public static bool ValidateIntraPolicy(string policyName, IPolicyObjectCollection<IPolicyObject> conditions, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool result = true;
foreach (IPolicyObject policyObject in conditions)
{
if (policyObject is ICondition)
{
if (policyObject.Name.Value.Length > MAX_NAME_LENGTH)
{
if (null != AddMessage)
{
AddMessage(policyName, Properties.Resources.CONDITION_SHORTNAME_TOO_LONG, true);
}
result = false;
}
}
else
{
result = ValidateIntraPolicy(policyName, (policyObject as IConditionGroup).Conditions, AddMessage);
if (!FileTypeExpressionValidator.ValidateIntraPolicy(policyName, policyObject, AddMessage))
{
result = false;
}
if (!FileSizeExpressionValidator.ValidateIntraPolicy(policyName, policyObject, AddMessage))
{
result = false;
}
}
}
return result;
}
/// <summary>
/// Evaluate the file type expressions within a collection of IPolicyObjects to determine whether they are valid.
/// For now, we assume that the collection of IPolicyObjects will consist of IConditionGroups only. If there are
/// other IPolicyObject types in the collection, these will not be validated.
/// </summary>
/// <param name="conditions">The IPolicyObject to evaluate</param>
/// <returns>True if all file type expressions with the IPolicyObject collection are valid, otherwise False</returns>
public static bool ValidateIntraPolicy(string policyName, IPolicyObject policyObject, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
if (policyObject is IConditionGroup)
{
if (!ValidateIntraPolicyConditionGroup((IConditionGroup)policyObject))
{
if (null != AddMessage)
{
AddMessage(policyName, Properties.Resources.VALIDATION_INTRAPOLICY_FILETYPE_CONFLICT, false);
}
return false;
}
}
else
{
//the following is for the developer - we are only expecting to find expressions in a
//Policy -> ConditionGroup -> Condition structure. You're in this code because presumably
//we have now changed the way we structure expressions
System.Resources.ResourceManager resourceManager = new System.Resources.ResourceManager("Workshare.Policy.Properties.Resources", typeof(PolicySuites).Assembly);
string message = resourceManager.GetString("VALIDATION_INTRAPOLICY_EXPRESSIONS_UNSUPPORTEDSTRUCTURE", System.Globalization.CultureInfo.InvariantCulture);
Logger.LogError(message);
System.Diagnostics.Debug.Assert(false, message);
}
return true;
}
private static bool ValidateInterPolicyConflicts(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
for (int i = 0; i < policyset.Policies.Count; i++)
{
for (int j = i + 1; j < policyset.Policies.Count; j++)
{
IPolicy policy1 = policyset.Policies[i];
IPolicy policy2 = policyset.Policies[j];
List<FileType> checkTypes1 = GetFileTypesForPolicy(policy1.Conditions);
List<CellActionsCollection> checkActions1 = GetActionsForPolicy(policy1.Channels, policyset, true);
List<FileType> checkTypes2 = GetFileTypesForPolicy(policy2.Conditions);
List<CellActionsCollection> checkActions2 = GetActionsForPolicy(policy2.Channels, policyset, true);
FileType foundType = FileType.Unknown;
foreach (FileType filetype in checkTypes1)
{
if (checkTypes2.Contains(filetype))
{
foundType = filetype;
break;
}
}
if (foundType == FileType.Unknown)
continue;
foreach (CellActionsCollection collection in checkActions1)
{
IAction foundAction = null;
foreach (IAction action in collection.Actions)
{
m_actionPredicate = action.Name.Value;
if (!checkActions2.Exists(FindActionPredicate))
continue;
foundAction = action;
break;
}
if (null == foundAction)
continue;
retVal = false;
if (null != AddMessage)
AddMessage(policy2.Name.Value, string.Format(CultureInfo.CurrentCulture, Properties.Resources.VALIDATION_INTERPOLICY_FILETYPEACTION_CONFLICT,
foundType, policy1.Name.Value, foundAction.Name.Value), false);
}
}
}
return retVal;
}
private static bool ValidateChannelActions(string policyName, IActionMatrix actionMatrix, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool valid = false;
foreach (KeyValuePair<KeyValuePair<Guid, Guid>, IActionMatrixCell> cellPair in actionMatrix)
{
if (ValidateActionConditionGroups(policyName, cellPair.Value.ActionConditionGroups, AddMessage))
valid = true;
}
return valid;
}
public static bool ValidateIntraPolicy(string policyName, IPolicyObjectCollection<IPolicyChannel> channels, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool valid = true;
List<IPolicyChannel> validChannels = new List<IPolicyChannel>();
List<IPolicyChannel> invalidChannels = new List<IPolicyChannel>();
foreach (IPolicyChannel channel in channels)
{
if (ValidateChannelActions(policyName, channel.Actions, AddMessage))
{
validChannels.Add(channel);
}
else
{
invalidChannels.Add(channel);
}
}
if (validChannels.Count == 0)
{
valid = false;
if (null != AddMessage)
AddMessage(policyName, Properties.Resources.VALIDATION_INTRAPOLICY_NO_ACTIONS, true);
}
foreach (IPolicyChannel channel in validChannels)
{
if (ChannelType.ActiveContent == channel.Type)
continue;
if (!ValidateRoutingItemCollections(policyName, channel, AddMessage))
{
valid = false;
}
}
return valid;
}
private static bool ValidateActionGroup(string policyName, IActionGroup actionGroup, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
if (0 < actionGroup.Actions.Count)
{
ValidateActions(policyName, actionGroup.Actions, AddMessage);
return true;
}
foreach (IActionGroup subActionGroup in actionGroup.ActionGroups)
{
if (ValidateActionGroup(policyName, subActionGroup, AddMessage))
return true;
}
return false;
}
private static bool ValidateActionConditionGroups(string policyName, IPolicyObjectCollection<IActionConditionGroup> actionConditionGroups, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool valid = true;
foreach (IActionConditionGroup actionConditionGroup in actionConditionGroups)
{
if (!ValidateActionGroup(policyName, actionConditionGroup.ActionGroup, AddMessage))
valid = false;
}
return valid;
}
private static bool ValidateRoutingItemCollections(string policyName, IPolicyChannel channel, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool valid = true;
if (channel.Type == ChannelType.SMTP || channel.Type == ChannelType.RemoveableDevice)
{
IRoutingTable routingTable = channel.Routing;
IRoutingItemCollection defaultSource = null;
if (routingTable.HasDefaultSources)
{
defaultSource = routingTable.DefaultSource;
}
foreach (IRoutingItemCollection routingItemCollection in routingTable.Sources)
{
if (routingItemCollection != defaultSource)
{
if (routingItemCollection.Count == 0)
{
string msg = string.Format(CultureInfo.InvariantCulture,
Properties.Resources.VALIDATION_INTRAPOLICY_ROUTING_NOSENDERS,
routingItemCollection.Name.Value,
Workshare.Policy.UI.DisplayTranslations.ChannelTypeDisplayTranslator.Instance.GetDisplayType(routingTable.Type));
if (null != AddMessage)
AddMessage(policyName, msg, true);
valid = false;
}
}
}
IRoutingItemCollection defaultDestination = null;
if (routingTable.HasDefaultDestinations)
{
defaultDestination = routingTable.DefaultDestination;
}
foreach (IRoutingItemCollection routingItemCollection in routingTable.Destinations)
{
if (routingItemCollection != defaultDestination)
{
if (routingItemCollection.Count == 0)
{
string msg = string.Format(CultureInfo.InvariantCulture,
Properties.Resources.VALIDATION_INTRAPOLICY_ROUTING_NORECIPIENTS,
routingItemCollection.Name.Value,
Workshare.Policy.UI.DisplayTranslations.ChannelTypeDisplayTranslator.Instance.GetDisplayType(routingTable.Type));
if (null != AddMessage)
AddMessage(policyName, msg, true);
valid = false;
}
}
}
}
return valid;
}
private static bool ValidateActionDataElements(string policyName, string actionName, IPolicyObjectCollection<IDataElement> dataElements, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
return true;
}
private static bool ValidateActionsExist(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
for (int i = 0; i < policyset.Policies.Count; i++)
{
IPolicy policy = policyset.Policies[i];
List<CellActionsCollection> checkActions = GetActionsForPolicy(policy.Channels, policyset, false);
IResourceManager resourceManager = ResourcesCache.GetResources();
List<string> missingActions = new List<string>();
foreach (CellActionsCollection collection in checkActions)
{
foreach (IAction action in collection.Actions)
{
if (!string.IsNullOrEmpty(action["type"].Value))
{
if (resourceManager.ResourceActions.Contains(action["type"].Value))
continue;
}
else
{
bool found = false;
foreach (IResourceAction resourceAction in resourceManager.ResourceActions)
{
if (resourceAction.ActionClass == action.Class)
{
found = true;
break;
}
}
if (found)
continue;
}
retVal = false;
missingActions.Add(action.Name.Value);
}
}
if (0 == missingActions.Count)
continue;
retVal = false;
if (null != AddMessage)
{
StringBuilder sb = new StringBuilder();
sb.Append(Properties.Resources.VALIDATION_INTRAPOLICY_ACTIONS_MISSING);
for (int j = 0; j < missingActions.Count; j++)
{
sb.AppendFormat(j == 0 ? " {0}" : ", {0}", missingActions[j]);
}
AddMessage(policy.Name.Value, sb.ToString(), (0 == missingActions.Count) ? false : true);
}
}
return retVal;
}
public static bool ValidatePolicySet(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
if (!PolicySetHasActions(policyset) && ChannelDoesntRequireActions(policyset))
return true;
// If an action doesn't exist, not much point in carrying on
if (!ValidateActionsExist(policyset, AddMessage))
return false;
if (!ValidateInvalidActionsForFileTypes(policyset, AddMessage))
retVal = false;
if (!ValidateInvalidActionsForConditions(policyset, AddMessage))
retVal = false;
if (!ValidateInterPolicyConflicts(policyset, AddMessage))
retVal = false;
if (!ValidateThatPolicyRaisesIncidentIfAnyActionRequires(policyset, AddMessage))
retVal = false;
return retVal;
}
private static bool ValidateThatPolicyRaisesIncidentIfAnyActionRequires(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
for (int i = 0; i < policyset.Policies.Count; i++)
{
IPolicy policy = policyset.Policies[i];
foreach (IPolicyChannel channel in policy.Channels)
{
IActionMatrixCell cell;
IPolicyObject routingCell;
switch (ExpressionHelpers.GetRoutingType(channel.Routing))
{
case ExpressionHelpers.RoutingType.Undefined:
continue;
case ExpressionHelpers.RoutingType.SingleCell:
IRoutingTable singleCelledRoutingTable = channel.Routing;
cell = channel.Actions[singleCelledRoutingTable.DefaultSource, singleCelledRoutingTable.DefaultDestination];
if (null == cell)
continue;
CellActionsCollection collection = new CellActionsCollection();
collection.Actions = ExpressionHelpers.ExtractActionsFromActionGroups(cell.ActionConditionGroups, policyset, false);
collection.ChannelType = channel.Type;
routingCell = singleCelledRoutingTable[singleCelledRoutingTable.DefaultSource, singleCelledRoutingTable.DefaultDestination];
foreach (IAction action in collection.Actions)
{
if (GetResourceAction(action).ImpliesIncident && string.IsNullOrEmpty(routingCell[m_raiseIncidentProperty].Value))
{
if (AddMessage != null)
AddMessage(policy.Name.Value,
string.Format(CultureInfo.CurrentCulture, Properties.Resources.VALIDATION_INTRAPOLICY_ACTION_REQUIRE_INCIDENT, action.Name.Value), true);
retVal = false;
}
}
break;
default:
IRoutingTable multiCelledRoutingTable = channel.Routing;
foreach (IRoutingItemCollection sender in multiCelledRoutingTable.Sources)
{
foreach (IRoutingItemCollection recipient in multiCelledRoutingTable.Destinations)
{
cell = channel.Actions[sender, recipient];
if (null == cell)
continue;
collection = new CellActionsCollection();
collection.Actions = ExpressionHelpers.ExtractActionsFromActionGroups(cell.ActionConditionGroups, policyset, false);
collection.ChannelType = channel.Type;
routingCell = multiCelledRoutingTable[sender, recipient];
foreach (IAction action in collection.Actions)
{
if (GetResourceAction(action).ImpliesIncident && string.IsNullOrEmpty(routingCell[m_raiseIncidentProperty].Value))
{
if (AddMessage != null)
AddMessage(policy.Name.Value,
string.Format(CultureInfo.CurrentCulture, Properties.Resources.VALIDATION_INTRAPOLICY_ACTION_REQUIRE_INCIDENT, action.Name.Value), true);
retVal = false;
}
}
}
}
break;
}
}
}
return retVal;
}
private static bool ValidateInvalidActionsForConditions(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
for (int i = 0; i < policyset.Policies.Count; i++)
{
IPolicy policy = policyset.Policies[i];
List<CellActionsCollection> checkActions = GetActionsForPolicy(policy.Channels, policyset, false);
if (!checkActions.Exists(ActionModifiesFileContents))
continue;
if (!HasPasswordCondition(policy.Conditions))
continue;
retVal = false;
if (null != AddMessage)
AddMessage(policy.Name.Value, string.Format(CultureInfo.CurrentCulture, Properties.Resources.VALIDATION_INTRAPOLICY_ACTIONS_PASSWORDPROTECTIONCONFLICT, m_actionPredicate), true);
}
return retVal;
}
private static void RaiseAddMessageEvent(PolicySetValidator.AddViolationMessageHandler AddMessage, IPolicy policy, IList<string> unmatchedTypes, int matchCounts)
{
if (null == AddMessage)
return;
StringBuilder sb = new StringBuilder();
sb.Append(Properties.Resources.VALIDATION_INTERPOLICY_FILETYPEACTION_MISSING);
for (int j = 0; j < unmatchedTypes.Count; j++)
{
sb.AppendFormat(j == 0 ? " {0}" : ", {0}", unmatchedTypes[j]);
}
AddMessage(policy.Name.Value, sb.ToString(), (0 < matchCounts) ? false : true);
}
private static bool ValidateInvalidActionsForFileTypes(IPolicySet policyset, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool retVal = true;
for (int i = 0; i < policyset.Policies.Count; i++)
{
IPolicy policy = policyset.Policies[i];
List<FileType> checkTypes = GetFileTypesForPolicy(policy.Conditions);
foreach (IPolicyChannel channel in policy.Channels)
{
List<CellActionsCollection> checkActions = GetActionsForPolicy(channel, policyset, false);
List<FileType> supportedFileTypes = new List<FileType>();
Dictionary<IAction, List<FileType>> fileTypeLookup = new Dictionary<IAction, List<FileType>>();
foreach (CellActionsCollection collection in checkActions)
{
if (0 == collection.Actions.Count)
continue;
// Get the relevant file types for the channel in which the cell exists
List<FileType> relevantFileTypesForChannel = GetRelevantFileTypesForChannel(collection.ChannelType);
supportedFileTypes.Clear();
fileTypeLookup.Clear();
foreach (IAction action in collection.Actions)
{
List<FileType> actionSupportedTypes = GetSupportedFiletypes(action);
//Actions that support FileType.Email are exempt from the validation checks.
//These types of action are allowed to have any kind of file type in their trigger conditions.
if (SupportsMime(action))
continue;
if (!actionSupportedTypes.Contains(FileType.Email))
{
supportedFileTypes.AddRange(actionSupportedTypes);
if (!actionSupportedTypes.Contains(FileType.Unknown))
fileTypeLookup[action] = actionSupportedTypes;
}
}
if (0 == fileTypeLookup.Values.Count
|| supportedFileTypes.Contains(FileType.Unknown))
continue;
List<string> unmatchedTypes = new List<string>();
int matchCounts = 0;
foreach (FileType filetype in checkTypes)
{
if ((filetype == FileType.HTTPContent ||
!relevantFileTypesForChannel.Contains(filetype)) && channel.Type != ChannelType.ActiveContent)
continue;
int hits = 0;
foreach (IAction action in fileTypeLookup.Keys)
{
if (fileTypeLookup[action].Contains(filetype))
{
hits++;
break;
}
}
if (0 == hits && !unmatchedTypes.Contains(filetype.ToString()))
unmatchedTypes.Add(filetype.ToString());
else if (supportedFileTypes.Contains(filetype))
matchCounts++;
}
if (0 == unmatchedTypes.Count)
continue;
retVal = false;
RaiseAddMessageEvent(AddMessage, policy, unmatchedTypes, matchCounts);
}
}
}
return retVal;
}
private static bool ValidateActions(string policyName, IPolicyObjectCollection<IAction> actions, PolicySetValidator.AddViolationMessageHandler AddMessage)
{
bool valid = true;
foreach (IAction action in actions)
{
if (!ValidateActionDataElements(policyName, action.Name.Value, action.DataElements, AddMessage))
{
valid = false;
}
}
return valid;
}
internal bool Load(string policyname, PolicyConverterFactory.AddPolicyLoadConversionMessageDelegate AddConversionMessage)
{
if (null == m_proxy)
throw new Workshare.Policy.Exceptions.ArgumentNullException("policySetCache", "A null policy set cache object was passed in");
m_policyname = policyname;
m_cacheSet = m_proxy.GetPolicySet(policyname);
if (m_cacheSet == null)
{
Logger.LogError(policyname + " returned null PolicySetCache - does the policyset exist or is it deleted?");
return false;
}
else if (m_cacheSet.LatestVersion.Status == PolicySetVersionStatus.Deleted)
{
Logger.LogError("Latest version status set to deleted for policyset" + policyname);
return false;
}
PolicyConverterFactory policySetConverter = new PolicyConverterFactory(m_cacheSet);
m_data = policySetConverter.ConvertPolicySet(AddConversionMessage);
// This has been added to enforce the full loading of the PolicySet /////////////////////////////////////////////////////
// Unfortunately we don't have time to corect the load before the up and comming release.
// We will probably leave it here for future generations to marvel over! JE,MM,TT 03.06.2011
PolicySetValidator policySetValidator = new PolicySetValidator(m_data);
policySetValidator.Validate();
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
//We UnEscape the xml here as we dont want the users to see escaped characters in the descriptions
foreach (ICondition condition in m_data.MasterCatalogue.Conditions)
{
condition.Name.Value = StringUtilities.UnEscapeXML(condition.Name.Value);
}
return true;
}