
error.Code = ErrorCode.None;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info);
#region 操作日志
LogInfo operateLog = new LogInfo();
operateLog.AdminID = admin.UserID;
operateLog.AdminAccount = admin.UserAccount;
operateLog.RoleID = admin.RoleID;
operateLog.ClientIP = _clientip;
operateLog.OperateResult = true;
operateLog.OperateType = "修改邮件审批规则";
operateLog.OperateLog = $"{admin.UserAccount}于{DateTime.Now}修改邮件审批规则。" +
$"原对象:{oldMailAuditInfo.Group.DisplayName},现对象:{mailAuditInfo.Group.DisplayName};" +
$"原审批人:{oldMailAuditInfo.AuditUsers},现审批人:{mailAuditInfo.AuditUsers}";
LogManager.AddOperateLog(transactionid, operateLog);
#endregion
result = true;
}
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("MailAuditManager调用ModifySensitiveMail异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
public bool AddUserSensitiveMailQueue(Guid transactionid, SensitiveMailInfo sensitiveMailInfo, out ErrorCodeInfo error)
{
bool bResult = true;
error = new ErrorCodeInfo();
string message = string.Empty;
try
{
do
{
SensitiveMailDBProvider provider = new SensitiveMailDBProvider();
UserProvider userProvider = new UserProvider();
DirectoryEntry ouEntry = new DirectoryEntry();
DirectoryEntry item = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
for (int j = 0; j < sensitiveMailInfo.Objects.Count; j++)
{
if (sensitiveMailInfo.Objects[j].ObjectType == NodeType.organizationalUnit)
{
if (!commonProvider.GetADEntryByGuid(sensitiveMailInfo.Objects[j].ObjectID, out ouEntry, out message))
{
Log4netHelper.Error($"ID:{sensitiveMailInfo.Objects[j].ObjectID},ObjectName:{sensitiveMailInfo.Objects[j].ObjectName},ObjectType:{sensitiveMailInfo.Objects[j].ObjectType.ToString()},GetADEntryByGuid Error:{message}");
continue;
}
DirectoryEntry de = null;
de = new DirectoryEntry(ouEntry.Path);
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.SearchRoot = de;
string strFilter = commonProvider.GetSearchType(SearchType.MailUser, string.Empty);
deSearch.Filter = strFilter;
deSearch.SearchScope = SearchScope.Subtree;
deSearch.SizeLimit = 20000;
deSearch.ServerTimeLimit = TimeSpan.FromSeconds(600);
deSearch.ClientTimeout = TimeSpan.FromSeconds(600);
SearchResultCollection results = deSearch.FindAll();
if (results != null && results.Count > 0)
{
foreach (SearchResult Result in results)
{
item = Result.GetDirectoryEntry();
UserInfo user = new UserInfo();
user.UserID = item.Guid;
user.UserAccount = item.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(item.Properties["userPrincipalName"].Value);
user.SAMAccountName = item.Properties["sAMAccountName"].Value == null ? "" : Convert.ToString(item.Properties["sAMAccountName"].Value);
provider.AddUserSensitiveMailQueue(transactionid, sensitiveMailInfo, user, out error);
}
}
}
else if (sensitiveMailInfo.Objects[j].ObjectType == NodeType.user)
{
if (!commonProvider.GetADEntryByGuid(sensitiveMailInfo.Objects[j].ObjectID, out item, out message))
{
Log4netHelper.Error($"ID:{sensitiveMailInfo.Objects[j].ObjectID},ObjectName:{sensitiveMailInfo.Objects[j].ObjectName},ObjectType:{sensitiveMailInfo.Objects[j].ObjectType.ToString()},GetADEntryByGuid Error:{message}");
continue;
}
UserInfo user = new UserInfo();
user.UserID = item.Guid;
provider.AddUserSensitiveMailQueue(transactionid, sensitiveMailInfo, user, out error);
}
}
} while (false);
}
catch (Exception ex)
{
Log4netHelper.Error($"RemoveSensitiveMailQueue Exception: {ex.ToString()}");
}
return(bResult);
}
public bool ModifySensitiveMail(Guid transactionid, AdminInfo admin, SensitiveMailInfo sensitiveMailInfo, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string message = string.Empty;
string paramstr = string.Empty;
paramstr += $"AdminID:{admin.UserID}";
paramstr += $"||AdminAccount:{admin.UserAccount}";
paramstr += $"||ID:{sensitiveMailInfo.ID}";
paramstr += $"||Keywords:{sensitiveMailInfo.Keywords}";
paramstr += $"||StartTime:{sensitiveMailInfo.StartTime}";
paramstr += $"||EndTime:{sensitiveMailInfo.EndTime}";
string funname = "ModifySensitiveMail";
try
{
do
{
error = sensitiveMailInfo.ChangeCheckProp();
if (error.Code != ErrorCode.None)
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
SensitiveMailDBProvider provider = new SensitiveMailDBProvider();
SensitiveMailInfo oldSensitiveMailInfo = new SensitiveMailInfo();
oldSensitiveMailInfo.ID = sensitiveMailInfo.ID;
if (!provider.GetSensitiveMailInfo(transactionid, admin, ref oldSensitiveMailInfo, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
if (oldSensitiveMailInfo.Status == SensitiveMailStatus.Executing)
{
error.Code = ErrorCode.SensitiveMailIsExecuting;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
#region
DirectoryEntry entry = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
List <SensitiveMailObject> members = new List <SensitiveMailObject>();
List <string> distinguishedNames = new List <string>();
for (int i = 0; i < sensitiveMailInfo.Objects.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(sensitiveMailInfo.Objects[i].ObjectID, out entry, out message))
{
LoggerHelper.Error("ModifiedSensitiveMail调用GetADEntryByGuid异常", paramstr, message, transactionid);
continue;
}
SensitiveMailObject mailObject = new SensitiveMailObject();
mailObject.ObjectID = sensitiveMailInfo.Objects[i].ObjectID;
mailObject.ObjectType = (NodeType)Enum.Parse(typeof(NodeType), entry.SchemaClassName);
mailObject.ObjectName = Convert.ToString(entry.Properties["name"].Value);
members.Add(mailObject);
distinguishedNames.Add(Convert.ToString(entry.Properties["distinguishedName"].Value));
}
if (!CheckdistinguishedNames(transactionid, distinguishedNames, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("SensitiveMailManager调用ModifiedSensitiveMail异常", paramstr, error.Info, transactionid);
result = false;
break;
}
#endregion
sensitiveMailInfo.Status = SensitiveMailStatus.Enable;
if (!provider.ModifySensitiveMail(transactionid, admin, sensitiveMailInfo, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
for (int i = 0; i < members.Count; i++)
{
members[i].SensitiveMailID = sensitiveMailInfo.ID;
if (!provider.AddSensitiveMailObjects(transactionid, admin, members[i], out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
}
error.Code = ErrorCode.None;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info);
#region 操作日志
LogInfo operateLog = new LogInfo();
operateLog.AdminID = admin.UserID;
operateLog.AdminAccount = admin.UserAccount;
operateLog.RoleID = admin.RoleID;
operateLog.ClientIP = _clientip;
operateLog.OperateResult = true;
operateLog.OperateType = "修改敏感邮件规则";
operateLog.OperateLog = $"{admin.UserAccount}于{DateTime.Now}修改敏感邮件规则。" +
$"原关键字:{oldSensitiveMailInfo.Keywords},现关键字:{sensitiveMailInfo.Keywords};" +
$"原开始时间:{oldSensitiveMailInfo.StartTime},现开始时间:{sensitiveMailInfo.StartTime};" +
$"原结束时间:{oldSensitiveMailInfo.EndTime},现结束时间:{sensitiveMailInfo.EndTime}";
LogManager.AddOperateLog(transactionid, operateLog);
#endregion
result = true;
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("SensitiveMailManager调用ModifySensitiveMail异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
public bool ModifyOu(Guid transactionid, AdminInfo admin, ref OuInfo ou, out ErrorCodeInfo error)
{
bool bResult = true;
error = new ErrorCodeInfo();
string strError = string.Empty;
string paramstr = string.Empty;
paramstr += $"userID:{admin.UserID}";
paramstr += $"||UserAccount:{admin.UserAccount}";
paramstr += $"||Name:{ou.name}";
paramstr += $"||Description:{ou.description}";
paramstr += $"||Id:{ou.id}";
DirectoryEntry OuEntry = new DirectoryEntry();
try
{
do
{
CommonProvider commonProvider = new CommonProvider();
if (!commonProvider.GetADEntryByGuid(ou.id, out OuEntry, out strError))
{
error.Code = ErrorCode.SearchADDataError;
bResult = false;
break;
}
OuEntry.Rename(string.Format("OU = {0}", ou.name));
if (string.IsNullOrEmpty(ou.description.Trim()))
{
OuEntry.Properties["description"].Clear();
}
else
{
OuEntry.Properties["description"].Value = ou.description.Trim();
}
OuEntry.Properties["st"].Value = ou.IsProfessionalGroups.ToString();
OuEntry.CommitChanges();
ou.distinguishedName = Convert.ToString(OuEntry.Properties["distinguishedName"].Value);
OuEntry.Close();
} while (false);
}
catch (Exception ex)
{
LoggerHelper.Error("OuProvider调用ModifyOu异常", paramstr, ex.ToString(), transactionid);
error.Code = ErrorCode.Exception;
bResult = false;
}
finally
{
if (OuEntry != null)
{
OuEntry.Close();
}
}
return(bResult);
}
public bool AddRecycleOu(Guid transactionid, AdminInfo admin, OuInfo ou, out ErrorCodeInfo error)
{
bool result = false;
error = new ErrorCodeInfo();
string message = string.Empty;
string paramstr = string.Empty;
paramstr += $"userID:{admin.UserID}";
paramstr += $"||UserAccount:{admin.UserAccount}";
paramstr += $"||Id:{ou.id}";
paramstr += $"||distinguishedName:{ou.distinguishedName}";
DirectoryEntry ouParentEntry = new DirectoryEntry();
DirectoryEntry ouRecycleEntry = new DirectoryEntry();
DirectoryEntry OuEntry = new DirectoryEntry();
try
{
do
{
CommonProvider commonProvider = new CommonProvider();
if (!commonProvider.GetADEntryByGuid(ou.parentid, out ouParentEntry, out message))
{
error.Code = ErrorCode.SearchADDataError;
LoggerHelper.Error("OuManager调用AddRecycleOu异常", paramstr, message, transactionid);
result = false;
break;
}
string recycleoupath = ConfigADProvider.GetADRecycleOuLdapByLdap(Convert.ToString(ouParentEntry.Properties["distinguishedName"].Value));
if (!commonProvider.GetADEntryByPath(recycleoupath, out ouRecycleEntry, out message))
{
result = true;
break;
}
DirectoryEntry newOuEntry = new DirectoryEntry();
if (commonProvider.GetOneLevelSigleOuEntry(ouRecycleEntry.Path, ou.name, out newOuEntry, out message))
{
result = true;
break;
}
OuEntry = ouRecycleEntry.Children.Add(string.Format("OU = {0}", ou.name), "organizationalUnit");
OuEntry.Properties["name"].Value = ou.name;
ouRecycleEntry.CommitChanges();
ouRecycleEntry.Close();
OuEntry.CommitChanges();
OuEntry.Close();
result = true;
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Error("OuManager调用AddRecycleOu异常", paramstr, ex.ToString(), transactionid);
result = false;
}
finally
{
if (ouParentEntry != null)
{
ouParentEntry.Close();
}
if (ouRecycleEntry != null)
{
ouRecycleEntry.Close();
}
if (OuEntry != null)
{
OuEntry.Close();
}
}
return(result);
}
public bool ChangeStaticGroupInfo(Guid transactionid, AdminInfo admin, GroupInfo group, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string message = string.Empty;
string paramstr = string.Empty;
paramstr += $"AdminID:{admin.UserID}";
paramstr += $"||AdminAccount:{admin.UserAccount}";
paramstr += $"||GroupID:{group.GroupID}";
for (int i = 0; i < group.Admins.Count; i++)
{
paramstr += $"||UserID:{group.Admins[i].UserID}";
}
string funname = "ChangeStaticGroupInfo";
try
{
do
{
GroupInfo oldgroup = new GroupInfo();
oldgroup.GroupID = group.GroupID;
if (!GetStaticGroupInfo(transactionid, admin, ref oldgroup, out error))
{
LoggerHelper.Error("StaticGroupManager调用GetStaticGroupInfo异常", paramstr, error.Info, transactionid);
result = false;
break;
}
group.DisplayName = oldgroup.DisplayName;
group.Account = oldgroup.Account;
group.Description = oldgroup.Description;
GroupProvider groupProvider = new GroupProvider();
groupProvider.ClearGroupManagedBy(transactionid, group, out error);
//判断管理员有效性
DirectoryEntry entry = new DirectoryEntry();
List <Guid> newgroupuserids = new List <Guid>();
CommonProvider commonProvider = new CommonProvider();
if (group.Admins.Count > 0)
{
for (int i = 0; i < group.Admins.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(group.Admins[i].UserID, out entry, out message))
{
continue;
}
group.Admins[i].DisplayName = entry.Properties["cn"].Value == null ? "" : Convert.ToString(entry.Properties["cn"].Value);
group.Admins[i].UserAccount = entry.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(entry.Properties["userPrincipalName"].Value);
group.AdminsName += group.Admins[i].DisplayName + "(" + group.Admins[i].UserAccount + "),";
newgroupuserids.Add(group.Admins[i].UserID);
if (!groupProvider.AddGroupManagedBy(transactionid, group.GroupID, group.Admins[i].UserID, out error))
{
continue;
}
}
}
group.AdminsName = string.IsNullOrEmpty(group.AdminsName) ? string.Empty : group.AdminsName.Remove(group.AdminsName.LastIndexOf(','), 1);
//Set Group Exchange
//if (!ExchangeProvider.SetDistributionGroupManagedBy(group.GroupID.ToString(), new List<Guid>(), newgroupuserids, ref message))
//{
// error.Code = ErrorCode.Exception;
// LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
// LoggerHelper.Error("StaticGroupManager调用ChangeStaticGroupInfo异常", paramstr, message, transactionid);
// strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
// result = false;
//}
error.Code = ErrorCode.None;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info);
#region 操作日志
LogInfo operateLog = new LogInfo();
operateLog.AdminID = admin.UserID;
operateLog.AdminAccount = admin.UserAccount;
operateLog.RoleID = admin.RoleID;
operateLog.ClientIP = _clientip;
operateLog.OperateResult = true;
operateLog.OperateType = "修改静态通讯组成员管理员";
operateLog.OperateLog = $"{admin.UserAccount}于{DateTime.Now}修改静态通讯组成员管理员。" +
$"组名称:{group.DisplayName};" +
$"现成员管理员:{group.AdminsName}";
LogManager.AddOperateLog(transactionid, operateLog);
#endregion
result = true;
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("MailAuditManager调用ModifySensitiveMail异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
public bool ChangeRole(Guid transactionid, AdminInfo admin, RoleInfo role, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string message = string.Empty;
string paramstr = string.Empty;
paramstr += $"AdminID:{admin.UserID}";
paramstr += $"||AdminAccount:{admin.UserAccount}";
paramstr += $"||RoleID:{role.RoleID}";
paramstr += $"||RoleName:{role.RoleName}";
paramstr += $"||ControlLimit:{role.ControlLimit.ToString()}";
paramstr += $"||ControlLimitID:{role.ControlLimitID}";
paramstr += $"||Members:";
for (int i = 0; i < role.UserList.Count; i++)
{
paramstr += role.UserList[i].UserID + ",";
}
string funname = "ChangeRole";
try
{
do
{
error = role.ChangeCheckProp();
if (error.Code != ErrorCode.None)
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
RoleInfo oldrole = new RoleInfo();
RoleDBProvider provider = new RoleDBProvider();
if (!provider.GetRoleInfo(transactionid, admin, role.RoleID, out oldrole, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
if (oldrole.IsDefault == 1 && role.UserList.Count == 0)
{
error.Code = ErrorCode.MustHaveMember;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
DirectoryEntry entry = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
List <ControlLimitOuInfo> controlLimitOus = new List <ControlLimitOuInfo>();
List <string> controlOUdistinguishedNames = new List <string>();
for (int i = 0; i < role.ControlLimitOuList.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(role.ControlLimitOuList[i].OuID, out entry, out message))
{
error.Code = ErrorCode.SearchADDataError;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("AddRole调用GetADEntryByGuid异常", paramstr, message, transactionid);
result = false;
break;
}
string OUdistinguishedName = Convert.ToString(entry.Properties["distinguishedName"].Value);
if (!controlOUdistinguishedNames.Contains(OUdistinguishedName))
{
controlOUdistinguishedNames.Add(OUdistinguishedName);
ControlLimitOuInfo controlLimitOu = new ControlLimitOuInfo();
controlLimitOu.OuID = role.ControlLimitOuList[i].OuID;
controlLimitOu.OUdistinguishedName = OUdistinguishedName;
controlLimitOus.Add(controlLimitOu);
}
}
if (result)
{
if (controlOUdistinguishedNames.Count == 0)
{
error.Code = ErrorCode.ControlOUPathNotEmpty;
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("ChangeRole异常", paramstr, error.Info, transactionid);
result = false;
break;
}
if (!CheckControlOUdistinguishedNames(transactionid, controlOUdistinguishedNames, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("ChangeRole异常", paramstr, error.Info, transactionid);
result = false;
break;
}
string members = string.Empty;
for (int i = 0; i < role.UserList.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(role.UserList[i].UserID, out entry, out message))
{
LoggerHelper.Error("ChangeRole调用GetADEntryByGuid异常", paramstr, message, transactionid);
continue;
}
string DisplayName = entry.Properties["cn"].Value == null ? "" : Convert.ToString(entry.Properties["cn"].Value);
string UserAccount = entry.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(entry.Properties["userPrincipalName"].Value);
AdminInfo userRole = new AdminInfo();
if (provider.GetUserRole(transactionid, role.UserList[i].UserID, ref userRole, out error))
{
if (userRole.RoleID != role.RoleID)
{
error.Code = ErrorCode.UserHaveRole;
string errormessage = DisplayName + "(" + UserAccount + ") 已存在角色";
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), errormessage);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("ChangeRole调用GetADEntryByGuid异常", paramstr, message, transactionid);
result = false;
break;
}
}
members += DisplayName + "(" + UserAccount + "),";
}
members = string.IsNullOrEmpty(members) ? string.Empty : members.Remove(members.LastIndexOf(','), 1);
if (result)
{
//检查权限
List <RoleParam> roleParams = new List <RoleParam>();
for (int i = 0; i < role.RoleList.Count; i++)
{
foreach (RoleParam param in role.RoleList[i].RoleParamList)
{
RoleParam roleParam = new RoleParam();
if (provider.GetRoleParam(transactionid, param.ParamID, out roleParam, out error))
{
roleParams.Add(roleParam);
}
}
}
var query = from r in roleParams where r.ParamCode.Equals("SameLevelOu") select r;
if (query.Any())
{
if (role.SameLevelOuList.Count == 0)
{
error.Code = ErrorCode.MustHaveSameLevelOuPath;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
break;
}
}
if (!provider.ChangeRole(transactionid, admin, role, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
for (int i = 0; i < role.RoleList.Count; i++)
{
foreach (RoleParam param in role.RoleList[i].RoleParamList)
{
if (!provider.AddRoleModuleParam(transactionid, role.RoleID, param, out error))
{
continue;
}
}
}
for (int i = 0; i < role.UserList.Count; i++)
{
if (!provider.AddRoleMembers(transactionid, role.RoleID, role.UserList[i], out error))
{
continue;
}
}
for (int i = 0; i < role.SameLevelOuList.Count; i++)
{
if (!provider.AddSameLevelOu(transactionid, role.RoleID, role.SameLevelOuList[i], out error))
{
continue;
}
}
for (int i = 0; i < controlLimitOus.Count; i++)
{
if (!provider.AddControlLimitOu(transactionid, role.RoleID, controlLimitOus[i], out error))
{
continue;
}
}
error.Code = ErrorCode.None;
string json = JsonConvert.SerializeObject(role);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info, json);
#region 操作日志
LogInfo operateLog = new LogInfo();
operateLog.AdminID = admin.UserID;
operateLog.AdminAccount = admin.UserAccount;
operateLog.RoleID = admin.RoleID;
operateLog.ClientIP = _clientip;
operateLog.OperateResult = true;
operateLog.OperateType = "修改角色";
operateLog.OperateLog = $"{admin.UserAccount}于{DateTime.Now}修改角色。" +
$"原角色名称:{oldrole.RoleName},现角色名称{role.RoleName};" +
$"原管理范围:{oldrole.ControlLimitPath},现管理范围:{role.ControlLimitPath};" +
$"现成员:{members}";
LogManager.AddOperateLog(transactionid, operateLog);
#endregion
result = true;
}
}
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("RoleManager调用ChangeRole异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
public bool GetRoleInfo(Guid transactionid, AdminInfo admin, Guid roleID, out string strJsonResult)
{
bool result = true;
strJsonResult = string.Empty;
string message = string.Empty;
ErrorCodeInfo error = new ErrorCodeInfo();
string paramstr = string.Empty;
paramstr += "useraccount:" + admin.UserAccount;
paramstr += "||UserID:" + admin.UserID;
paramstr += "||RoleID:" + roleID;
string funname = "GetRoleInfo";
try
{
do
{
RoleInfo info = new RoleInfo();
RoleDBProvider Provider = new RoleDBProvider();
if (!Provider.GetRoleInfo(transactionid, admin, roleID, out info, out error))
{
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
result = false;
break;
}
if (info.UserList.Count > 0)
{
DirectoryEntry entry = new DirectoryEntry();
CommonProvider commonProvider = new CommonProvider();
for (int i = 0; i < info.UserList.Count; i++)
{
if (!commonProvider.GetADEntryByGuid(info.UserList[i].UserID, out entry, out message))
{
LoggerHelper.Error("GetRoleInfo调用GetADEntryByGuid异常", paramstr, message, transactionid);
continue;
}
info.UserList[i].DisplayName = entry.Properties["displayname"].Value == null ? "" : Convert.ToString(entry.Properties["displayname"].Value);
info.UserList[i].UserAccount = entry.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(entry.Properties["userPrincipalName"].Value);
}
}
error.Code = ErrorCode.None;
string json = JsonConvert.SerializeObject(info);
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), true, transactionid);
strJsonResult = JsonHelper.ReturnJson(true, Convert.ToInt32(error.Code), error.Info, json);
result = true;
} while (false);
}
catch (Exception ex)
{
error.Code = ErrorCode.Exception;
LoggerHelper.Info(admin.UserAccount, funname, paramstr, Convert.ToString(error.Code), false, transactionid);
LoggerHelper.Error("RoleManager调用GetRoleInfo异常", paramstr, ex.ToString(), transactionid);
strJsonResult = JsonHelper.ReturnJson(false, Convert.ToInt32(error.Code), error.Info);
result = false;
}
return(result);
}
