private bool IsSafeToRemoveDisableAssignmentFromGroup(ExchangeRoleAssignment roleAssignment)
{
if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment))
{
return(true);
}
ExchangeRole role = this.GetRole(roleAssignment.Role);
if (!role.IsValid)
{
return(true);
}
bool flag = true;
bool verifyGroupEmptiness = false;
if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.DelegatingOrgWide) && role.IsRootRole && !role.IsUnscoped)
{
flag = false;
}
if (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType))
{
flag = false;
verifyGroupEmptiness = true;
}
flag = (flag || !role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet()));
if (!flag)
{
flag = this.ExistDistinctRoleAssignmentForGroup(roleAssignment, role, verifyGroupEmptiness);
}
return(flag);
}
private void RemoveObsoleteEntriesAndParameters(ExchangeRole role)
{
if (role.RoleType == RoleType.UnScoped)
{
return;
}
List <RoleEntry> list = new List <RoleEntry>();
foreach (RoleEntry roleEntry in role.RoleEntries)
{
RoleEntry roleEntry2 = roleEntry.FindAndIntersectWithMatchingParameters(this.allAllowedRoleEntriesForSKU);
if (roleEntry2 != null)
{
list.Add(roleEntry2);
if (roleEntry2 != roleEntry)
{
base.WriteVerbose(Strings.ConfirmationMessageRemoveManagementRoleEntry(roleEntry.ToString(), role.Id.ToString()));
base.WriteVerbose(Strings.ConfirmationMessageNewManagementRoleEntry(roleEntry2.ToString(), role.Id.ToString()));
}
}
else
{
base.WriteVerbose(Strings.ConfirmationMessageRemoveManagementRoleEntry(roleEntry.ToString(), role.Id.ToString()));
}
}
role.RoleEntries = new MultiValuedProperty <RoleEntry>(list);
}
protected virtual void CreateOrUpdateRoles(RoleNameMapping mapping, List <RoleDefinition> roleDefinitions, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20008L, "-->CreateOrUpdateRoles: roleDefinitions count = {0}", roleDefinitions.Count);
List <ExchangeRole> list = new List <ExchangeRole>(roleDefinitions.Count);
foreach (RoleDefinition definition in roleDefinitions)
{
ExchangeRole exchangeRole = base.CreateOrUpdateRole(null, definition, enabledPermissionFeatures, suffix, mailboxPlanIndex);
if (exchangeRole != null)
{
list.Add(exchangeRole);
}
}
string text = (suffix == null) ? mapping.OldName : (mapping.OldName + suffix);
ExchangeRole exchangeRole2 = this.settings.ConfigurationSession.Read <ExchangeRole>(this.settings.RolesContainerId.GetChildId(text));
if (exchangeRole2 == null)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "<--CreateOrUpdateRoles: Deprecated role not found. oldRoleName = {0}", text);
return;
}
this.settings.LogReadObject(exchangeRole2);
foreach (ExchangeRole newRole in list)
{
this.CloneRoleAssignments(exchangeRole2, newRole);
}
RoleEntry[] deprecatedParentRoleEntries = base.PrepareRoleForUpgradeAndGetOldSortedEntries(exchangeRole2, true);
int num = 0;
this.MatchDerivedRoles(exchangeRole2, deprecatedParentRoleEntries, list, ref num);
base.SaveRoleAndWarnOnFailure(exchangeRole2);
this.settings.LogWriteObject(exchangeRole2);
ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--CreateOrUpdateRoles");
}
private IEnumerable <ExchangeRoleAssignment> FindExchangeRoleAssignments(QueryFilter filter, ObjectId rootId, bool deepSearch, SortBy sortBy, int pageSize = 2147483647, bool includeScopes = true)
{
IEnumerable <ExchangeRoleAssignment> roleAssignments = base.FindAndHandleException <ExchangeRoleAssignment>(filter, rootId, deepSearch, sortBy, pageSize);
IEnumerable <string> roleNames = (from roleAssignment in roleAssignments
select roleAssignment.Role.Name).Distinct(StringComparer.OrdinalIgnoreCase).ToArray <string>();
Dictionary <string, ExchangeRole> cannedRoles = new Dictionary <string, ExchangeRole>(StringComparer.OrdinalIgnoreCase);
foreach (string text in roleNames)
{
ExchangeRole exchangeRole = new ExchangeRole
{
Name = text
};
if (this.UpdateImplictScope(exchangeRole))
{
cannedRoles.Add(text, exchangeRole);
}
}
foreach (ExchangeRoleAssignment roleAssignment2 in roleAssignments)
{
FfoDirectorySession.FixDistinguishedName(roleAssignment2, base.TenantId.DistinguishedName, base.TenantId.ObjectGuid, ((ADObjectId)roleAssignment2.Identity).ObjectGuid, ExchangeRoleAssignment.RdnContainer);
roleAssignment2.Role = FfoDirectorySession.GetUpdatedADObjectIdWithDN(roleAssignment2.Role, base.TenantId.DistinguishedName, base.TenantId.ObjectGuid, ExchangeRole.RdnContainer);
if (roleAssignment2.RoleAssigneeType == RoleAssigneeType.RoleGroup && cannedRoles.ContainsKey(roleAssignment2.Role.Name))
{
ExchangeRole exchangeRole2 = cannedRoles[roleAssignment2.Role.Name];
roleAssignment2.RecipientReadScope = exchangeRole2.ImplicitRecipientReadScope;
roleAssignment2.ConfigReadScope = exchangeRole2.ImplicitConfigReadScope;
roleAssignment2.RecipientWriteScope = (RecipientWriteScopeType)exchangeRole2.ImplicitRecipientWriteScope;
roleAssignment2.ConfigWriteScope = (ConfigWriteScopeType)exchangeRole2.ImplicitConfigWriteScope;
}
yield return(roleAssignment2);
}
yield break;
}
protected void UpdateCannedRole(ExchangeRole existingRole, ExchangeRole cannedRole, List <ExchangeRole> newRoles)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "-->UpdateCannedRole: existingRole = {0}, existingRoleVersion = {1}, existingRole-RoleType = {2}, cannedRole = {3}, cannedRoleVersion = {4}, cannedRole-RoleType = {5}", new object[]
{
existingRole.Name,
existingRole.ExchangeVersion.ToString(),
existingRole.RoleType.ToString(),
cannedRole.Name,
cannedRole.ExchangeVersion.ToString(),
cannedRole.RoleType.ToString()
});
bool flag = existingRole.ExchangeVersion == ExchangeRoleSchema.Exchange2009_R3;
RoleEntry[] array = base.PrepareRoleForUpgradeAndGetOldSortedEntries(existingRole, false);
if (existingRole.IsModified(ADObjectSchema.ExchangeVersion))
{
existingRole.RoleType = cannedRole.RoleType;
}
foreach (ExchangeRole newRole in newRoles)
{
base.CloneRoleAssignments(existingRole, newRole);
}
existingRole.RoleEntries = (flag ? cannedRole.RoleEntries : base.CalculateUpdatedRoleEntries(cannedRole, array));
int num = 0;
this.FindAndMatchDerivedRoles(existingRole, array, newRoles, ref num);
existingRole.OrganizationId = this.settings.OrganizationId;
base.SaveRoleAndWarnOnFailure(existingRole);
ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<---UpdateCannedRole");
}
protected override void CreateOrUpdateRoles(RoleNameMapping mapping, List <RoleDefinition> roleDefinitions, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20009L, "-->CreateOrUpdateRoles: roleDefinitions count = {0}", roleDefinitions.Count);
RoleDefinition item = roleDefinitions.First((RoleDefinition x) => x.RoleName.Equals(mapping.OldName));
roleDefinitions.Remove(item);
List <ExchangeRole> list = new List <ExchangeRole>(roleDefinitions.Count);
foreach (RoleDefinition definition in roleDefinitions)
{
ExchangeRole exchangeRole = base.CreateOrUpdateRole(null, definition, enabledPermissionFeatures, suffix, mailboxPlanIndex);
if (exchangeRole != null)
{
list.Add(exchangeRole);
}
}
ExchangeRole exchangeRole2 = item.GenerateRole(enabledPermissionFeatures, this.settings.RolesContainerId, suffix, mailboxPlanIndex);
string unescapedCommonName = (suffix == null) ? mapping.OldName : (mapping.OldName + suffix);
ExchangeRole exchangeRole3 = this.settings.ConfigurationSession.Read <ExchangeRole>(this.settings.RolesContainerId.GetChildId(unescapedCommonName));
if (exchangeRole3 == null)
{
if (exchangeRole2.RoleEntries.Count > 0)
{
exchangeRole2.OrganizationId = this.settings.OrganizationId;
base.SaveRoleAndSuggestCleanupOnFailure(exchangeRole2);
ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRole: New Role created");
}
return;
}
this.settings.LogReadObject(exchangeRole3);
this.UpdateCannedRole(exchangeRole3, exchangeRole2, list);
ExTraceGlobals.AccessCheckTracer.TraceFunction(20009L, "<--CreateOrUpdateRoles");
}
private bool FindRoleAssignment(ExchangeRole role, ADObjectId userId, ExchangeRoleAssignment roleAssigmentToFind)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string>(20008L, "-->FindRoleAssignment: role.Name = {0}, userId.Name = {1}", role.Name, userId.Name);
List <ComparisonFilter> list = new List <ComparisonFilter>();
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id));
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, userId));
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags, roleAssigmentToFind[ExchangeRoleAssignmentSchema.ExchangeRoleAssignmentFlags]));
if (roleAssigmentToFind.CustomConfigWriteScope != null)
{
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomConfigWriteScope, roleAssigmentToFind.CustomConfigWriteScope));
}
if (roleAssigmentToFind.CustomRecipientWriteScope != null)
{
list.Add(new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.CustomRecipientWriteScope, roleAssigmentToFind.CustomRecipientWriteScope));
}
using (IEnumerator <ExchangeRoleAssignment> enumerator = this.settings.ConfigurationSession.FindPaged <ExchangeRoleAssignment>(this.settings.OrgContainerId, QueryScope.SubTree, new AndFilter(list.ToArray()), null, 1).GetEnumerator())
{
if (enumerator.MoveNext())
{
ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current;
ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20008L, "<--FindRoleAssignment: Role assignment found. roleAssignment.Name = {0}", exchangeRoleAssignment.Name);
return(true);
}
}
ExTraceGlobals.AccessCheckTracer.TraceFunction(20008L, "<--FindRoleAssignment: Role assignment NOT found");
return(false);
}
protected void SaveRoleAndSuggestCleanupOnFailure(ExchangeRole role)
{
Exception ex = null;
try
{
this.settings.ConfigurationSession.Save(role);
this.settings.LogWriteObject(role);
this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole)));
}
catch (DataSourceOperationException ex2)
{
ex = ex2;
}
catch (DataValidationException ex3)
{
ex = ex3;
}
if (ex != null)
{
CorruptedRoleNeedsCleanupException ex4 = new CorruptedRoleNeedsCleanupException(role.Identity.ToString(), ex.Message, ex);
if (!this.settings.Task.Stopping)
{
TaskLogger.SendWatsonReport(ex4);
}
this.settings.WriteError(ex4, ErrorCategory.InvalidOperation, null);
}
}
internal RoleAndSession(ExchangeRole role, IConfigDataProvider configSession, ExchangeRole parentRole)
{
this.Role = role;
this.ConfigSession = configSession;
this.ParentRole = parentRole;
this.PipelinedElements = new List <AddRemoveManagementRoleEntryActionBase.PipelinedElement>();
}
protected void SaveDerivedRoleAndWarnOnValidationErrors(ExchangeRole role)
{
if (role.IsRootRole)
{
throw new ArgumentNullException("Only derive roles should be");
}
try
{
int count = role.RoleEntries.Count;
ValidationError[] array = role.Validate();
role.AllowEmptyRole = true;
this.settings.ConfigurationSession.Save(role);
this.settings.LogWriteObject(role);
this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole)));
if (array != null && array.Length != 0)
{
this.settings.WriteWarning(Strings.WarningInvalidRoleAfterUpgrade(role.Identity.ToString(), MultiValuedPropertyBase.FormatMultiValuedProperty(array)));
}
}
catch (DataSourceOperationException ex)
{
this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex.Message));
}
catch (DataValidationException ex2)
{
this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex2.Message));
}
}
// Token: 0x06001424 RID: 5156 RVA: 0x00048FBC File Offset: 0x000471BC
private static bool IsWebMethodInDefaultRoleType(string webMethodName, RoleType roleType, ref List <string> entriesCache)
{
if (string.IsNullOrEmpty(webMethodName))
{
throw new ArgumentNullException("webMethodName");
}
if (entriesCache == null)
{
lock (PartnerApplicationRunspaceConfiguration.staticLock)
{
if (entriesCache == null)
{
ExchangeRole rootRoleForRoleType = PartnerApplicationRunspaceConfiguration.GetRootRoleForRoleType(roleType);
if (rootRoleForRoleType != null)
{
entriesCache = (from x in rootRoleForRoleType.RoleEntries
select x.Name).ToList <string>();
entriesCache.Sort();
}
else
{
entriesCache = new List <string>();
}
}
}
}
return(entriesCache.BinarySearch(webMethodName, StringComparer.OrdinalIgnoreCase) >= 0);
}
private static RoleDefinition[] FilterOrgRolesByRoleGroupFilters(RoleDefinition[] roles, List <string> enabledRoleGroupAssignmentFeatures, RoleGroupRoleMapping[] definitions, out List <string> extraRolesToRemove)
{
HashSet <RoleDefinition> hashSet = new HashSet <RoleDefinition>();
foreach (RoleDefinition item in roles)
{
bool flag = !ExchangeRole.IsAdminRole(item.RoleType);
if (flag)
{
hashSet.Add(item);
}
else
{
foreach (RoleGroupRoleMapping roleGroupRoleMapping in definitions)
{
foreach (RoleAssignmentDefinition roleAssignmentDefinition in roleGroupRoleMapping.Assignments)
{
if (roleAssignmentDefinition.RoleType == item.RoleType && roleAssignmentDefinition.SatisfyCondition(enabledRoleGroupAssignmentFeatures) && !hashSet.Contains(item))
{
hashSet.Add(item);
}
}
}
}
}
extraRolesToRemove = new List <string>();
foreach (RoleDefinition item2 in roles)
{
if (!hashSet.Contains(item2))
{
extraRolesToRemove.Add(item2.RoleName);
}
}
return(hashSet.ToArray <RoleDefinition>());
}
private void RemoveAllRoleAssignmentsForOneRole(ExchangeRole role, RoleAssignmentDelegationType delegationType)
{
QueryFilter queryFilter;
if (delegationType == RoleAssignmentDelegationType.Regular)
{
queryFilter = new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType);
}
else
{
queryFilter = new OrFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, RoleAssignmentDelegationType.Delegating),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, RoleAssignmentDelegationType.DelegatingOrgWide)
});
}
foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer), QueryScope.OneLevel, new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id),
queryFilter
}), null, 0))
{
this.configurationSession.Delete(exchangeRoleAssignment);
base.LogWriteObject(exchangeRoleAssignment);
}
}
private void CreateRoleAssignmentDefinition(RoleAssignmentDefinition roleAssignmentDefinition, ADGroup roleGroup, List <ExchangeRole> precannedRoles)
{
List <ExchangeRole> list = precannedRoles.FindAll((ExchangeRole x) => x.RoleType.Equals(roleAssignmentDefinition.RoleType));
if (roleAssignmentDefinition.UseSafeRole)
{
List <ExchangeRole> list2 = new List <ExchangeRole>(list.Count);
foreach (ExchangeRole cannedRole in list)
{
ExchangeRole exchangeRole = this.TryFindSafeDCRoleOrUseDefault(cannedRole);
if (exchangeRole != null)
{
list2.Add(exchangeRole);
}
}
list = list2;
}
foreach (ExchangeRole role in list)
{
if (!this.FindRoleAssignment(role, roleGroup, roleAssignmentDefinition.DelegationType))
{
this.CreateRoleAssignment(role, roleGroup, roleAssignmentDefinition.DelegationType);
}
}
}
private void CreateCustomRole(RoleDefinition customRoleDefinition, List <string> enabledPermissionFeatures, string suffix, string mailboxPlanIndex)
{
ADObjectId childId = this.rolesContainerId.GetChildId(customRoleDefinition.ParentRoleName + suffix);
ExchangeRole exchangeRole = customRoleDefinition.GenerateRole(enabledPermissionFeatures, childId, suffix, mailboxPlanIndex);
exchangeRole.OrganizationId = base.CurrentOrganizationId;
this.configurationSession.Save(exchangeRole);
}
private bool TryRenameDeriveEndUserRole(ExchangeRole role)
{
if (role.IsRootRole || !role.IsEndUserRole)
{
throw new ArgumentException(string.Format("Invalid role {0}. Only NON root roles and endUser roles can be renamed.", role.Name));
}
string text = ("renamed_" + role.Name).Trim();
if (text.Length > 64)
{
text = text.Substring(0, 64).Trim();
}
string text2 = text;
if (text2.Length > 61)
{
text2 = text2.Substring(0, 61).Trim();
}
int num = 1;
bool flag = false;
for (;;)
{
QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Name, text);
ExchangeRole[] array = this.configurationSession.FindPaged <ExchangeRole>(this.rolesContainerId, QueryScope.SubTree, filter, null, 0).ReadAllPages();
if (array.Length == 0)
{
break;
}
text = text2 + "-" + num.ToString();
num++;
if (num >= 100)
{
goto IL_C5;
}
}
flag = true;
IL_C5:
if (flag)
{
try
{
role.AllowEmptyRole = true;
role.Name = text;
this.configurationSession.Save(role);
base.LogWriteObject(role);
}
catch (DataSourceOperationException ex)
{
this.WriteWarning(Strings.WarningRenamingRole(role.Name, ex.Message));
}
catch (DataValidationException ex2)
{
this.WriteWarning(Strings.WarningRenamingRole(role.Name, ex2.Message));
}
}
return(flag);
}
private void DeleteRoleAssigments(ExchangeRole deprecatedRole)
{
foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, deprecatedRole.Id), null, 0))
{
base.LogReadObject(exchangeRoleAssignment);
this.configurationSession.Delete(exchangeRoleAssignment);
base.LogWriteObject(exchangeRoleAssignment);
}
}
public EndUserRoleRow(ExchangeRole role) : base(role)
{
base.Name = role.Name;
base.Description = role.Description;
base.Group = role.RoleType.ToString();
base.Parent = (role.IsRootRole ? null : role.RoleType.ToString());
this.IsEndUserRole = role.IsEndUserRole;
this.MailboxPlanIndex = role.MailboxPlanIndex;
}
private bool IsUserRequiredForAssignment(ExchangeRoleAssignment roleAssignment)
{
if (!RoleAssignmentsGlobalConstraints.IsValidCannedRoleToGroupAssignment(roleAssignment))
{
return(false);
}
ExchangeRole role = this.GetRole(roleAssignment.Role);
return(role.IsValid && (roleAssignment.RoleAssignmentDelegationType.Equals(RoleAssignmentDelegationType.Regular) && role.IsRootRole && RoleAssignmentsGlobalConstraints.RoleTypesWithRegularAssignment.Contains(role.RoleType)) && role.GetImplicitScopeSet().Equals(roleAssignment.GetSimpleScopeSet()));
}
private bool IsNonDeprecatedRole()
{
ExchangeRole exchangeRole = (ExchangeRole)base.GetDataObject <ExchangeRole>(new RoleIdParameter(this.DataObject.Role), base.DataSession, null, new LocalizedString?(Strings.ErrorRoleNotFound(this.DataObject.Role.ToString())), new LocalizedString?(Strings.ErrorRoleNotUnique(this.DataObject.Role.ToString())));
if (exchangeRole != null && exchangeRole.IsDeprecated)
{
this.WriteWarning(Strings.ErrorCannotMoveRoleAssignmentOfDeprecatedRole(exchangeRole.ToString()));
return(false);
}
return(true);
}
private ExchangeRole TryFindSafeDCRoleOrUseDefault(ExchangeRole cannedRole)
{
string dcsafeNameForRole = RoleDefinition.GetDCSafeNameForRole(cannedRole.Name);
ExchangeRole[] array = this.configurationSession.Find <ExchangeRole>(cannedRole.Id, QueryScope.OneLevel, new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Name, dcsafeNameForRole), null, 1);
if (array != null && array.Length == 1)
{
return(array[0]);
}
return(cannedRole);
}
private void CreateRoleAssignment(ExchangeRole role, ADRecipient recipient, RoleAssignmentDelegationType delegationType)
{
if (this.adSplitPermissionMode && delegationType == RoleAssignmentDelegationType.Regular && InstallCannedRbacRoleAssignments.invalidRoleTypesInADSplitPermissionMode.Contains(role.RoleType))
{
base.WriteVerbose(Strings.VerboseSkipCreatingRoleAssignment(recipient.Id.ToString(), role.Id.ToString(), delegationType.ToString()));
return;
}
RoleAssigneeType roleAssigneeType = ExchangeRoleAssignment.RoleAssigneeTypeFromADRecipient(recipient);
RoleHelper.CreateRoleAssignment(role, recipient.Id, recipient.OrganizationId, roleAssigneeType, recipient.OriginatingServer, delegationType, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, this.configurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
private bool IsRoleInFilteredList(ExchangeRole role, List <RoleToRAPAssignmentDefinition> filteredDefinitions)
{
foreach (RoleToRAPAssignmentDefinition roleToRAPAssignmentDefinition in filteredDefinitions)
{
if (role.RoleType == roleToRAPAssignmentDefinition.Type)
{
return(true);
}
}
return(false);
}
private void RemoveRoleAssignmentsFromGroup(ExchangeRole role, ADGroup group, RoleAssignmentDelegationType delegationType)
{
foreach (ExchangeRoleAssignment exchangeRoleAssignment in this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId.GetDescendantId(ExchangeRoleAssignment.RdnContainer), QueryScope.OneLevel, new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, group.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType)
}), null, 0))
{
this.configurationSession.Delete(exchangeRoleAssignment);
base.LogWriteObject(exchangeRoleAssignment);
}
}
private bool UpdateImplictScope(ExchangeRole exchangeRole)
{
string value = exchangeRole.Name.Replace(" ", string.Empty).Replace("-", string.Empty);
RoleType roleType;
if (Enum.TryParse <RoleType>(value, true, out roleType))
{
exchangeRole.RoleType = roleType;
exchangeRole.StampImplicitScopes();
exchangeRole.StampIsEndUserRole();
return(true);
}
return(false);
}
protected RoleEntry[] GetSortedRoleEntries(ExchangeRole role)
{
RoleEntry[] array;
if (role.ExchangeVersion == ExchangeRoleSchema.Exchange2009_R3)
{
array = ((MultiValuedProperty <RoleEntry>)role[ExchangeRoleSchema.InternalDownlevelRoleEntries]).ToArray();
}
else
{
array = role.RoleEntries.ToArray();
}
Array.Sort <RoleEntry>(array, RoleEntryComparer.Instance);
return(array);
}
private ExchangeRole GetRole(ADObjectId roleId)
{
ExchangeRole exchangeRole = this.CacheRoles.FirstOrDefault((ExchangeRole x) => x.Id.Equals(roleId));
if (exchangeRole == null)
{
exchangeRole = this.configurationSession.Read <ExchangeRole>(roleId);
if (exchangeRole == null)
{
this.writeError(new ManagementObjectNotFoundException(Strings.ErrorObjectNotFound(roleId.ToString())), ExchangeErrorCategory.Client, null);
}
this.CacheRoles.Add(exchangeRole);
}
return(exchangeRole);
}
protected void FindAndMatchDerivedRoles(ExchangeRole parentRole, RoleEntry[] oldParentRoleEntries, List <ExchangeRole> newRoles, ref int recursionCount)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, int, int>(20009L, "--->FindAndMatchDerivedRoles: parentRole.Name = {0}, newRoles.Count = {1}, recursionCount = {2}", parentRole.Name, newRoles.Count, recursionCount);
if (++recursionCount >= 1000)
{
return;
}
ADPagedReader <ExchangeRole> adpagedReader = this.settings.ConfigurationSession.FindPaged <ExchangeRole>(parentRole.Id, QueryScope.OneLevel, null, null, 0);
foreach (ExchangeRole exchangeRole in adpagedReader)
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string>(20009L, "----MatchDerivedRoles: childRole = {0}", exchangeRole.Name);
this.settings.LogReadObject(exchangeRole);
RoleEntry[] array = base.PrepareRoleForUpgradeAndGetOldSortedEntries(exchangeRole, false);
exchangeRole.RoleState = parentRole.RoleState;
exchangeRole.RoleType = parentRole.RoleType;
List <RoleEntry> listOfRoleEntriesForChildRole = base.GetListOfRoleEntriesForChildRole(oldParentRoleEntries, array, parentRole.RoleEntries.ToArray <RoleEntry>(), exchangeRole.IsChanged(ADObjectSchema.ExchangeVersion));
exchangeRole.RoleEntries = new MultiValuedProperty <RoleEntry>(listOfRoleEntriesForChildRole);
List <ExchangeRole> list = new List <ExchangeRole>();
foreach (ExchangeRole exchangeRole2 in newRoles)
{
RoleEntry[] sortedRoleEntries = base.GetSortedRoleEntries(exchangeRole2);
listOfRoleEntriesForChildRole = base.GetListOfRoleEntriesForChildRole(oldParentRoleEntries, array, sortedRoleEntries, exchangeRole.IsChanged(ADObjectSchema.ExchangeVersion));
if (base.RoleEntriesMatch(sortedRoleEntries, listOfRoleEntriesForChildRole.ToArray()))
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, string>(20009L, "----FindAndMatchDerivedRoles: Perfect role match. splittingRole = {0}, newRole = {1}", exchangeRole.Name, exchangeRole2.Name);
base.CloneRoleAssignments(exchangeRole, exchangeRole2);
list.Add(exchangeRole2);
}
else
{
ExTraceGlobals.AccessCheckTracer.TraceFunction <string, ExchangeRole>(20009L, "----FindAndMatchDerivedRoles: Unable to match with role. splittingRole = {0}, newRole = {1}", exchangeRole.Name, exchangeRole2);
if (listOfRoleEntriesForChildRole.Count > 0)
{
ExchangeRole exchangeRole3 = base.CreateCustomizedDerivedRole(exchangeRole2, listOfRoleEntriesForChildRole, exchangeRole.Name);
base.CloneRoleAssignments(exchangeRole, exchangeRole3);
list.Add(exchangeRole3);
this.settings.WriteWarning(Strings.WarningCustomRoleCreatedDuringUpgradeForSplittingRole(exchangeRole3.Name, exchangeRole.Name, parentRole.Name));
}
}
}
this.FindAndMatchDerivedRoles(exchangeRole, array, list, ref recursionCount);
base.SaveDerivedRoleAndWarnOnValidationErrors(exchangeRole);
}
recursionCount--;
ExTraceGlobals.AccessCheckTracer.TraceFunction <int>(20009L, "<---FindAndMatchDerivedRoles: recursionCount = {0}", recursionCount);
}
private bool FindRoleAssignment(ExchangeRole role, ADRecipient user, RoleAssignmentDelegationType delegationType)
{
using (IEnumerator <ExchangeRoleAssignment> enumerator = this.configurationSession.FindPaged <ExchangeRoleAssignment>(base.OrgContainerId, QueryScope.SubTree, new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.Role, role.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.User, user.Id),
new ComparisonFilter(ComparisonOperator.Equal, ExchangeRoleAssignmentSchema.RoleAssignmentDelegationType, delegationType)
}), null, 1).GetEnumerator())
{
if (enumerator.MoveNext())
{
ExchangeRoleAssignment exchangeRoleAssignment = enumerator.Current;
return(true);
}
}
return(false);
}
protected void SaveRoleAndWarnOnFailure(ExchangeRole role)
{
try
{
this.settings.ConfigurationSession.Save(role);
this.settings.LogWriteObject(role);
this.settings.WriteVerbose(TaskVerboseStringHelper.GetSaveObjectVerboseString(role, this.settings.ConfigurationSession, typeof(ExchangeRole)));
}
catch (DataSourceOperationException ex)
{
this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex.Message));
}
catch (DataValidationException ex2)
{
this.settings.WriteWarning(Strings.WarningCannotUpgradeRole(role.Identity.ToString(), ex2.Message));
}
}
