protected override void ProcessRecord()
{
this.UserName = PswaHelper.TranslateLocalAccountName(this.UserName);
PswaAuthorizationRule[] rule = this.Rule;
if (rule == null)
{
SortedList <int, PswaAuthorizationRule> nums = PswaAuthorizationRuleCommandHelper.LoadFromFile(this, "Test");
if (nums != null)
{
rule = nums.Values.ToArray <PswaAuthorizationRule>();
}
else
{
return;
}
}
MatchingWildcard matchingWildcard = MatchingWildcard.None;
if (this.UserName == "*")
{
matchingWildcard = matchingWildcard | MatchingWildcard.User;
}
if (this.ConfigurationName == "*")
{
matchingWildcard = matchingWildcard | MatchingWildcard.Configuration;
}
try
{
if (base.ParameterSetName != "ComputerName")
{
if (base.ParameterSetName == "ConnectionUri")
{
PswaAuthorizationRuleManager.Instance.TestRule(rule, this.UserName, this.ConnectionUri, this.ConfigurationName, true, matchingWildcard);
}
}
else
{
if (this.ComputerName == "*")
{
matchingWildcard = matchingWildcard | MatchingWildcard.Destination;
}
PswaAuthorizationRuleManager.Instance.TestRule(rule, this.UserName, this.ComputerName, this.ConfigurationName, true, matchingWildcard);
}
if (this.matches == 0 && this.warnings > 0)
{
throw new Exception(Resources.TestRule_NoMatchWithWarnings);
}
}
catch (Exception exception1)
{
Exception exception = exception1;
base.WriteError(new ErrorRecord(exception, "TestRuleError", ErrorCategory.InvalidOperation, null));
}
}
internal PswaAuthorizationRule[] TestRule(PswaAuthorizationRule[] rules, string user, string computer, string configuration, bool returnAllMatches, MatchingWildcard wildcardParts = 0)
{
string stringSid;
string str;
ArrayList arrayLists = new ArrayList();
PswaAuthorizationRule[] pswaAuthorizationRuleArray = rules;
if (!returnAllMatches)
{
PswaAuthorizationRule pswaAuthorizationRule = this.CheckAllowAllRule(pswaAuthorizationRuleArray);
if (pswaAuthorizationRule != null)
{
PswaAuthorizationRule[] pswaAuthorizationRuleArray1 = new PswaAuthorizationRule[1];
pswaAuthorizationRuleArray1[0] = pswaAuthorizationRule;
return(pswaAuthorizationRuleArray1);
}
}
string str1 = null;
bool flag = false;
if (wildcardParts.HasFlag(MatchingWildcard.User))
{
stringSid = "*";
}
else
{
stringSid = this.activeDirectoryHelper.ConvertAccountNameToStringSid(user, out flag, out str1);
}
string str2 = stringSid;
bool flag1 = true;
string stringSid1 = computer;
if (!wildcardParts.HasFlag(MatchingWildcard.Destination))
{
string str3 = this.TryParseDestinationIpAddress(stringSid1);
if (str3 == null)
{
if (this.activeDirectoryHelper.IsCurrentComputerDomainJoined())
{
try
{
string str4 = this.activeDirectoryHelper.ConvertComputerName(computer, false);
stringSid1 = this.activeDirectoryHelper.ConvertAccountNameToStringSid(str4, out flag1, out str1);
}
catch (Exception exception)
{
}
}
}
else
{
stringSid1 = str3;
}
}
if (string.IsNullOrEmpty(configuration))
{
str = "Microsoft.PowerShell";
}
else
{
str = configuration;
}
string str5 = str;
ArrayList arrayLists1 = new ArrayList();
ArrayList arrayLists2 = new ArrayList();
ArrayList arrayLists3 = new ArrayList();
PswaAuthorizationRule[] pswaAuthorizationRuleArray2 = pswaAuthorizationRuleArray;
for (int i = 0; i < (int)pswaAuthorizationRuleArray2.Length; i++)
{
PswaAuthorizationRule pswaAuthorizationRule1 = pswaAuthorizationRuleArray2[i];
if (pswaAuthorizationRule1.UserType == PswaUserType.UserGroup || pswaAuthorizationRule1.DestinationType == PswaDestinationType.ComputerGroup)
{
if (pswaAuthorizationRule1.IsUserGroupLocal || pswaAuthorizationRule1.IsComputerGroupLocal)
{
arrayLists3.Add(pswaAuthorizationRule1);
}
else
{
arrayLists1.Add(pswaAuthorizationRule1);
}
}
else
{
arrayLists2.Add(pswaAuthorizationRule1);
}
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray3 = this.TestNonGroupRule(arrayLists2, str2, stringSid1, str5, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray3.Length > 0)
{
return(pswaAuthorizationRuleArray3);
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray3);
}
List <string> strs = new List <string>();
List <string> accountDomainGroupSid = new List <string>();
try
{
if (!flag && !wildcardParts.HasFlag(MatchingWildcard.User))
{
strs = this.activeDirectoryHelper.GetAccountDomainGroupSid(str2);
}
if (!flag1 && !wildcardParts.HasFlag(MatchingWildcard.Destination))
{
accountDomainGroupSid = this.activeDirectoryHelper.GetAccountDomainGroupSid(stringSid1);
}
}
catch (ArgumentException argumentException)
{
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray4 = this.TestDomainGroupRule(arrayLists1, str2, stringSid1, str5, strs, accountDomainGroupSid, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray4.Length > 0)
{
return(pswaAuthorizationRuleArray4);
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray4);
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray5 = this.TestLocalGroupRule(arrayLists3, str2, stringSid1, str5, strs, accountDomainGroupSid, returnAllMatches, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray5.Length > 0)
{
return(pswaAuthorizationRuleArray5);
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray5);
}
return((PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule)));
}
internal PswaAuthorizationRule[] TestRule(PswaAuthorizationRule[] rules, string user, Uri connectionUri, string configuration, bool returnAllMatches, MatchingWildcard wildcardParts = 0)
{
return(this.TestRule(rules, user, connectionUri.Host, configuration, returnAllMatches, wildcardParts));
}
private PswaAuthorizationRule[] TestNonGroupRule(IEnumerable rules, string userCanonicalForm, string computerCanonicalForm, string configurationName, MatchingWildcard parts)
{
ArrayList arrayLists = new ArrayList();
foreach (PswaAuthorizationRule rule in rules)
{
try
{
bool flag = false;
bool flag1 = false;
bool flag2 = false;
if (parts.HasFlag(MatchingWildcard.User) || rule.UserType == PswaUserType.All || string.Compare(userCanonicalForm, rule.UserCanonicalForm, StringComparison.OrdinalIgnoreCase) == 0)
{
flag = true;
}
if (parts.HasFlag(MatchingWildcard.Destination) || rule.DestinationType == PswaDestinationType.All || string.Compare(computerCanonicalForm, rule.DestinationCanonicalForm, StringComparison.OrdinalIgnoreCase) == 0)
{
flag1 = true;
}
if (parts.HasFlag(MatchingWildcard.Configuration) || rule.ConfigurationName == "*" || string.Compare(rule.ConfigurationName, configurationName, StringComparison.OrdinalIgnoreCase) == 0)
{
flag2 = true;
}
if (flag && flag1 && flag2)
{
arrayLists.Add(rule);
this.OnTestRuleRuleMatch(rule);
}
}
catch (Exception exception1)
{
Exception exception = exception1;
this.OnTestRuleInvalidRule(rule, exception);
}
}
return((PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule)));
}
private PswaAuthorizationRule[] TestLocalGroupRule(IEnumerable rules, string userCanonicalForm, string computerCanonicalForm, string configurationName, List <string> userDomainGroupSid, List <string> computerDomainGroupSid, bool returnAllMatches, MatchingWildcard parts)
{
ArrayList arrayLists = new ArrayList();
Dictionary <string, string> strs = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
Dictionary <string, string> strs1 = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
foreach (PswaAuthorizationRule rule in rules)
{
try
{
bool flag = false;
bool flag1 = false;
bool flag2 = false;
if (parts.HasFlag(MatchingWildcard.User) || rule.UserType == PswaUserType.All || rule.UserType == PswaUserType.User && userCanonicalForm == rule.UserCanonicalForm || rule.UserType == PswaUserType.UserGroup && !rule.IsUserGroupLocal && userDomainGroupSid.Contains <string>(rule.UserCanonicalForm, StringComparer.OrdinalIgnoreCase) || rule.UserType == PswaUserType.UserGroup && rule.IsUserGroupLocal && this.activeDirectoryHelper.IsAccountInGroup(rule.UserCanonicalForm, userDomainGroupSid, userCanonicalForm, strs))
{
flag = true;
}
if (parts.HasFlag(MatchingWildcard.Destination) || rule.DestinationType == PswaDestinationType.All || rule.DestinationType == PswaDestinationType.Computer && computerCanonicalForm == rule.DestinationCanonicalForm || rule.DestinationType == PswaDestinationType.ComputerGroup && !rule.IsComputerGroupLocal && computerDomainGroupSid.Contains <string>(rule.DestinationCanonicalForm, StringComparer.OrdinalIgnoreCase) || rule.DestinationType == PswaDestinationType.ComputerGroup && rule.IsComputerGroupLocal && this.activeDirectoryHelper.IsAccountInGroup(rule.DestinationCanonicalForm, computerDomainGroupSid, computerCanonicalForm, strs1))
{
flag1 = true;
}
if (parts.HasFlag(MatchingWildcard.Configuration) || rule.ConfigurationName == "*" || string.Compare(rule.ConfigurationName, configurationName, StringComparison.OrdinalIgnoreCase) == 0)
{
flag2 = true;
}
if (flag && flag1 && flag2)
{
arrayLists.Add(rule);
this.OnTestRuleRuleMatch(rule);
if (!returnAllMatches)
{
break;
}
}
}
catch (Exception exception1)
{
Exception exception = exception1;
this.OnTestRuleInvalidRule(rule, exception);
}
}
return((PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule)));
}
internal PswaAuthorizationRule[] TestRule(PswaAuthorizationRule[] rules, string user, string computer, string configuration, bool returnAllMatches, MatchingWildcard wildcardParts = 0)
{
string stringSid;
string str;
ArrayList arrayLists = new ArrayList();
PswaAuthorizationRule[] pswaAuthorizationRuleArray = rules;
if (!returnAllMatches)
{
PswaAuthorizationRule pswaAuthorizationRule = this.CheckAllowAllRule(pswaAuthorizationRuleArray);
if (pswaAuthorizationRule != null)
{
PswaAuthorizationRule[] pswaAuthorizationRuleArray1 = new PswaAuthorizationRule[1];
pswaAuthorizationRuleArray1[0] = pswaAuthorizationRule;
return pswaAuthorizationRuleArray1;
}
}
string str1 = null;
bool flag = false;
if (wildcardParts.HasFlag(MatchingWildcard.User))
{
stringSid = "*";
}
else
{
stringSid = this.activeDirectoryHelper.ConvertAccountNameToStringSid(user, out flag, out str1);
}
string str2 = stringSid;
bool flag1 = true;
string stringSid1 = computer;
if (!wildcardParts.HasFlag(MatchingWildcard.Destination))
{
string str3 = this.TryParseDestinationIpAddress(stringSid1);
if (str3 == null)
{
if (this.activeDirectoryHelper.IsCurrentComputerDomainJoined())
{
try
{
string str4 = this.activeDirectoryHelper.ConvertComputerName(computer, false);
stringSid1 = this.activeDirectoryHelper.ConvertAccountNameToStringSid(str4, out flag1, out str1);
}
catch (Exception exception)
{
}
}
}
else
{
stringSid1 = str3;
}
}
if (string.IsNullOrEmpty(configuration))
{
str = "Microsoft.PowerShell";
}
else
{
str = configuration;
}
string str5 = str;
ArrayList arrayLists1 = new ArrayList();
ArrayList arrayLists2 = new ArrayList();
ArrayList arrayLists3 = new ArrayList();
PswaAuthorizationRule[] pswaAuthorizationRuleArray2 = pswaAuthorizationRuleArray;
for (int i = 0; i < (int)pswaAuthorizationRuleArray2.Length; i++)
{
PswaAuthorizationRule pswaAuthorizationRule1 = pswaAuthorizationRuleArray2[i];
if (pswaAuthorizationRule1.UserType == PswaUserType.UserGroup || pswaAuthorizationRule1.DestinationType == PswaDestinationType.ComputerGroup)
{
if (pswaAuthorizationRule1.IsUserGroupLocal || pswaAuthorizationRule1.IsComputerGroupLocal)
{
arrayLists3.Add(pswaAuthorizationRule1);
}
else
{
arrayLists1.Add(pswaAuthorizationRule1);
}
}
else
{
arrayLists2.Add(pswaAuthorizationRule1);
}
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray3 = this.TestNonGroupRule(arrayLists2, str2, stringSid1, str5, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray3.Length > 0)
{
return pswaAuthorizationRuleArray3;
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray3);
}
List<string> strs = new List<string>();
List<string> accountDomainGroupSid = new List<string>();
try
{
if (!flag && !wildcardParts.HasFlag(MatchingWildcard.User))
{
strs = this.activeDirectoryHelper.GetAccountDomainGroupSid(str2);
}
if (!flag1 && !wildcardParts.HasFlag(MatchingWildcard.Destination))
{
accountDomainGroupSid = this.activeDirectoryHelper.GetAccountDomainGroupSid(stringSid1);
}
}
catch (ArgumentException argumentException)
{
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray4 = this.TestDomainGroupRule(arrayLists1, str2, stringSid1, str5, strs, accountDomainGroupSid, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray4.Length > 0)
{
return pswaAuthorizationRuleArray4;
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray4);
}
PswaAuthorizationRule[] pswaAuthorizationRuleArray5 = this.TestLocalGroupRule(arrayLists3, str2, stringSid1, str5, strs, accountDomainGroupSid, returnAllMatches, wildcardParts);
if (!returnAllMatches)
{
if ((int)pswaAuthorizationRuleArray5.Length > 0)
{
return pswaAuthorizationRuleArray5;
}
}
else
{
arrayLists.AddRange(pswaAuthorizationRuleArray5);
}
return (PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule));
}
internal PswaAuthorizationRule[] TestRule(PswaAuthorizationRule[] rules, string user, Uri connectionUri, string configuration, bool returnAllMatches, MatchingWildcard wildcardParts = 0)
{
return this.TestRule(rules, user, connectionUri.Host, configuration, returnAllMatches, wildcardParts);
}
private PswaAuthorizationRule[] TestNonGroupRule(IEnumerable rules, string userCanonicalForm, string computerCanonicalForm, string configurationName, MatchingWildcard parts)
{
ArrayList arrayLists = new ArrayList();
foreach (PswaAuthorizationRule rule in rules)
{
try
{
bool flag = false;
bool flag1 = false;
bool flag2 = false;
if (parts.HasFlag(MatchingWildcard.User) || rule.UserType == PswaUserType.All || string.Compare(userCanonicalForm, rule.UserCanonicalForm, StringComparison.OrdinalIgnoreCase) == 0)
{
flag = true;
}
if (parts.HasFlag(MatchingWildcard.Destination) || rule.DestinationType == PswaDestinationType.All || string.Compare(computerCanonicalForm, rule.DestinationCanonicalForm, StringComparison.OrdinalIgnoreCase) == 0)
{
flag1 = true;
}
if (parts.HasFlag(MatchingWildcard.Configuration) || rule.ConfigurationName == "*" || string.Compare(rule.ConfigurationName, configurationName, StringComparison.OrdinalIgnoreCase) == 0)
{
flag2 = true;
}
if (flag && flag1 && flag2)
{
arrayLists.Add(rule);
this.OnTestRuleRuleMatch(rule);
}
}
catch (Exception exception1)
{
Exception exception = exception1;
this.OnTestRuleInvalidRule(rule, exception);
}
}
return (PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule));
}
private PswaAuthorizationRule[] TestLocalGroupRule(IEnumerable rules, string userCanonicalForm, string computerCanonicalForm, string configurationName, List<string> userDomainGroupSid, List<string> computerDomainGroupSid, bool returnAllMatches, MatchingWildcard parts)
{
ArrayList arrayLists = new ArrayList();
Dictionary<string, string> strs = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
Dictionary<string, string> strs1 = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
foreach (PswaAuthorizationRule rule in rules)
{
try
{
bool flag = false;
bool flag1 = false;
bool flag2 = false;
if (parts.HasFlag(MatchingWildcard.User) || rule.UserType == PswaUserType.All || rule.UserType == PswaUserType.User && userCanonicalForm == rule.UserCanonicalForm || rule.UserType == PswaUserType.UserGroup && !rule.IsUserGroupLocal && userDomainGroupSid.Contains<string>(rule.UserCanonicalForm, StringComparer.OrdinalIgnoreCase) || rule.UserType == PswaUserType.UserGroup && rule.IsUserGroupLocal && this.activeDirectoryHelper.IsAccountInGroup(rule.UserCanonicalForm, userDomainGroupSid, userCanonicalForm, strs))
{
flag = true;
}
if (parts.HasFlag(MatchingWildcard.Destination) || rule.DestinationType == PswaDestinationType.All || rule.DestinationType == PswaDestinationType.Computer && computerCanonicalForm == rule.DestinationCanonicalForm || rule.DestinationType == PswaDestinationType.ComputerGroup && !rule.IsComputerGroupLocal && computerDomainGroupSid.Contains<string>(rule.DestinationCanonicalForm, StringComparer.OrdinalIgnoreCase) || rule.DestinationType == PswaDestinationType.ComputerGroup && rule.IsComputerGroupLocal && this.activeDirectoryHelper.IsAccountInGroup(rule.DestinationCanonicalForm, computerDomainGroupSid, computerCanonicalForm, strs1))
{
flag1 = true;
}
if (parts.HasFlag(MatchingWildcard.Configuration) || rule.ConfigurationName == "*" || string.Compare(rule.ConfigurationName, configurationName, StringComparison.OrdinalIgnoreCase) == 0)
{
flag2 = true;
}
if (flag && flag1 && flag2)
{
arrayLists.Add(rule);
this.OnTestRuleRuleMatch(rule);
if (!returnAllMatches)
{
break;
}
}
}
catch (Exception exception1)
{
Exception exception = exception1;
this.OnTestRuleInvalidRule(rule, exception);
}
}
return (PswaAuthorizationRule[])arrayLists.ToArray(typeof(PswaAuthorizationRule));
}
