internal void VerifyIsWithinScopes(IDirectorySession session, ADObject adObject, bool isModification, DataAccessTask <TDataObject> .ADObjectOutOfScopeString adObjectOutOfScopeString)
{
ADScopeException ex;
if (!session.TryVerifyIsWithinScopes(adObject, isModification, out ex))
{
base.WriteError(new InvalidOperationException(adObjectOutOfScopeString(adObject.Identity.ToString(), (ex == null) ? string.Empty : ex.Message), ex), ErrorCategory.InvalidOperation, adObject.Identity);
}
}
internal static void VerifyIsInConfigScopes(ADObject adObject, ADSessionSettings sessionSettings, Task.TaskErrorLoggingDelegate writeErrorDelegate)
{
IDirectorySession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 312, "VerifyIsInConfigScopes", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\Elc\\ELCTaskHelper.cs");
ADScopeException ex;
if (!tenantOrTopologyConfigurationSession.TryVerifyIsWithinScopes(adObject, false, out ex))
{
writeErrorDelegate(new TaskException(Strings.ErrorCannotChangeObjectOutOfWriteScope(adObject.Identity.ToString(), (ex == null) ? string.Empty : ex.Message), ex), ErrorCategory.PermissionDenied, null);
}
}
internal static ADObjectId GetExecutingUserAndCheckGroupOwnership(Task task, IDirectorySession dataSession, IRecipientSession gcSession, ADGroup group, bool bypassSecurityGroupManagerCheck)
{
ADScopeException ex2 = null;
ADObjectId adobjectId = null;
bool flag = task.TryGetExecutingUserId(out adobjectId);
LocalizedException ex = null;
ExchangeErrorCategory errCategory = ExchangeErrorCategory.Client;
object targetObj = null;
bool flag2 = false;
if (flag && adobjectId != null && !dataSession.TryVerifyIsWithinScopes(group, true, out ex2))
{
task.WriteVerbose(Strings.VerboseDGOwnershipDeepSearch(adobjectId.ToString(), group.Identity.ToString()));
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, delegate(LocalizedException exception, ExchangeErrorCategory category, object target)
{
ex = exception;
errCategory = category;
targetObj = target;
}, true, gcSession);
flag2 = true;
group.IsExecutingUserGroupOwner = (ex == null);
}
if (RecipientType.MailUniversalSecurityGroup == group.RecipientType && !bypassSecurityGroupManagerCheck)
{
if (!flag)
{
task.WriteError(new RecipientTaskException(Strings.ErrorExecutingUserOutOfTargetOrg(task.MyInvocation.MyCommand.Name)), ExchangeErrorCategory.Client, group.Identity.ToString());
}
if (!flag2)
{
task.WriteVerbose(Strings.VerboseDGOwnershipDeepSearch(adobjectId.ToString(), group.Identity.ToString()));
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, new Task.ErrorLoggerDelegate(task.WriteError), true, gcSession);
group.IsExecutingUserGroupOwner = true;
}
else if (ex != null)
{
task.WriteError(ex, errCategory, targetObj);
}
}
group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner);
return(adobjectId);
}
