protected override void ValidateRead(List <ValidationError> errors)
{
base.ValidateRead(errors);
ADObjectId adobjectId = (null != base.OrganizationId) ? base.OrganizationId.ConfigurationUnit : null;
if (this.User == null)
{
errors.Add(new PropertyValidationError(DirectoryStrings.UserIsMandatoryInRoleAssignment(this.Identity.ToString()), ExchangeRoleAssignmentSchema.User, null));
}
else if (adobjectId != null && this.User.IsDescendantOf(adobjectId) && this.RoleAssigneeType != RoleAssigneeType.RoleAssignmentPolicy)
{
errors.Add(new PropertyValidationError(DirectoryStrings.WrongAssigneeTypeForPolicyOrPartnerApplication(this.Identity.ToString()), ExchangeRoleAssignmentSchema.User, null));
}
if (this.RoleAssigneeType == RoleAssigneeType.RoleAssignmentPolicy && this.RoleAssignmentDelegationType != RoleAssignmentDelegationType.Regular)
{
errors.Add(new PropertyValidationError(DirectoryStrings.WrongDelegationTypeForPolicy(this.Identity.ToString()), ExchangeRoleAssignmentSchema.User, null));
}
if (this.Role == null)
{
errors.Add(new PropertyValidationError(DirectoryStrings.RoleIsMandatoryInRoleAssignment(this.Identity.ToString()), ExchangeRoleAssignmentSchema.Role, null));
}
ScopeType recipientWriteScope = (ScopeType)this.RecipientWriteScope;
if (this.RecipientReadScope != recipientWriteScope && !RbacScope.IsScopeTypeSmaller(recipientWriteScope, this.RecipientReadScope))
{
errors.Add(new ObjectValidationError(DirectoryStrings.RecipientWriteScopeNotLessThan(recipientWriteScope.ToString(), this.RecipientReadScope.ToString()), this.Identity, base.OriginatingServer));
}
ScopeType configWriteScope = (ScopeType)this.ConfigWriteScope;
if (this.ConfigReadScope != configWriteScope && !RbacScope.IsScopeTypeSmaller(configWriteScope, this.ConfigReadScope))
{
errors.Add(new ObjectValidationError(DirectoryStrings.ConfigScopeNotLessThan(configWriteScope.ToString(), this.ConfigReadScope.ToString()), this.Identity, base.OriginatingServer));
}
bool flag = this.CustomRecipientWriteScope == null || (string.IsNullOrEmpty(this.CustomRecipientWriteScope.DistinguishedName) && this.CustomRecipientWriteScope.ObjectGuid == Guid.Empty);
RecipientWriteScopeType recipientWriteScope2 = this.RecipientWriteScope;
switch (recipientWriteScope2)
{
case RecipientWriteScopeType.OU:
case RecipientWriteScopeType.CustomRecipientScope:
break;
default:
if (recipientWriteScope2 != RecipientWriteScopeType.ExclusiveRecipientScope)
{
if (!flag)
{
errors.Add(new ObjectValidationError(DirectoryStrings.CustomRecipientWriteScopeMustBeEmpty(this.RecipientWriteScope), this.Identity, base.OriginatingServer));
goto IL_25C;
}
goto IL_25C;
}
break;
}
if (flag)
{
errors.Add(new ObjectValidationError(DirectoryStrings.CustomRecipientWriteScopeCannotBeEmpty(this.RecipientWriteScope), this.Identity, base.OriginatingServer));
}
if (this.RoleAssignmentDelegationType == RoleAssignmentDelegationType.DelegatingOrgWide)
{
errors.Add(new ObjectValidationError(DirectoryStrings.OrgWideDelegatingWriteScopeMustBeTheSameAsRoleImplicitWriteScope(this.RecipientWriteScope), this.Identity, base.OriginatingServer));
}
IL_25C:
bool flag2 = this.CustomConfigWriteScope == null || (string.IsNullOrEmpty(this.CustomConfigWriteScope.DistinguishedName) && this.CustomConfigWriteScope.ObjectGuid == Guid.Empty);
switch (this.ConfigWriteScope)
{
case ConfigWriteScopeType.CustomConfigScope:
case ConfigWriteScopeType.PartnerDelegatedTenantScope:
case ConfigWriteScopeType.ExclusiveConfigScope:
if (flag2)
{
errors.Add(new ObjectValidationError(DirectoryStrings.ConfigScopeCannotBeEmpty(this.ConfigWriteScope), this.Identity, base.OriginatingServer));
}
if (this.RoleAssignmentDelegationType == RoleAssignmentDelegationType.DelegatingOrgWide)
{
errors.Add(new ObjectValidationError(DirectoryStrings.OrgWideDelegatingConfigScopeMustBeTheSameAsRoleImplicitWriteScope(this.ConfigWriteScope), this.Identity, base.OriginatingServer));
return;
}
return;
}
if (!flag2)
{
errors.Add(new ObjectValidationError(DirectoryStrings.ConfigScopeMustBeEmpty(this.ConfigWriteScope), this.Identity, base.OriginatingServer));
}
}
protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
if (!this.Force && SharedConfiguration.IsSharedConfiguration(this.DataObject.OrganizationId) && !base.ShouldContinue(Strings.ConfirmSharedConfiguration(this.DataObject.OrganizationId.OrganizationalUnit.Name)))
{
TaskLogger.LogExit();
return;
}
if (base.Fields.IsModified(RbacCommonParameters.ParameterEnabled))
{
this.DataObject.Enabled = this.Enabled;
}
ExchangeRole exchangeRole = (ExchangeRole)base.GetDataObject <ExchangeRole>(new RoleIdParameter(this.DataObject.Role), this.ConfigurationSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(this.DataObject.Role.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(this.DataObject.Role.ToString())));
if (base.Fields.IsModified(RbacCommonParameters.ParameterRecipientRelativeWriteScope))
{
this.DataObject.RecipientWriteScope = this.RecipientRelativeWriteScope;
this.DataObject.CustomRecipientWriteScope = null;
}
else
{
if (base.Fields.IsModified(RbacCommonParameters.ParameterRecipientOrganizationalUnitScope))
{
this.DataObject.RecipientWriteScope = RecipientWriteScopeType.OU;
bool useConfigNC = this.ConfigurationSession.UseConfigNC;
bool useGlobalCatalog = this.ConfigurationSession.UseGlobalCatalog;
try
{
this.ConfigurationSession.UseConfigNC = false;
this.ConfigurationSession.UseGlobalCatalog = true;
ExchangeOrganizationalUnit exchangeOrganizationalUnit = (ExchangeOrganizationalUnit)base.GetDataObject <ExchangeOrganizationalUnit>(this.RecipientOrganizationalUnitScope, this.ConfigurationSession, this.DataObject.OrganizationalUnitRoot, new LocalizedString?(Strings.ErrorOrganizationalUnitNotFound(this.RecipientOrganizationalUnitScope.ToString())), new LocalizedString?(Strings.ErrorOrganizationalUnitNotUnique(this.RecipientOrganizationalUnitScope.ToString())));
this.DataObject.CustomRecipientWriteScope = exchangeOrganizationalUnit.Id;
goto IL_321;
}
finally
{
this.ConfigurationSession.UseConfigNC = useConfigNC;
this.ConfigurationSession.UseGlobalCatalog = useGlobalCatalog;
}
}
if (base.Fields.IsModified(RbacCommonParameters.ParameterCustomRecipientWriteScope))
{
if (this.CustomRecipientWriteScope == null)
{
this.DataObject.CustomRecipientWriteScope = null;
this.DataObject.RecipientWriteScope = (RecipientWriteScopeType)exchangeRole.ImplicitRecipientWriteScope;
}
else
{
ManagementScope andValidateDomainScope = RoleHelper.GetAndValidateDomainScope(this.CustomRecipientWriteScope, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), this.DataObject, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (andValidateDomainScope.Exclusive)
{
base.WriteError(new ArgumentException(Strings.ErrorScopeExclusive(andValidateDomainScope.Id.ToString(), RbacCommonParameters.ParameterCustomRecipientWriteScope)), ErrorCategory.InvalidArgument, null);
}
this.DataObject.CustomRecipientWriteScope = andValidateDomainScope.Id;
this.DataObject.RecipientWriteScope = RecipientWriteScopeType.CustomRecipientScope;
}
}
else if (base.Fields.IsModified("ExclusiveRecipientWriteScope"))
{
ManagementScope andValidateDomainScope2 = RoleHelper.GetAndValidateDomainScope(this.ExclusiveRecipientWriteScope, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), this.DataObject, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (!andValidateDomainScope2.Exclusive)
{
base.WriteError(new ArgumentException(Strings.ErrorScopeNotExclusive(andValidateDomainScope2.Id.ToString(), "ExclusiveRecipientWriteScope")), ErrorCategory.InvalidArgument, null);
}
this.DataObject.CustomRecipientWriteScope = andValidateDomainScope2.Id;
this.DataObject.RecipientWriteScope = RecipientWriteScopeType.ExclusiveRecipientScope;
}
}
IL_321:
RoleHelper.VerifyNoScopeForUnScopedRole(base.Fields, exchangeRole, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (exchangeRole.ImplicitRecipientWriteScope != (ScopeType)this.DataObject.RecipientWriteScope && !RbacScope.IsScopeTypeSmaller((ScopeType)this.DataObject.RecipientWriteScope, exchangeRole.ImplicitRecipientWriteScope))
{
this.WriteWarning(Strings.WriteScopeGreaterThanRoleScope(this.DataObject.RecipientWriteScope.ToString(), exchangeRole.Name, exchangeRole.ImplicitRecipientWriteScope.ToString()));
this.DataObject.CustomRecipientWriteScope = null;
this.DataObject.RecipientWriteScope = (RecipientWriteScopeType)exchangeRole.ImplicitRecipientWriteScope;
}
if (base.Fields.IsModified(RbacCommonParameters.ParameterCustomConfigWriteScope))
{
if (this.CustomConfigWriteScope == null)
{
this.DataObject.ConfigWriteScope = (ConfigWriteScopeType)exchangeRole.ImplicitConfigWriteScope;
this.DataObject.CustomConfigWriteScope = null;
}
else
{
this.DataObject.ConfigWriteScope = ConfigWriteScopeType.CustomConfigScope;
ManagementScope andValidateConfigScope = RoleHelper.GetAndValidateConfigScope(this.CustomConfigWriteScope, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), this.DataObject, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (andValidateConfigScope.Exclusive)
{
base.WriteError(new ArgumentException(Strings.ErrorScopeExclusive(andValidateConfigScope.Id.ToString(), RbacCommonParameters.ParameterCustomConfigWriteScope)), ErrorCategory.InvalidArgument, null);
}
this.DataObject.CustomConfigWriteScope = andValidateConfigScope.Id;
this.DataObject.ConfigWriteScope = ((andValidateConfigScope.ScopeRestrictionType == ScopeRestrictionType.PartnerDelegatedTenantScope) ? ConfigWriteScopeType.PartnerDelegatedTenantScope : ConfigWriteScopeType.CustomConfigScope);
}
}
else if (base.Fields.IsModified("ExclusiveConfigWriteScope"))
{
ManagementScope andValidateConfigScope2 = RoleHelper.GetAndValidateConfigScope(this.ExclusiveConfigWriteScope, this.ConfigurationSession, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ManagementScope>), this.DataObject, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (!andValidateConfigScope2.Exclusive)
{
base.WriteError(new ArgumentException(Strings.ErrorScopeNotExclusive(andValidateConfigScope2.Id.ToString(), "ExclusiveConfigWriteScope")), ErrorCategory.InvalidArgument, null);
}
this.DataObject.CustomConfigWriteScope = andValidateConfigScope2.Id;
this.DataObject.ConfigWriteScope = ConfigWriteScopeType.ExclusiveConfigScope;
}
if (exchangeRole.ImplicitConfigWriteScope != (ScopeType)this.DataObject.ConfigWriteScope && !RbacScope.IsScopeTypeSmaller((ScopeType)this.DataObject.ConfigWriteScope, exchangeRole.ImplicitConfigWriteScope))
{
this.WriteWarning(Strings.WriteScopeGreaterThanRoleScope(this.DataObject.CustomConfigWriteScope.ToString(), exchangeRole.Name, exchangeRole.ImplicitConfigWriteScope.ToString()));
this.DataObject.CustomConfigWriteScope = null;
this.DataObject.ConfigWriteScope = (ConfigWriteScopeType)exchangeRole.ImplicitConfigWriteScope;
}
RoleHelper.HierarchyRoleAssignmentChecking(this.DataObject, base.ExchangeRunspaceConfig, this.ConfigurationSession, base.ExecutingUserOrganizationId, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError), new Task.TaskWarningLoggingDelegate(this.WriteWarning), !this.Enabled);
base.InternalProcessRecord();
TaskLogger.LogExit();
}