private static void ValidateRouteAllMessagesViaOnPremisesParameter(TenantOutboundConnector dataObject, IConfigDataProvider dataSession, Task task)
{
if (dataObject.RouteAllMessagesViaOnPremises && !NewInboundConnector.FindTenantScopedOnPremiseInboundConnector(dataSession, null))
{
task.WriteError(new CMCConnectorRequiresTenantScopedInboundConnectorException(), ErrorCategory.InvalidArgument, null);
}
}
private static void ValidateCentralizedMailControlAndAssociatedAcceptedDomainsRestriction(IConfigDataProvider dataSession, TenantInboundConnector dataObject, Task task)
{
TenantOutboundConnector[] array = (TenantOutboundConnector[])dataSession.Find <TenantOutboundConnector>(null, null, true, null);
foreach (TenantOutboundConnector tenantOutboundConnector in array)
{
if (tenantOutboundConnector.Enabled && tenantOutboundConnector.RouteAllMessagesViaOnPremises)
{
if (!NewInboundConnector.FindTenantScopedOnPremiseInboundConnector(dataSession, (TenantInboundConnector c) => ((ADObjectId)c.Identity).ObjectGuid != ((ADObjectId)dataObject.Identity).ObjectGuid))
{
task.WriteError(new TenantScopedInboundConnectorRequiredForCMCConnectorException(tenantOutboundConnector.Name), ErrorCategory.InvalidArgument, null);
}
break;
}
}
}
protected override void InternalValidate()
{
base.InternalValidate();
if (base.HasErrors)
{
return;
}
if (base.Fields.IsModified("AssociatedAcceptedDomains"))
{
NewInboundConnector.ValidateAssociatedAcceptedDomains(this.AssociatedAcceptedDomains, base.DataSession, this.DataObject, this.RootId, this, new Func <IIdentityParameter, IConfigDataProvider, ObjectId, LocalizedString?, LocalizedString?, IConfigurable>(base.GetDataObject <AcceptedDomain>));
}
if (this.DataObject.SenderDomains == null)
{
base.WriteError(new LocalizedException(new LocalizedString("Sender Domain cannot be null.")), ErrorCategory.InvalidArgument, null);
}
bool flag = false;
if (this.DataObject.SenderIPAddresses != null && this.DataObject.Enabled)
{
flag = true;
NewInboundConnector.ValidateSenderIPAddresses(this.DataObject.SenderIPAddresses, this, this.BypassValidation);
NewInboundConnector.CheckSenderIpAddressesOverlap(base.DataSession, this.DataObject, this);
}
if (this.DataObject.ConnectorType == TenantConnectorType.OnPremises)
{
bool flag2 = flag || this.DataObject.IsChanged(TenantInboundConnectorSchema.ConnectorType);
bool flag3 = this.DataObject.IsChanged(TenantInboundConnectorSchema.ConnectorType) || this.DataObject.IsChanged(TenantInboundConnectorSchema.TlsSenderCertificateName);
if ((flag2 || flag3) && !this.BypassValidation)
{
MultiValuedProperty <IPRange> ffoDCIPs;
MultiValuedProperty <SmtpX509IdentifierEx> ffoFDSmtpCerts;
MultiValuedProperty <ServiceProviderSettings> serviceProviders;
if (!HygieneDCSettings.GetSettings(out ffoDCIPs, out ffoFDSmtpCerts, out serviceProviders))
{
base.WriteError(new ConnectorValidationFailedException(), ErrorCategory.ConnectionError, null);
}
if (flag2)
{
NewInboundConnector.ValidateSenderIPAddressRestrictions(this.DataObject.SenderIPAddresses, ffoDCIPs, serviceProviders, this);
}
if (flag3)
{
NewInboundConnector.ValidateTlsSenderCertificateRestrictions(this.DataObject.TlsSenderCertificateName, ffoFDSmtpCerts, serviceProviders, this);
}
}
}
}
internal static void ValidateAssociatedAcceptedDomains(MultiValuedProperty <AcceptedDomainIdParameter> domainIdParameters, IConfigDataProvider dataSession, TenantInboundConnector dataObject, ObjectId rootId, Task task, Func <IIdentityParameter, IConfigDataProvider, ObjectId, LocalizedString?, LocalizedString?, IConfigurable> acceptedDomainsGetter)
{
if (domainIdParameters != null)
{
NewInboundConnector.ValidateCentralizedMailControlAndAssociatedAcceptedDomainsRestriction(dataSession, dataObject, task);
dataObject.AssociatedAcceptedDomains.Clear();
using (MultiValuedProperty <AcceptedDomainIdParameter> .Enumerator enumerator = domainIdParameters.GetEnumerator())
{
while (enumerator.MoveNext())
{
AcceptedDomainIdParameter acceptedDomainIdParameter = enumerator.Current;
AcceptedDomain acceptedDomain = (AcceptedDomain)acceptedDomainsGetter(acceptedDomainIdParameter, dataSession, rootId, new LocalizedString?(Strings.ErrorDefaultDomainNotFound(acceptedDomainIdParameter)), new LocalizedString?(Strings.ErrorDefaultDomainNotUnique(acceptedDomainIdParameter)));
dataObject.AssociatedAcceptedDomains.Add(acceptedDomain.Id);
}
return;
}
}
dataObject.AssociatedAcceptedDomains.Clear();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (base.HasErrors)
{
return;
}
if (base.Fields.IsModified("AssociatedAcceptedDomains"))
{
NewInboundConnector.ValidateAssociatedAcceptedDomains(this.AssociatedAcceptedDomains, base.DataSession, this.DataObject, this.RootId, this, new Func <IIdentityParameter, IConfigDataProvider, ObjectId, LocalizedString?, LocalizedString?, IConfigurable>(base.GetDataObject <AcceptedDomain>));
}
NewInboundConnector.ValidateSenderIPAddresses(this.DataObject.SenderIPAddresses, this, this.BypassValidation);
if (this.DataObject.ConnectorType == TenantConnectorType.OnPremises && !this.BypassValidation)
{
MultiValuedProperty <IPRange> ffoDCIPs;
MultiValuedProperty <SmtpX509IdentifierEx> ffoFDSmtpCerts;
MultiValuedProperty <ServiceProviderSettings> serviceProviders;
if (!HygieneDCSettings.GetSettings(out ffoDCIPs, out ffoFDSmtpCerts, out serviceProviders))
{
base.WriteError(new ConnectorValidationFailedException(), ErrorCategory.ConnectionError, null);
}
NewInboundConnector.ValidateSenderIPAddressRestrictions(this.DataObject.SenderIPAddresses, ffoDCIPs, serviceProviders, this);
NewInboundConnector.ValidateTlsSenderCertificateRestrictions(this.DataObject.TlsSenderCertificateName, ffoFDSmtpCerts, serviceProviders, this);
}
IEnumerable <TenantInboundConnector> enumerable = base.DataSession.FindPaged <TenantInboundConnector>(null, ((IConfigurationSession)base.DataSession).GetOrgContainerId().GetDescendantId(this.DataObject.ParentPath), false, null, ADGenericPagedReader <TenantInboundConnector> .DefaultPageSize);
foreach (TenantInboundConnector tenantInboundConnector in enumerable)
{
if (StringComparer.OrdinalIgnoreCase.Equals(this.DataObject.Name, tenantInboundConnector.Name))
{
base.WriteError(new ErrorInboundConnectorAlreadyExistsException(tenantInboundConnector.Name), ErrorCategory.InvalidOperation, null);
break;
}
}
NewInboundConnector.CheckSenderIpAddressesOverlap(base.DataSession, this.DataObject, this);
TaskLogger.LogExit();
}
internal static void ValidateSenderIPAddresses(IEnumerable <IPRange> addressRanges, Task task, bool bypassValidation)
{
if (addressRanges == null)
{
return;
}
foreach (IPRange iprange in addressRanges)
{
if (iprange.LowerBound.AddressFamily == AddressFamily.InterNetworkV6 || iprange.UpperBound.AddressFamily == AddressFamily.InterNetworkV6)
{
task.WriteError(new IPv6AddressesRangesAreNotAllowedInConnectorException(iprange.Expression), ErrorCategory.InvalidArgument, null);
}
if (iprange.RangeFormat != IPRange.Format.SingleAddress && iprange.RangeFormat != IPRange.Format.CIDR)
{
task.WriteError(new InvalidIPRangeFormatException(iprange.Expression), ErrorCategory.InvalidArgument, null);
}
if (iprange.RangeFormat == IPRange.Format.CIDR && iprange.CIDRLength < 24)
{
task.WriteError(new InvalidCidrRangeException(iprange.Expression, 24), ErrorCategory.InvalidArgument, null);
}
NewInboundConnector.ValidateIPAddress(iprange, iprange.UpperBound, task, bypassValidation);
NewInboundConnector.ValidateIPAddress(iprange, iprange.LowerBound, task, bypassValidation);
}
}