Пример #1
0
        public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject)
        {
            if (adObject == null)
            {
                throw new ArgumentNullException("adObject");
            }
            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString());
            CapabilityEvaluationResult capabilityEvaluationResult = CapabilityEvaluationResult.NotApplicable;
            ADRecipient adrecipient = adObject as ADRecipient;

            if (!(adObject is ReducedRecipient) && adrecipient == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ReducedRecipient or ADUser.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
                return(capabilityEvaluationResult);
            }
            capabilityEvaluationResult = ((adObject[ReducedRecipientSchema.ResourceType] != null) ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No);
            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "ResourceMailboxCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
            return(capabilityEvaluationResult);
        }
Пример #2
0
        public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject)
        {
            if (adObject == null)
            {
                throw new ArgumentNullException("adObject");
            }
            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString());
            CapabilityEvaluationResult capabilityEvaluationResult = CapabilityEvaluationResult.NotApplicable;
            ADUser           aduser           = adObject as ADUser;
            ReducedRecipient reducedRecipient = adObject as ReducedRecipient;

            if (aduser == null && reducedRecipient == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ADUser/ReducedRecipient.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
                return(capabilityEvaluationResult);
            }
            SmtpAddress value = (aduser != null) ? aduser.WindowsLiveID : reducedRecipient.WindowsLiveID;

            if (value == SmtpAddress.Empty || value.Domain == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient is not Live enabled.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
                return(capabilityEvaluationResult);
            }
            OrganizationId organizationId = (aduser != null) ? aduser.OrganizationId : reducedRecipient.OrganizationId;

            if (organizationId == null || OrganizationId.ForestWideOrgId.Equals(organizationId))
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient does not belong to tenant scope.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
                return(capabilityEvaluationResult);
            }
            IConfigurationSession     tenantScopedSystemConfigurationSession = base.GetTenantScopedSystemConfigurationSession(organizationId);
            ExchangeConfigurationUnit exchangeConfigurationUnit = tenantScopedSystemConfigurationSession.Read <ExchangeConfigurationUnit>(organizationId.ConfigurationUnit);

            if (exchangeConfigurationUnit == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - user/recipient does is not in tenant scope.", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
                return(capabilityEvaluationResult);
            }
            capabilityEvaluationResult = (((exchangeConfigurationUnit.ObjectVersion < 13000) ? exchangeConfigurationUnit.IsFederated : FederatedUserCapabilityIdentifierEvaluator.IsNamespaceFederated(organizationId, value.Domain)) ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No);
            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "FederatedUserCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
            return(capabilityEvaluationResult);
        }
Пример #3
0
        public override CapabilityEvaluationResult Evaluate(ADRawEntry adObject)
        {
            if (adObject == null)
            {
                throw new ArgumentNullException("adObject");
            }
            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Entering MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') CapabilityToCheck '{1}'.", adObject.GetDistinguishedNameOrName(), base.Capability.ToString());
            if (!Datacenter.IsMultiTenancyEnabled())
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - not datacenter mode.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString());
                return(CapabilityEvaluationResult.NotApplicable);
            }
            ADRecipient      adrecipient      = adObject as ADRecipient;
            ReducedRecipient reducedRecipient = adObject as ReducedRecipient;

            if (adrecipient == null && reducedRecipient == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - adObject in not ADRecipient or ReducedRecipient.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString());
                return(CapabilityEvaluationResult.NotApplicable);
            }
            if ((adrecipient == null || !adrecipient.IsDirSyncEnabled) && (reducedRecipient == null || !reducedRecipient.IsDirSyncEnabled))
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient is not Dirsynced.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.No.ToString(), base.Capability.ToString());
                return(CapabilityEvaluationResult.No);
            }
            OrganizationId organizationId = (adrecipient != null) ? adrecipient.OrganizationId : reducedRecipient.OrganizationId;

            if (organizationId == null || OrganizationId.ForestWideOrgId.Equals(organizationId))
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient does not belong to tenant scope.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString());
                return(CapabilityEvaluationResult.NotApplicable);
            }
            ExchangeConfigurationUnit exchangeConfigurationUnit = this.GetExchangeConfigurationUnit(organizationId);

            if (exchangeConfigurationUnit == null)
            {
                ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}' - recipient is not in tenant scope.", adObject.GetDistinguishedNameOrName(), CapabilityEvaluationResult.NotApplicable.ToString(), base.Capability.ToString());
                return(CapabilityEvaluationResult.NotApplicable);
            }
            CapabilityEvaluationResult capabilityEvaluationResult = exchangeConfigurationUnit.IsDirSyncEnabled ? CapabilityEvaluationResult.Yes : CapabilityEvaluationResult.No;

            ExTraceGlobals.AccessCheckTracer.TraceDebug <string, string, string>((long)this.GetHashCode(), "MasteredOnPremiseCapabilityIdentifierEvaluator.Evaluate('{0}') return '{1}'. CapabilityToCheck '{2}'", adObject.GetDistinguishedNameOrName(), capabilityEvaluationResult.ToString(), base.Capability.ToString());
            return(capabilityEvaluationResult);
        }