private void RetrieveAllScopes(ScopeRestrictionType scopeType, ADRawEntry givenObject, out Dictionary <ADObjectId, ADScope> customScopes, out Dictionary <ADObjectId, ADScope> exclusiveScopes) { customScopes = new Dictionary <ADObjectId, ADScope>(); exclusiveScopes = new Dictionary <ADObjectId, ADScope>(); ScopeType scopeType2 = ScopeType.ExclusiveConfigScope; ScopeType scopeType3 = ScopeType.CustomConfigScope; if (scopeType == ScopeRestrictionType.RecipientScope) { scopeType2 = ScopeType.ExclusiveRecipientScope; scopeType3 = ScopeType.CustomRecipientScope; } ADPagedReader <ManagementScope> allScopes = this.configSession.GetAllScopes(this.orgId, scopeType); foreach (ManagementScope managementScope in allScopes) { if (managementScope.ScopeRestrictionType == scopeType) { ExchangeRunspaceConfiguration.TryStampQueryFilterOnManagementScope(managementScope); if (managementScope.Exclusive) { RbacScope rbacScope = new RbacScope(scopeType2, managementScope); rbacScope.PopulateRootAndFilter(this.orgId, givenObject); exclusiveScopes.Add(managementScope.OriginalId, rbacScope); } RbacScope rbacScope2 = new RbacScope(scopeType3, managementScope); rbacScope2.PopulateRootAndFilter(this.orgId, givenObject); customScopes.Add(managementScope.OriginalId, rbacScope2); } } }
internal static SetterDelegate FilterSetterDelegate(ScopeRestrictionType filterType) { return(delegate(object value, IPropertyBag bag) { ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)bag[ManagementScopeSchema.ScopeRestrictionType]; if (scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete) { scopeRestrictionType = ScopeRestrictionType.RecipientScope; } if (scopeRestrictionType != filterType) { throw new ArgumentException(); } bag[ManagementScopeSchema.Filter] = (string)value; }); }
internal static GetterDelegate FilterGetterDelegate(ScopeRestrictionType filterType) { return(delegate(IPropertyBag bag) { ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)bag[ManagementScopeSchema.ScopeRestrictionType]; if (scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete) { scopeRestrictionType = ScopeRestrictionType.RecipientScope; } if (scopeRestrictionType != filterType) { return string.Empty; } return (string)bag[ManagementScopeSchema.Filter]; }); }
internal static bool TryConvertPowershellFilterIntoQueryFilter(string filter, ScopeRestrictionType scopeRestrictionType, Task task, out QueryFilter queryFilter, out string errorString) { queryFilter = null; errorString = null; ObjectSchema schema; switch (scopeRestrictionType) { case ScopeRestrictionType.RecipientScope: schema = RBACHelper.aDRecipientObjectsSchema; break; case ScopeRestrictionType.ServerScope: schema = RBACHelper.serverSchema; break; case ScopeRestrictionType.PartnerDelegatedTenantScope: schema = RBACHelper.tenantOrganizationPresentationObjectSchema; break; case ScopeRestrictionType.DatabaseScope: schema = RBACHelper.databaseSchema; break; default: throw new ArgumentException("scopeRestrictionType"); } Exception ex = null; try { MonadFilter monadFilter = new MonadFilter(filter, task, schema); queryFilter = monadFilter.InnerFilter; return(true); } catch (InvalidCastException ex2) { ex = ex2; } catch (ParsingException ex3) { ex = ex3; } errorString = ex.Message; return(false); }
public ADPagedReader <ManagementScope> GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType) { ADObjectId rootId = (OrganizationId.ForestWideOrgId.Equals(organizationId) || organizationId == null) ? this.GetOrgContainerId() : organizationId.ConfigurationUnit; return(this.FindPaged <ManagementScope>(rootId, QueryScope.SubTree, new ComparisonFilter(ComparisonOperator.Equal, ManagementScopeSchema.ScopeRestrictionType, restrictionType), null, 0)); }
internal static object ScopeRestrictionTypeGetter(IPropertyBag propertyBag) { ScopeRestrictionType scopeRestrictionType = (ScopeRestrictionType)((int)propertyBag[ManagementScopeSchema.ScopeRestrictionFlags] & 255); return((scopeRestrictionType == ScopeRestrictionType.DomainScope_Obsolete) ? ScopeRestrictionType.RecipientScope : scopeRestrictionType); }
ADPagedReader <ManagementScope> IConfigurationSession.GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType) { FfoDirectorySession.LogNotSupportedInFFO(null); ComparisonFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.OrganizationalUnitRoot, organizationId.OrganizationalUnit); return(new FfoPagedReader <ManagementScope>(this, filter, null)); }
ADPagedReader <ManagementScope> IConfigurationSession.GetAllScopes(OrganizationId organizationId, ScopeRestrictionType restrictionType) { return(base.InvokeWithAPILogging <ADPagedReader <ManagementScope> >(() => this.GetSession().GetAllScopes(organizationId, restrictionType), "GetAllScopes")); }
private List <ExchangeRoleAssignment> FindRoleAssignmentsWithWritableConfigObject(ScopeRestrictionType restrictionType, ADConfigurationObject writableObject, IEnumerable <ExchangeRoleAssignment> roleAssignments) { Dictionary <ADObjectId, ADScope> customConfigScopes; Dictionary <ADObjectId, ADScope> dictionary; this.RetrieveAllScopes(restrictionType, writableObject, out customConfigScopes, out dictionary); if (dictionary.Count > 0 && ManagementReporting.VerifyIsWithinScopes(writableObject, new List <ADScope>(dictionary.Values), new List <ADScope>(dictionary.Values), new RbacScope(ScopeType.Organization))) { return(this.GetEffectiveRoleAssignmentsForConfigObject(writableObject, roleAssignments, customConfigScopes, dictionary, true)); } return(this.GetEffectiveRoleAssignmentsForConfigObject(writableObject, roleAssignments, customConfigScopes, dictionary, false)); }