private bool IsSafeToRemoveDisableAssignmentFromGroup(ExchangeRoleAssignment roleAssignment) { if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment)) { return(true); } ExchangeRole role = this.GetRole(roleAssignment.Role); if (!role.IsValid) { return(true); } bool flag = true; bool verifyGroupEmptiness = false; if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.DelegatingOrgWide) && role.IsRootRole && !role.IsUnscoped) { flag = false; } if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType)) { flag = false; verifyGroupEmptiness = true; } flag = (flag || !role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet())); if (!flag) { flag = this.ExistDistinctRoleAssignmentForGroup(roleAssignment, role, verifyGroupEmptiness); } return(flag); }
private void RemoveObsoleteEntriesAndParameters(ExchangeRole role) { if (role.RoleType == RoleType.UnScoped) { return; } List <RoleEntry> list = new List <RoleEntry>(); foreach (RoleEntry roleEntry in role.RoleEntries) { RoleEntry roleEntry2 = roleEntry.FindAndIntersectWithMatchingParameters(this.allAllowedRoleEntriesForSKU); if (roleEntry2 != null) { list.Add(roleEntry2); if (roleEntry2 != roleEntry) { base.WriteVerbose(Strings.ConfirmationMessageRemoveManagementRoleEntry(roleEntry.ToString(), role.Id.ToString())); base.WriteVerbose(Strings.ConfirmationMessageNewManagementRoleEntry(roleEntry2.ToString(), role.Id.ToString())); } } else { base.WriteVerbose(Strings.ConfirmationMessageRemoveManagementRoleEntry(roleEntry.ToString(), role.Id.ToString())); } } role.RoleEntries = new MultiValuedProperty <RoleEntry>(list); }
protected virtual void CreateOrUpdateRoles(RoleNameMapping mapping, List <RoleDefinition> roleDefinitions, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20008L, "-->CreateOrUpdateRoles: roleDefinitions count = {0}", roleDefinitions.Count); List <ExchangeRole> list = new List <ExchangeRole>(roleDefinitions.Count); foreach (RoleDefinition definition in roleDefinitions) { ExchangeRole exchangeRole = base.CreateOrUpdateRole(null, definition, enabledPermissionFeatures, suffix, mailboxPlanIndex); if (exchangeRole != null) { list.Add(exchangeRole); } } string text = (suffix == null) ? mapping.OldName : (mapping.OldName + suffix); ExchangeRole exchangeRole2 = this.settings.ConfigurationSession.Read <ExchangeRole>(this.settings.RolesContainerId.GetChildId(text)); if (exchangeRole2 == null) { ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "<--CreateOrUpdateRoles: Deprecated role not found. oldRoleName = {0}", text); return; } this.settings.LogReadObject(exchangeRole2); foreach (ExchangeRole newRole in list) { this.CloneRoleAssignments(exchangeRole2, newRole); } RoleEntry[] deprecatedParentRoleEntries = base.PrepareRoleForUpgradeAndGetOldSortedEntries(exchangeRole2, true); int num = 0; this.MatchDerivedRoles(exchangeRole2, deprecatedParentRoleEntries, list, ref num); base.SaveRoleAndWarnOnFailure(exchangeRole2); this.settings.LogWriteObject(exchangeRole2); ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--CreateOrUpdateRoles"); }
private IEnumerable <ExchangeRoleAssignment> FindExchangeRoleAssignments(QueryFilter filter, ObjectId rootId, bool deepSearch, SortBy sortBy, int pageSize = 2147483647, bool includeScopes = true) { IEnumerable <ExchangeRoleAssignment> roleAssignments = base.FindAndHandleException <ExchangeRoleAssignment>(filter, rootId, deepSearch, sortBy, pageSize); IEnumerable <string> roleNames = (from roleAssignment in roleAssignments select roleAssignment.Role.Name).Distinct(StringComparer.OrdinalIgnoreCase).ToArray <string>(); Dictionary <string, ExchangeRole> cannedRoles = new Dictionary <string, ExchangeRole>(StringComparer.OrdinalIgnoreCase); foreach (string text in roleNames) { ExchangeRole exchangeRole = new ExchangeRole { Name = text }; if (this.UpdateImplictScope(exchangeRole)) { cannedRoles.Add(text, exchangeRole); } } foreach (ExchangeRoleAssignment roleAssignment2 in roleAssignments) { FfoDirectorySession.FixDistinguishedName(roleAssignment2, base.TenantId.DistinguishedName, base.TenantId.ObjectGuid, ((ADObjectId)roleAssignment2.Identity).ObjectGuid, ExchangeRoleAssignment.RdnContainer); roleAssignment2.Role = FfoDirectorySession.GetUpdatedADObjectIdWithDN(roleAssignment2.Role, base.TenantId.DistinguishedName, base.TenantId.ObjectGuid, ExchangeRole.RdnContainer); if (roleAssignment2.RoleAssigneeType == RoleAssigneeType.RoleGroup && cannedRoles.ContainsKey(roleAssignment2.Role.Name)) { ExchangeRole exchangeRole2 = cannedRoles[roleAssignment2.Role.Name]; roleAssignment2.RecipientReadScope = exchangeRole2.ImplicitRecipientReadScope; roleAssignment2.ConfigReadScope = exchangeRole2.ImplicitConfigReadScope; roleAssignment2.RecipientWriteScope = (RecipientWriteScopeType)exchangeRole2.ImplicitRecipientWriteScope; roleAssignment2.ConfigWriteScope = (ConfigWriteScopeType)exchangeRole2.ImplicitConfigWriteScope; } yield return(roleAssignment2); } yield break; }
protected void UpdateCannedRole(ExchangeRole existingRole, ExchangeRole cannedRole, List <ExchangeRole> newRoles) { ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "-->UpdateCannedRole: existingRole = {0}, existingRoleVersion = {1}, existingRole-RoleType = {2}, cannedRole = {3}, cannedRoleVersion = {4}, cannedRole-RoleType = {5}", new object[] { existingRole.Name, existingRole.ExchangeVersion.ToString(), existingRole.RoleType.ToString(), cannedRole.Name, cannedRole.ExchangeVersion.ToString(), cannedRole.RoleType.ToString() }); bool flag = existingRole.ExchangeVersion == ExchangeRoleSchema.Exchange2009_R3; RoleEntry[] array = base.PrepareRoleForUpgradeAndGetOldSortedEntries(existingRole, false); if (existingRole.IsModified(ADObjectSchema.ExchangeVersion)) { existingRole.RoleType = cannedRole.RoleType; } foreach (ExchangeRole newRole in newRoles) { base.CloneRoleAssignments(existingRole, newRole); } existingRole.RoleEntries = (flag ? cannedRole.RoleEntries : base.CalculateUpdatedRoleEntries(cannedRole, array)); int num = 0; this.FindAndMatchDerivedRoles(existingRole, array, newRoles, ref num); existingRole.OrganizationId = this.settings.OrganizationId; base.SaveRoleAndWarnOnFailure(existingRole); ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<---UpdateCannedRole"); }
protected override void CreateOrUpdateRoles(RoleNameMapping mapping, List <RoleDefinition> roleDefinitions, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20009L, "-->CreateOrUpdateRoles: roleDefinitions count = {0}", roleDefinitions.Count); RoleDefinition item = roleDefinitions.First((RoleDefinition x) => x.RoleName.Equals(mapping.OldName)); roleDefinitions.Remove(item); List <ExchangeRole> list = new List <ExchangeRole>(roleDefinitions.Count); foreach (RoleDefinition definition in roleDefinitions) { ExchangeRole exchangeRole = base.CreateOrUpdateRole(null, definition, enabledPermissionFeatures, suffix, mailboxPlanIndex); if (exchangeRole != null) { list.Add(exchangeRole); } } ExchangeRole exchangeRole2 = item.GenerateRole(enabledPermissionFeatures, this.settings.RolesContainerId, suffix, mailboxPlanIndex); string unescapedCommonName = (suffix == null) ? mapping.OldName : (mapping.OldName + suffix); ExchangeRole exchangeRole3 = this.settings.ConfigurationSession.Read <ExchangeRole>(this.settings.RolesContainerId.GetChildId(unescapedCommonName)); if (exchangeRole3 == null) { if (exchangeRole2.RoleEntries.Count > 0) { exchangeRole2.OrganizationId = this.settings.OrganizationId; base.SaveRoleAndSuggestCleanupOnFailure(exchangeRole2); ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRole: New Role created"); } return; } this.settings.LogReadObject(exchangeRole3); this.UpdateCannedRole(exchangeRole3, exchangeRole2, list); ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRoles"); }
private bool FindRoleAssignment(ExchangeRole role, ADObjectId userId, ExchangeRoleAssignment roleAssigmentToFind) { ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string>(20008L, "-->FindRoleAssignment: role.Name = {0}, userId.Name = {1}", role.Name, userId.Name); List <ComparisonFilter> list = new List <ComparisonFilter>(); list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id)); list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, userId)); list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags, roleAssigmentToFind[ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags])); if (roleAssigmentToFind.CustomConfigWriteScope != null) { list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomConfigWriteScope, roleAssigmentToFind.CustomConfigWriteScope)); } if (roleAssigmentToFind.CustomRecipientWriteScope != null) { list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomRecipientWriteScope, roleAssigmentToFind.CustomRecipientWriteScope)); } using (IEnumerator <ExchangeRoleAssignment> enumerator = this.settings.ConfigurationSession.FindPaged <ExchangeRoleAssignment>(this.settings.OrgContainerId, QueryScope.SubTree, new AndFilter(list.ToArray()), null, 1).GetEnumerator()) { if (enumerator.MoveNext()) { ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current; ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "<--FindRoleAssignment: Role assignment found. roleAssignment.Name = {0}", exchangeRoleAssignment.Name); return(true); } } ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--FindRoleAssignment: Role assignment NOT found"); return(false); }
protected void SaveRoleAndSuggestCleanupOnFailure(ExchangeRole role) { Exception ex = null; try { this.settings.ConfigurationSession.Save(role); this.settings.LogWriteObject(role); this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole))); } catch (DataSourceOperationException ex2) { ex = ex2; } catch (DataValidationException ex3) { ex = ex3; } if (ex != null) { CorruptedRoleNeedsCleanupException ex4 = new CorruptedRoleNeedsCleanupException(role.Identity.ToString(), ex.Message, ex); if (!this.settings.Task.Stopping) { TaskLogger.SendWatsonReport(ex4); } this.settings.WriteError(ex4, ErrorCategory.InvalidOperation, null); } }
internal RoleAndSession(ExchangeRole role, IConfigDataProvider configSession, ExchangeRole parentRole) { this.Role = role; this.ConfigSession = configSession; this.ParentRole = parentRole; this.PipelinedElements = new List <AddRemoveManagementRoleEntryActionBase.PipelinedElement>(); }
protected void SaveDerivedRoleAndWarnOnValidationErrors(ExchangeRole role) { if (role.IsRootRole) { throw new ArgumentNullException("Only derive roles should be"); } try { int count = role.RoleEntries.Count; ValidationError[] array = role.Validate(); role.AllowEmptyRole = true; this.settings.ConfigurationSession.Save(role); this.settings.LogWriteObject(role); this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole))); if (array != null && array.Length != 0) { this.settings.WriteWarning(Strings.WarningInvalidRoleAfterUpgrade(role.Identity.ToString(), MultiValuedPropertyBase.FormatMultiValuedProperty(array))); } } catch (DataSourceOperationException ex) { this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex.Message)); } catch (DataValidationException ex2) { this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex2.Message)); } }
// Token: 0x06001424 RID: 5156 RVA: 0x00048FBC File Offset: 0x000471BC private static bool IsWebMethodInDefaultRoleType(string webMethodName, RoleType roleType, ref List <string> entriesCache) { if (string.IsNullOrEmpty(webMethodName)) { throw new ArgumentNullException("webMethodName"); } if (entriesCache == null) { lock (PartnerApplicationRunspaceConfiguration.staticLock) { if (entriesCache == null) { ExchangeRole rootRoleForRoleType = PartnerApplicationRunspaceConfiguration.GetRootRoleForRoleType(roleType); if (rootRoleForRoleType != null) { entriesCache = (from x in rootRoleForRoleType.RoleEntries select x.Name).ToList <string>(); entriesCache.Sort(); } else { entriesCache = new List <string>(); } } } } return(entriesCache.BinarySearch(webMethodName, StringComparer.OrdinalIgnoreCase) >= 0); }
private static RoleDefinition[] FilterOrgRolesByRoleGroupFilters(RoleDefinition[] roles, List <string> enabledRoleGroupAssignmentFeatures, RoleGroupRoleMapping[] definitions, out List <string> extraRolesToRemove) { HashSet <RoleDefinition> hashSet = new HashSet <RoleDefinition>(); foreach (RoleDefinition item in roles) { bool flag = !ExchangeRole.IsAdminRole(item.RoleType); if (flag) { hashSet.Add(item); } else { foreach (RoleGroupRoleMapping roleGroupRoleMapping in definitions) { foreach (RoleAssignmentDefinition roleAssignmentDefinition in roleGroupRoleMapping.Assignments) { if (roleAssignmentDefinition.RoleType == item.RoleType && roleAssignmentDefinition.SatisfyCondition(enabledRoleGroupAssignmentFeatures) && !hashSet.Contains(item)) { hashSet.Add(item); } } } } } extraRolesToRemove = new List <string>(); foreach (RoleDefinition item2 in roles) { if (!hashSet.Contains(item2)) { extraRolesToRemove.Add(item2.RoleName); } } return(hashSet.ToArray <RoleDefinition>()); }
private void RemoveAllRoleAssignmentsForOneRole(ExchangeRole role, RoleAssignmentDelegationType delegationType) { QueryFilter queryFilter; if (delegationType == RoleAssignmentDelegationType.Regular) { queryFilter = new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType); } else { queryFilter = new OrFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, RoleAssignmentDelegationType.Delegating), new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, RoleAssignmentDelegationType.DelegatingOrgWide) }); } foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer), QueryScope.OneLevel, new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id), queryFilter }), null, 0)) { this.configurationSession.Delete(exchangeRoleAssignment); base.LogWriteObject(exchangeRoleAssignment); } }
private void CreateRoleAssignmentDefinition(RoleAssignmentDefinition roleAssignmentDefinition, ADGroup roleGroup, List <ExchangeRole> precannedRoles) { List <ExchangeRole> list = precannedRoles.FindAll((ExchangeRole x) => x.RoleType.Equals(roleAssignmentDefinition.RoleType)); if (roleAssignmentDefinition.UseSafeRole) { List <ExchangeRole> list2 = new List <ExchangeRole>(list.Count); foreach (ExchangeRole cannedRole in list) { ExchangeRole exchangeRole = this.TryFindSafeDCRoleOrUseDefault(cannedRole); if (exchangeRole != null) { list2.Add(exchangeRole); } } list = list2; } foreach (ExchangeRole role in list) { if (!this.FindRoleAssignment(role, roleGroup, roleAssignmentDefinition.DelegationType)) { this.CreateRoleAssignment(role, roleGroup, roleAssignmentDefinition.DelegationType); } } }
private void CreateCustomRole(RoleDefinition customRoleDefinition, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex) { ADObjectId childId = this.rolesContainerId.GetChildId(customRoleDefinition.ParentRoleName + suffix); ExchangeRole exchangeRole = customRoleDefinition.GenerateRole(enabledPermissionFeatures, childId, suffix, mailboxPlanIndex); exchangeRole.OrganizationId = base.CurrentOrganizationId; this.configurationSession.Save(exchangeRole); }
private bool TryRenameDeriveEndUserRole(ExchangeRole role) { if (role.IsRootRole || !role.IsEndUserRole) { throw new ArgumentException(string.Format("Invalid role {0}. Only NON root roles and endUser roles can be renamed.", role.Name)); } string text = ("renamed_" + role.Name).Trim(); if (text.Length > 64) { text = text.Substring(0, 64).Trim(); } string text2 = text; if (text2.Length > 61) { text2 = text2.Substring(0, 61).Trim(); } int num = 1; bool flag = false; for (;;) { QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Name, text); ExchangeRole[] array = this.configurationSession.FindPaged <ExchangeRole>(this.rolesContainerId, QueryScope.SubTree, filter, null, 0).ReadAllPages(); if (array.Length == 0) { break; } text = text2 + "-" + num.ToString(); num++; if (num >= 100) { goto IL_C5; } } flag = true; IL_C5: if (flag) { try { role.AllowEmptyRole = true; role.Name = text; this.configurationSession.Save(role); base.LogWriteObject(role); } catch (DataSourceOperationException ex) { this.WriteWarning(Strings.WarningRenamingRole(role.Name, ex.Message)); } catch (DataValidationException ex2) { this.WriteWarning(Strings.WarningRenamingRole(role.Name, ex2.Message)); } } return(flag); }
private void DeleteRoleAssigments(ExchangeRole deprecatedRole) { foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, deprecatedRole.Id), null, 0)) { base.LogReadObject(exchangeRoleAssignment); this.configurationSession.Delete(exchangeRoleAssignment); base.LogWriteObject(exchangeRoleAssignment); } }
public EndUserRoleRow(ExchangeRole role) : base(role) { base.Name = role.Name; base.Description = role.Description; base.Group = role.RoleType.ToString(); base.Parent = (role.IsRootRole ? null : role.RoleType.ToString()); this.IsEndUserRole = role.IsEndUserRole; this.MailboxPlanIndex = role.MailboxPlanIndex; }
private bool IsUserRequiredForAssignment(ExchangeRoleAssignment roleAssignment) { if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment)) { return(false); } ExchangeRole role = this.GetRole(roleAssignment.Role); return(role.IsValid && (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType)) && role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet())); }
private bool IsNonDeprecatedRole() { ExchangeRole exchangeRole = (ExchangeRole)base.GetDataObject <ExchangeRole>(new RoleIdParameter(this.DataObject.Role), base.DataSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(this.DataObject.Role.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(this.DataObject.Role.ToString()))); if (exchangeRole != null && exchangeRole.IsDeprecated) { this.WriteWarning(Strings.ErrorCannotMoveRoleAssignmentOfDeprecatedRole(exchangeRole.ToString())); return(false); } return(true); }
private ExchangeRole TryFindSafeDCRoleOrUseDefault(ExchangeRole cannedRole) { string dcsafeNameForRole = RoleDefinition.GetDCSafeNameForRole(cannedRole.Name); ExchangeRole[] array = this.configurationSession.Find <ExchangeRole>(cannedRole.Id, QueryScope.OneLevel, new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Name, dcsafeNameForRole), null, 1); if (array != null && array.Length == 1) { return(array[0]); } return(cannedRole); }
private void CreateRoleAssignment(ExchangeRole role, ADRecipient recipient, RoleAssignmentDelegationType delegationType) { if (this.adSplitPermissionMode && delegationType == RoleAssignmentDelegationType.Regular && InstallCannedRbacRoleAssignments.invalidRoleTypesInADSplitPermissionMode.Contains(role.RoleType)) { base.WriteVerbose(Strings.VerboseSkipCreatingRoleAssignment(recipient.Id.ToString(), role.Id.ToString(), delegationType.ToString())); return; } RoleAssigneeType roleAssigneeType = ExchangeRoleAssignment.RoleAssigneeTypeFromADRecipient(recipient); RoleHelper.CreateRoleAssignment(role, recipient.Id, recipient.OrganizationId, roleAssigneeType, recipient.OriginatingServer, delegationType, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, this.configurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError)); }
private bool IsRoleInFilteredList(ExchangeRole role, List <RoleToRAPAssignmentDefinition> filteredDefinitions) { foreach (RoleToRAPAssignmentDefinition roleToRAPAssignmentDefinition in filteredDefinitions) { if (role.RoleType == roleToRAPAssignmentDefinition.Type) { return(true); } } return(false); }
private void RemoveRoleAssignmentsFromGroup(ExchangeRole role, ADGroup group, RoleAssignmentDelegationType delegationType) { foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer), QueryScope.OneLevel, new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id), new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, group.Id), new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType) }), null, 0)) { this.configurationSession.Delete(exchangeRoleAssignment); base.LogWriteObject(exchangeRoleAssignment); } }
private bool UpdateImplictScope(ExchangeRole exchangeRole) { string value = exchangeRole.Name.Replace(" ", string.Empty).Replace("-", string.Empty); RoleType roleType; if (Enum.TryParse <RoleType>(value, true, out roleType)) { exchangeRole.RoleType = roleType; exchangeRole.StampImplicitScopes(); exchangeRole.StampIsEndUserRole(); return(true); } return(false); }
protected RoleEntry[] GetSortedRoleEntries(ExchangeRole role) { RoleEntry[] array; if (role.ExchangeVersion == ExchangeRoleSchema.Exchange2009_R3) { array = ((MultiValuedProperty <RoleEntry>)role[ExchangeRoleSchema.InternalDownlevelRoleEntries]).ToArray(); } else { array = role.RoleEntries.ToArray(); } Array.Sort <RoleEntry>(array, RoleEntryComparer.Instance); return(array); }
private ExchangeRole GetRole(ADObjectId roleId) { ExchangeRole exchangeRole = this.CacheRoles.FirstOrDefault((ExchangeRole x) => x.Id.Equals(roleId)); if (exchangeRole == null) { exchangeRole = this.configurationSession.Read <ExchangeRole>(roleId); if (exchangeRole == null) { this.writeError(new ManagementObjectNotFoundException(Strings.ErrorObjectNotFound(roleId.ToString())), ExchangeErrorCategory.Client, null); } this.CacheRoles.Add(exchangeRole); } return(exchangeRole); }
protected void FindAndMatchDerivedRoles(ExchangeRole parentRole, RoleEntry[] oldParentRoleEntries, List <ExchangeRole> newRoles, ref int recursionCount) { ExTraceGlobals.AccessCheckTracer.TraceFunction <string, int, int>(20009L, "--->FindAndMatchDerivedRoles: parentRole.Name = {0}, newRoles.Count = {1}, recursionCount = {2}", parentRole.Name, newRoles.Count, recursionCount); if (++recursionCount >= 1000) { return; } ADPagedReader <ExchangeRole> adpagedReader = this.settings.ConfigurationSession.FindPaged <ExchangeRole>(parentRole.Id, QueryScope.OneLevel, null, null, 0); foreach (ExchangeRole exchangeRole in adpagedReader) { ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20009L, "----MatchDerivedRoles: childRole = {0}", exchangeRole.Name); this.settings.LogReadObject(exchangeRole); RoleEntry[] array = base.PrepareRoleForUpgradeAndGetOldSortedEntries(exchangeRole, false); exchangeRole.RoleState = parentRole.RoleState; exchangeRole.RoleType = parentRole.RoleType; List <RoleEntry> listOfRoleEntriesForChildRole = base.GetListOfRoleEntriesForChildRole(oldParentRoleEntries, array, parentRole.RoleEntries.ToArray <RoleEntry>(), exchangeRole.IsChanged(ADObjectSchema.ExchangeVersion)); exchangeRole.RoleEntries = new MultiValuedProperty <RoleEntry>(listOfRoleEntriesForChildRole); List <ExchangeRole> list = new List <ExchangeRole>(); foreach (ExchangeRole exchangeRole2 in newRoles) { RoleEntry[] sortedRoleEntries = base.GetSortedRoleEntries(exchangeRole2); listOfRoleEntriesForChildRole = base.GetListOfRoleEntriesForChildRole(oldParentRoleEntries, array, sortedRoleEntries, exchangeRole.IsChanged(ADObjectSchema.ExchangeVersion)); if (base.RoleEntriesMatch(sortedRoleEntries, listOfRoleEntriesForChildRole.ToArray())) { ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string>(20009L, "----FindAndMatchDerivedRoles: Perfect role match. splittingRole = {0}, newRole = {1}", exchangeRole.Name, exchangeRole2.Name); base.CloneRoleAssignments(exchangeRole, exchangeRole2); list.Add(exchangeRole2); } else { ExTraceGlobals.AccessCheckTracer.TraceFunction <string, ExchangeRole>(20009L, "----FindAndMatchDerivedRoles: Unable to match with role. splittingRole = {0}, newRole = {1}", exchangeRole.Name, exchangeRole2); if (listOfRoleEntriesForChildRole.Count > 0) { ExchangeRole exchangeRole3 = base.CreateCustomizedDerivedRole(exchangeRole2, listOfRoleEntriesForChildRole, exchangeRole.Name); base.CloneRoleAssignments(exchangeRole, exchangeRole3); list.Add(exchangeRole3); this.settings.WriteWarning(Strings.WarningCustomRoleCreatedDuringUpgradeForSplittingRole(exchangeRole3.Name, exchangeRole.Name, parentRole.Name)); } } } this.FindAndMatchDerivedRoles(exchangeRole, array, list, ref recursionCount); base.SaveDerivedRoleAndWarnOnValidationErrors(exchangeRole); } recursionCount--; ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20009L, "<---FindAndMatchDerivedRoles: recursionCount = {0}", recursionCount); }
private bool FindRoleAssignment(ExchangeRole role, ADRecipient user, RoleAssignmentDelegationType delegationType) { using (IEnumerator <ExchangeRoleAssignment> enumerator = this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id), new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, user.Id), new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType) }), null, 1).GetEnumerator()) { if (enumerator.MoveNext()) { ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current; return(true); } } return(false); }
protected void SaveRoleAndWarnOnFailure(ExchangeRole role) { try { this.settings.ConfigurationSession.Save(role); this.settings.LogWriteObject(role); this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole))); } catch (DataSourceOperationException ex) { this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex.Message)); } catch (DataValidationException ex2) { this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex2.Message)); } }