示例#1
0
        internal static bool ApplyAcesOnAcl(Task.TaskVerboseLoggingDelegate verboseLogger, Task.TaskWarningLoggingDelegate warningLogger, Task.ErrorLoggerDelegate errorLogger, string objectIdentityString, ActiveDirectorySecurity acl, bool remove, params ActiveDirectoryAccessRule[] aces)
        {
            bool result = false;

            if (!acl.AreAccessRulesCanonical)
            {
                LocalizedString message = Strings.InfoAclNotCanonical(objectIdentityString);
                if (errorLogger != null)
                {
                    errorLogger(new TaskInvalidOperationException(message), ExchangeErrorCategory.ServerOperation, null);
                }
                else if (warningLogger != null)
                {
                    warningLogger(message);
                }
                else if (verboseLogger != null)
                {
                    verboseLogger(message);
                }
                return(false);
            }
            int i = 0;

            while (i < aces.Length)
            {
                ActiveDirectoryAccessRule activeDirectoryAccessRule = aces[i];
                bool flag = false;
                ActiveDirectoryAccessRule activeDirectoryAccessRule2 = DirectoryCommon.FindAce(activeDirectoryAccessRule, acl, true, remove);
                if (null != activeDirectoryAccessRule2 != remove && (activeDirectoryAccessRule2 == null || !activeDirectoryAccessRule2.IsInherited))
                {
                    goto IL_13D;
                }
                if (!remove || !activeDirectoryAccessRule2.IsInherited)
                {
                    if (verboseLogger != null)
                    {
                        if (remove)
                        {
                            verboseLogger(Strings.InfoRemovingAce(objectIdentityString, DirectoryCommon.AceToString(activeDirectoryAccessRule)));
                        }
                        else
                        {
                            verboseLogger(Strings.InfoAddingAce(objectIdentityString, DirectoryCommon.AceToString(activeDirectoryAccessRule)));
                        }
                    }
                    if (remove)
                    {
                        DirectoryCommon.RemoveAccessRule(acl, activeDirectoryAccessRule);
                    }
                    else
                    {
                        acl.AddAccessRule(activeDirectoryAccessRule);
                    }
                    flag = (result = true);
                    goto IL_13D;
                }
                LocalizedString message2 = Strings.ErrorWillNotPerformOnInheritedAce(activeDirectoryAccessRule2.ActiveDirectoryRights.ToString(), activeDirectoryAccessRule2.AccessControlType.ToString(), objectIdentityString);
                if (errorLogger != null)
                {
                    errorLogger(new TaskInvalidOperationException(message2), ExchangeErrorCategory.ServerOperation, null);
                }
                else if (warningLogger != null)
                {
                    warningLogger(message2);
                }
                else if (verboseLogger != null)
                {
                    verboseLogger(message2);
                }
IL_1DB:
                i++;
                continue;
IL_13D:
                if ((flag && DirectoryCommon.FindAce(activeDirectoryAccessRule, acl, false, remove) == null == remove) || (verboseLogger == null && warningLogger == null && errorLogger == null))
                {
                    goto IL_1DB;
                }
                LocalizedString message3;
                if (remove)
                {
                    if (activeDirectoryAccessRule.ObjectFlags == ObjectAceFlags.ObjectAceTypePresent)
                    {
                        string attr = string.Format("{0} (ObjectType: {1})", activeDirectoryAccessRule.ActiveDirectoryRights, activeDirectoryAccessRule.ObjectType);
                        message3 = Strings.InfoAttributeAceNotPresent(objectIdentityString, attr);
                    }
                    else
                    {
                        message3 = Strings.InfoAceNotPresent(objectIdentityString, SecurityPrincipalIdParameter.GetFriendlyUserName(activeDirectoryAccessRule.IdentityReference, verboseLogger));
                    }
                }
                else
                {
                    message3 = Strings.InfoAceAlreadyPresent(objectIdentityString, SecurityPrincipalIdParameter.GetFriendlyUserName(activeDirectoryAccessRule.IdentityReference, verboseLogger));
                }
                if (warningLogger != null)
                {
                    warningLogger(message3);
                    goto IL_1DB;
                }
                if (verboseLogger != null)
                {
                    verboseLogger(message3);
                    goto IL_1DB;
                }
                goto IL_1DB;
            }
            return(result);
        }