private List <string> GetCannedRoleNames() { RoleDefinition[] array; if (InstallCannedRbacRoleAssignments.isFfoEnvironment) { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedEOPRoles_Datacenter.Definition, CannedUCCRoles_Datacenter.Definition); } else if (this.Organization == null) { if (Datacenter.IsMicrosoftHostedOnly(false)) { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition); } else if (Datacenter.IsPartnerHostedOnly(false)) { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Hosting.Definition, CannedWebServiceRoles_Hosting.Definition); } else if (Datacenter.IsDatacenterDedicated(false)) { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Dedicated.Definition, CannedWebServiceRoles_Hosting.Definition); } else { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Enterprise.Definition, CannedWebServiceRoles_Enterprise.Definition); } } else if (Datacenter.IsPartnerHostedOnly(false)) { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_HostedTenant.Definition, CannedWebServiceRoles_HostedTenant.Definition); } else { array = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Tenant.Definition, CannedWebServiceRoles_Tenant.Definition); } List <string> list = new List <string>(array.Length); foreach (RoleDefinition roleDefinition in array) { list.Add(roleDefinition.RoleName); if (base.ServicePlanSettings != null && Array.BinarySearch <RoleType>(ExchangeRole.EndUserRoleTypes, roleDefinition.RoleType) >= 0) { foreach (ServicePlan.MailboxPlan mailboxPlan in base.ServicePlanSettings.MailboxPlans) { list.Add(string.Format("{0}_{1}", roleDefinition.RoleName, mailboxPlan.Name)); } } } list.Sort(); return(list); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); InstallCannedRbacRoles.isFfoEnvironment = (base.Fields.Contains("IsFfo") && this.IsFfo); this.configurationSession.SessionSettings.IsSharedConfigChecked = true; base.InternalProcessRecord(); RoleDefinition[] roleDefinitions; RoleNameMappingCollection mapping; string[] rolesToRemove; InstallCannedRbacRoles.CalculateRoleConfigurationForCurrentSKU(this.Organization, base.ServicePlanSettings, out roleDefinitions, out mapping, out rolesToRemove, out this.allAllowedRoleEntriesForSKU); this.RemoveRolesAndAssignments(rolesToRemove); this.UpdateRolesInOrg(mapping, roleDefinitions, base.ServicePlanSettings); TaskLogger.LogExit(); }
internal static void CalculateRoleConfigurationForCurrentSKU(OrganizationIdParameter organization, ServicePlan servicePlanSettings, out RoleDefinition[] roles, out RoleNameMappingCollection nameMapping, out string[] rolesToRemove, out RoleEntry[] allAllowedRoleEntriesForSKU) { if (InstallCannedRbacRoles.isFfoEnvironment) { roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedEOPRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition); roles = InstallCannedRbacRoles.MergeRoleDefinitions(roles, CannedUCCRoles_Datacenter.Definition); nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingDatacenterR4; rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesDatacenter; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableEOPRoleEntries_Datacenter.RoleEntries, AvailableWebServiceRoleEntries_Datacenter.RoleEntries, AvailableUCCRoleEntries_Datacenter.RoleEntries); return; } if (organization == null) { if (Datacenter.IsMicrosoftHostedOnly(false)) { roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Datacenter.Definition, CannedWebServiceRoles_Datacenter.Definition); nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingDatacenterR4; rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesDatacenter; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Datacenter.RoleEntries, AvailableWebServiceRoleEntries_Datacenter.RoleEntries, null); return; } if (Datacenter.IsPartnerHostedOnly(false)) { roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Hosting.Definition, CannedWebServiceRoles_Hosting.Definition); nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingHostingR4; rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesHosting; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Hosting.RoleEntries, AvailableWebServiceRoleEntries_Hosting.RoleEntries, null); return; } if (Datacenter.IsDatacenterDedicated(false)) { roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Dedicated.Definition, CannedWebServiceRoles_Dedicated.Definition); nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingEnterpriseR4; rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesEnterprise; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Dedicated.RoleEntries, AvailableWebServiceRoleEntries_Dedicated.RoleEntries, null); return; } roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Enterprise.Definition, CannedWebServiceRoles_Enterprise.Definition); nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingEnterpriseR4; rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesEnterprise; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Enterprise.RoleEntries, AvailableWebServiceRoleEntries_Enterprise.RoleEntries, null); return; } else { if (Datacenter.IsPartnerHostedOnly(false)) { roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_HostedTenant.Definition, CannedWebServiceRoles_HostedTenant.Definition); rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesHostedTenant; if (servicePlanSettings != null) { List <string> enabledRoleGroupRoleAssignmentFeatures = servicePlanSettings.Organization.GetEnabledRoleGroupRoleAssignmentFeatures(); RoleGroupRoleMapping[] definition = HostedTenant_RoleGroupDefinition.Definition; List <string> a; roles = InstallCannedRbacRoles.FilterOrgRolesByRoleGroupFilters(roles, enabledRoleGroupRoleAssignmentFeatures, definition, out a); rolesToRemove = InstallCannedRbacRoles.AppendIListToarray <string>(rolesToRemove, a); } nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingHostedTenantR4; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_HostedTenant.RoleEntries, AvailableWebServiceRoleEntries_HostedTenant.RoleEntries, null); return; } roles = InstallCannedRbacRoles.MergeRoleDefinitions(CannedRoles_Tenant.Definition, CannedWebServiceRoles_Tenant.Definition); rolesToRemove = InstallCannedRbacObjectsTaskBase.ObsoleteRoleNamesTenant; if (servicePlanSettings != null) { List <string> enabledRoleGroupRoleAssignmentFeatures2 = servicePlanSettings.Organization.GetEnabledRoleGroupRoleAssignmentFeatures(); RoleGroupRoleMapping[] definition2 = Tenant_RoleGroupDefinition.Definition; List <string> a2; roles = InstallCannedRbacRoles.FilterOrgRolesByRoleGroupFilters(roles, enabledRoleGroupRoleAssignmentFeatures2, definition2, out a2); rolesToRemove = InstallCannedRbacRoles.AppendIListToarray <string>(rolesToRemove, a2); } nameMapping = InstallCannedRbacObjectsTaskBase.RoleNameMappingTenantR4; allAllowedRoleEntriesForSKU = InstallCannedRbacRoles.MergeRoleEntries(AvailableRoleEntries_Tenant.RoleEntries, AvailableWebServiceRoleEntries_Tenant.RoleEntries, null); return; } }
internal static void CalculateRoleConfigurationForCurrentSKU(OrganizationIdParameter organization, out RoleDefinition[] roles, out RoleNameMappingCollection nameMapping, out string[] rolesToRemove, out RoleEntry[] allAllowedRoleEntriesForSKU) { InstallCannedRbacRoles.CalculateRoleConfigurationForCurrentSKU(organization, null, out roles, out nameMapping, out rolesToRemove, out allAllowedRoleEntriesForSKU); }
protected override void InternalProcessRecord() { base.InternalProcessRecord(); RoleDefinition[] array; RoleNameMappingCollection roleNameMappingCollection; string[] array2; InstallCannedRbacRoles.CalculateRoleConfigurationForCurrentSKU(this.Organization, out array, out roleNameMappingCollection, out array2, out this.allAllowedRoleEntriesForSKU); List <ExchangeRole> list = new List <ExchangeRole>(); List <ExchangeRole> list2 = new List <ExchangeRole>(); bool flag = false; if (this.Organization != null) { ExchangeConfigurationUnit exchangeConfigUnitFromOrganizationId = OrganizationTaskHelper.GetExchangeConfigUnitFromOrganizationId(this.Organization, this.configurationSession, new Task.TaskErrorLoggingDelegate(base.WriteError), true); flag = !ServicePlanConfiguration.GetInstance().GetServicePlanSettings(exchangeConfigUnitFromOrganizationId.ProgramId, exchangeConfigUnitFromOrganizationId.OfferId).Organization.PerMBXPlanRoleAssignmentPolicyEnabled; } ADPagedReader <ExchangeRole> adpagedReader = this.configurationSession.FindAllPaged <ExchangeRole>(); foreach (ExchangeRole exchangeRole in adpagedReader) { base.LogReadObject(exchangeRole); if (!exchangeRole.IsDeprecated) { if (exchangeRole.HasDownlevelData) { exchangeRole[ExchangeRoleSchema.InternalDownlevelRoleEntries] = null; } this.RemoveObsoleteEntriesAndParameters(exchangeRole); if (exchangeRole.RoleEntries.Count == 0) { base.WriteVerbose(Strings.VerboseDeprecatingRoleBecauseNoEntriesLeft(exchangeRole.Id.ToString())); exchangeRole.RoleState = RoleState.Deprecated; } this.configurationSession.Save(exchangeRole); base.LogWriteObject(exchangeRole); } if (flag && exchangeRole.IsEndUserRole) { exchangeRole.MailboxPlanIndex = string.Empty; this.configurationSession.Save(exchangeRole); base.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(exchangeRole, this.configurationSession, typeof(ExchangeRole))); base.LogWriteObject(exchangeRole); } if (exchangeRole.IsDeprecated) { this.DeleteRoleAssigments(exchangeRole); if (exchangeRole.IsRootRole) { list.Add(exchangeRole); } else { list2.Add(exchangeRole); } } } foreach (ExchangeRole exchangeRole2 in list) { this.configurationSession.DeleteTree(exchangeRole2, delegate(ADTreeDeleteNotFinishedException de) { if (de != null) { base.WriteVerbose(de.LocalizedString); } }); base.WriteVerbose(Strings.ProgressActivityRemovingManagementRoleTree(exchangeRole2.Id.ToString())); } foreach (ExchangeRole exchangeRole3 in list2) { ExchangeRole exchangeRole4 = this.configurationSession.Read <ExchangeRole>(exchangeRole3.Id); if (exchangeRole4 != null) { base.LogReadObject(exchangeRole4); this.configurationSession.DeleteTree(exchangeRole4, delegate(ADTreeDeleteNotFinishedException de) { if (de != null) { base.WriteVerbose(de.LocalizedString); } }); base.WriteVerbose(Strings.ConfirmationMessageRemoveManagementRole(exchangeRole4.Id.ToString())); } } }