internal static void CopyEnabledMailboxPlanRoleAssignmentFeatures(ServicePlan deltaServicePlan, ServicePlan toServicePlan) { for (int i = 0; i < deltaServicePlan.MailboxPlans.Count; i++) { ServicePlan.MailboxPlan mailboxPlan = deltaServicePlan.MailboxPlans[i]; foreach (object obj in ((IEnumerable)mailboxPlan.Schema)) { FeatureDefinition featureDefinition = (FeatureDefinition)obj; if (featureDefinition.Categories.Contains(FeatureCategory.MailboxPlanRoleAssignment) && (bool)toServicePlan.GetMailboxPlanByName(mailboxPlan.Name)[featureDefinition]) { mailboxPlan[featureDefinition] = true; } } } }
private void ValidateMailboxPlansCapabilities(ServicePlan.MailboxPlan oldMbxPlan, ServicePlan.MailboxPlan newMailboxPlan) { if (oldMbxPlan == null) { throw new ArgumentNullException("oldMbxPlan"); } if (oldMbxPlan == null) { throw new ArgumentNullException("oldMbxPlan"); } if (oldMbxPlan.SkuCapability != Capability.None && newMailboxPlan.SkuCapability == Capability.None) { base.WriteError(new InvalidOperationException(Strings.ErrorInvalidMailboxPlanTransition(oldMbxPlan.Name, oldMbxPlan.SkuCapability.ToString(), newMailboxPlan.Name, newMailboxPlan.SkuCapability.ToString())), ErrorCategory.InvalidOperation, null); } }
private void InstallCustomRoles(List <RoleDefinition> customRoles) { if (!this.IsBuildApplicableForCustomRoles()) { return; } foreach (RoleDefinition customRoleDefinition in customRoles) { if (base.ServicePlanSettings != null) { if (customRoleDefinition.IsEndUserRole && !base.ServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled) { this.InstallCustomRole(customRoleDefinition, base.ServicePlanSettings.GetAggregatedMailboxPlanPermissions(), null, null); } else { if (customRoleDefinition.IsEndUserRole) { using (List <ServicePlan.MailboxPlan> .Enumerator enumerator2 = base.ServicePlanSettings.MailboxPlans.GetEnumerator()) { while (enumerator2.MoveNext()) { ServicePlan.MailboxPlan mailboxPlan = enumerator2.Current; string suffix = "_" + mailboxPlan.Name; this.InstallCustomRole(customRoleDefinition, mailboxPlan.GetEnabledPermissionFeatures(), suffix, mailboxPlan.MailboxPlanIndex); } continue; } } this.InstallCustomRole(customRoleDefinition, base.ServicePlanSettings.Organization.GetEnabledPermissionFeatures(), null, null); } } else { this.InstallCustomRole(customRoleDefinition, null, null, null); } } }
protected override void InternalProcessRecord() { this.configurationSession.SessionSettings.IsSharedConfigChecked = true; base.InternalProcessRecord(); List <string> enabledFeatures = (base.ServicePlanSettings == null) ? null : base.ServicePlanSettings.GetAggregatedMailboxPlanRoleAssignmentFeatures(); List <string> enabledFeatures2 = (this.PreviousServicePlanSettings == null) ? null : this.PreviousServicePlanSettings.GetAggregatedMailboxPlanRoleAssignmentFeatures(); RbacContainer rbacContainer = this.configurationSession.GetRbacContainer(); ExchangeBuild currentRBACConfigVersion = base.GetCurrentRBACConfigVersion(rbacContainer); List <RoleToRAPAssignmentDefinition> list = new List <RoleToRAPAssignmentDefinition>(); foreach (RoleToRAPAssignmentDefinition roleToRAPAssignmentDefinition in this.GetRoleAssignmentDefinitions().Assignments) { if (roleToRAPAssignmentDefinition.SatisfyCondition(enabledFeatures)) { switch (base.InvocationMode) { case InvocationMode.Install: list.Add(roleToRAPAssignmentDefinition); break; case InvocationMode.BuildToBuildUpgrade: if (roleToRAPAssignmentDefinition.IntroducedInBuild > currentRBACConfigVersion) { list.Add(roleToRAPAssignmentDefinition); } break; case InvocationMode.ServicePlanUpdate: if (!roleToRAPAssignmentDefinition.SatisfyCondition(enabledFeatures2) || roleToRAPAssignmentDefinition.IntroducedInBuild > currentRBACConfigVersion) { list.Add(roleToRAPAssignmentDefinition); } break; } } } List <ExchangeRole> list2 = new List <ExchangeRole>(); List <ExchangeRole> list3 = new List <ExchangeRole>(); List <ExchangeRole> list4 = new List <ExchangeRole>(); foreach (ExchangeRole exchangeRole in this.configurationSession.FindPaged <ExchangeRole>(this.rolesContainerId, QueryScope.OneLevel, new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleSchema.IsEndUserRole, true), null, 0)) { if (exchangeRole.IsEndUserRole) { if (this.IsRoleInFilteredList(exchangeRole, list)) { if (this.IsAutoGroupRelatedRole(exchangeRole)) { list3.Add(exchangeRole); } else { list2.Add(exchangeRole); } } if (this.IsAutoGroupRelatedRole(exchangeRole)) { list4.Add(exchangeRole); } } } if (this.Organization == null) { using (IEnumerator <RoleAssignmentPolicy> enumerator2 = this.FindAllRoleAssignmentPolicies().GetEnumerator()) { while (enumerator2.MoveNext()) { RoleAssignmentPolicy policy = enumerator2.Current; this.CreateRAPRoleAssignments(policy, list2); } goto IL_455; } } if (!base.ServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled) { foreach (RoleAssignmentPolicy policy2 in this.FindAllRoleAssignmentPolicies()) { this.CreateRAPRoleAssignments(policy2, list2); } RoleAssignmentPolicy policy3 = this.FindDefaultRoleAssignmentPolicy(); bool currentPlanAutoGroupEnabled = false; base.ServicePlanSettings.MailboxPlans.ForEach(delegate(ServicePlan.MailboxPlan x) { currentPlanAutoGroupEnabled |= x.AutoGroupPermissions; }); bool previousPlanAutoGroupEnabled = false; bool flag = false; bool flag2 = false; if (this.PreviousServicePlanSettings != null) { this.PreviousServicePlanSettings.MailboxPlans.ForEach(delegate(ServicePlan.MailboxPlan x) { previousPlanAutoGroupEnabled |= x.AutoGroupPermissions; }); if (previousPlanAutoGroupEnabled && !this.PreviousServicePlanSettings.Organization.ShareableConfigurationEnabled) { flag = true; } else { flag2 = true; } } else { flag2 = true; } if (currentPlanAutoGroupEnabled && !flag) { this.CreateRAPRoleAssignments(policy3, list3); } else if (!currentPlanAutoGroupEnabled && !flag2) { this.RemoveRAPRoleAssignmentsIfNeeded(policy3, list4, null); } } else { foreach (ServicePlan.MailboxPlan mailboxPlan in base.ServicePlanSettings.MailboxPlans) { ADUser aduser = this.FindMailboxPlanByName(mailboxPlan.Name); if (aduser.RoleAssignmentPolicy == null) { base.WriteError(new InvalidOperationException(Strings.ErrorRBACPolicyLinkNotFound(aduser.Name)), ErrorCategory.InvalidArgument, null); } RoleAssignmentPolicy roleAssignmentPolicy = this.configurationSession.Read <RoleAssignmentPolicy>(aduser.RoleAssignmentPolicy); if (roleAssignmentPolicy == null) { base.WriteError(new InvalidOperationException(Strings.ErrorRBACPolicyNotFound(aduser.RoleAssignmentPolicy.ToString())), ErrorCategory.InvalidArgument, null); } ServicePlan.MailboxPlan mailboxPlan2 = null; if (this.PreviousServicePlanSettings != null) { mailboxPlan2 = this.PreviousServicePlanSettings.GetMailboxPlanByName(mailboxPlan.Name); } if (this.PreviousServicePlanSettings == null || mailboxPlan2 == null) { this.CreateRAPRoleAssignments(roleAssignmentPolicy, list2, aduser.MailboxPlanIndex); } bool flag3 = false; bool flag4 = false; if (mailboxPlan2 != null) { if (mailboxPlan2.AutoGroupPermissions) { flag3 = true; } else { flag4 = true; } } else { flag4 = true; } if (mailboxPlan.AutoGroupPermissions && !flag3) { this.CreateRAPRoleAssignments(roleAssignmentPolicy, list3, aduser.MailboxPlanIndex); } else if (!mailboxPlan.AutoGroupPermissions && !flag4) { this.RemoveRAPRoleAssignmentsIfNeeded(roleAssignmentPolicy, list4, aduser.MailboxPlanIndex); } } } IL_455: this.StampCurrentVersionOnRBACContainer(rbacContainer); }