archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/gina/snapins/fde/secpath.cxx

589 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Microsoft Windows
  4. Copyright (C) Microsoft Corporation, 1981 - 1998
  6. Module Name:
  8. secpath.cxx
  10. Abstract:
  12. this file contains the code for the dialog that is used for associating
  13. security groups with paths.
  15. Author:
  17. Rahul Thombre (RahulTh) 4/14/1998
  19. Revision History:
  21. 4/14/1998 RahulTh
  23. Created this module.
  25. --*/
  27. #include "precomp.hxx"
  29. //
  30. //mapping between help ids and controls ids for this dialog
  31. //
  32. const DWORD g_aHelpIDMap_IDD_SECPATH[] =
  33. {
  34. IDC_SECPATH_ICON, IDH_DISABLEHELP,
  35. IDC_SECPATH_DESC, IDH_DISABLEHELP,
  36. IDC_SECPATH_SECGROUP, IDH_DISABLEHELP,
  37. IDC_EDIT_SECGROUP, IDH_EDIT_SECGROUP,
  38. IDC_BROWSE_SECGROUP, IDH_BROWSE_SECGROUP,
  39. IDC_SECPATH_TARGET, IDH_DISABLEHELP,
  40. 0, 0
  41. };
  43. ///////////////////////////
  44. /// Construction
  46. CSecGroupPath::CSecGroupPath (CWnd * pParent,
  47. UINT cookie,
  48. LPCTSTR szFolderName,
  49. LPCTSTR szGroupName /*=NULL*/,
  50. LPCTSTR szGroupSidStr /*=NULL*/,
  51. LPCTSTR szTarget /*= NULL*/)
  52. : CDialog(CSecGroupPath::IDD, pParent), m_redirPath (cookie), m_cookie (cookie)
  53. {
  54. m_szFolderName = szFolderName;
  55. m_szGroup = szGroupName;
  56. m_szSidStr = szGroupSidStr;
  57. m_szTarget = szTarget;
  58. if (! m_szTarget.IsEmpty())
  59. {
  60. m_szTarget.TrimLeft();
  61. m_szTarget.TrimRight();
  62. m_szTarget.TrimRight(L'\\');
  63. }
  64. m_bPathValid = FALSE;
  65. m_iCurrType = -1;
  66. }
  68. /////////////////////////
  69. ///Overrides
  71. void CSecGroupPath::DoDataExchange (CDataExchange* pDX)
  72. {
  73. CDialog::DoDataExchange(pDX);
  74. //{{AFX_DATA_MAP(CSecGroupPath)
  75. DDX_Control(pDX, IDC_EDIT_SECGROUP, m_EditSecGroup);
  76. DDX_Control(pDX, IDC_BROWSE_SECGROUP, m_btnBrowseSecGroup);
  77. DDX_Control(pDX, IDC_SECPATH_PLACEHOLDER, m_placeHolder);
  78. //}}AFX_DATA_MAP
  79. }
  81. /////////////////////
  82. /// Message maps
  83. BEGIN_MESSAGE_MAP(CSecGroupPath, CDialog)
  84. //{{AFX_MSG_MAP(CSecGroupPath)
  85. ON_BN_CLICKED (IDC_BROWSE_SECGROUP, OnBrowseGroups)
  86. ON_EN_UPDATE (IDC_EDIT_SECGROUP, OnSecGroupUpdate)
  87. ON_EN_KILLFOCUS (IDC_EDIT_SECGROUP, OnSecGroupKillFocus)
  88. ON_MESSAGE (WM_PATH_TWEAKED, OnPathTweak)
  89. ON_MESSAGE (WM_HELP, OnHelp)
  90. ON_MESSAGE (WM_CONTEXTMENU, OnContextMenu)
  91. //}AFX_MSG_MAP
  92. END_MESSAGE_MAP()
  94. BOOL CSecGroupPath::OnInitDialog ()
  95. {
  96. CError error (this);
  98. CDialog::OnInitDialog();
  100. //
  101. // Make sure that the supplied path is parseable into one of the known
  102. // types
  103. //
  104. if (! m_szTarget.IsEmpty())
  105. m_redirPath.Load ((LPCTSTR) m_szTarget); // This will always succeed if m_szTarget is not empty
  107. m_pathChooser.Instantiate (m_cookie,
  108. this,
  109. &m_placeHolder,
  110. (const CRedirPath *) &m_redirPath,
  111. SWP_SHOWWINDOW
  112. );
  114. m_EditSecGroup.SetWindowText (m_szGroup);
  115. m_EditSecGroup.SetSel (0, -1, FALSE);
  116. m_EditSecGroup.SetFocus();
  117. SetOKState();
  119. return FALSE; //returning FALSE since we are setting the focus to the edit box
  120. }
  122. void CSecGroupPath::OnOK ()
  123. {
  124. CError error(this);
  125. CString szRoot;
  126. CString szSuffix;
  127. CRedirPath newPath (m_cookie);
  128. BOOL bStatus = TRUE;
  129. UINT pathType;
  131. //first check if we have a valid group.
  132. OnSecGroupKillFocus();
  134. //if the target is not a UNC path, try to convert it to one.
  135. m_pathChooser.OnRootKillFocus();
  137. if (!m_fValidSid)
  138. {
  139. error.ShowMessage (IDS_NOSECURITY_INFO);
  140. return;
  141. }
  143. m_EditSecGroup.GetWindowText (m_szGroup);
  144. m_szGroup.TrimLeft();
  145. m_szGroup.TrimRight();
  147. m_szSidStr.TrimLeft();
  148. m_szSidStr.TrimRight();
  149. m_szSidStr.MakeLower();
  151. m_pathChooser.GetRoot (szRoot);
  152. pathType = m_pathChooser.GetType();
  154. bStatus = TRUE;
  155. if (m_redirPath.IsPathDifferent (pathType, (LPCTSTR)szRoot))
  156. {
  157. // The path has changed, so use the new suffix
  158. newPath.GenerateSuffix (szSuffix, m_cookie, pathType);
  159. bStatus = newPath.Load (pathType, (LPCTSTR) szRoot, (LPCTSTR) szSuffix);
  160. if (bStatus)
  161. newPath.GeneratePath (m_szTarget);
  162. }
  163. else
  164. {
  165. m_redirPath.GeneratePath (m_szTarget);
  166. }
  168. //check if all the data has been provided.
  169. if (! bStatus ||
  170. m_szTarget == TEXT("*") || //this particular check is very important -- see code for CFileInfo::LoadSection to see why
  171. m_szGroup.IsEmpty())
  172. {
  173. error.ShowMessage (IDS_INVALID_GROUPPATH);
  174. }
  175. else if (pathType != IDS_USERPROFILE_PATH &&
  176. ! PathIsUNC ((LPCTSTR) m_szTarget)
  177. )
  178. {
  179. error.SetStyle (MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2);
  180. error.SetTitle (IDS_DEFAULT_WARNING_TITLE);
  181. if (IDYES == error.ShowMessage (IDS_PATHNOTUNC_WARNING))
  182. {
  183. CDialog::OnOK();
  184. }
  185. }
  186. else
  187. {
  188. CDialog::OnOK();
  189. }
  190. }
  192. void
  193. CSecGroupPath::OnCancel (void)
  194. {
  195. m_pathChooser.OnCancel();
  196. CDialog::OnCancel();
  197. }
  199. //browse the security groups
  200. void CSecGroupPath::OnBrowseGroups ()
  201. {
  202. AFX_MANAGE_STATE(AfxGetStaticModuleState());
  204. CError error(this);
  205. PCWSTR apwszAttribs[] =
  206. {
  207. L"ObjectSid"
  208. };
  209. DWORD dwError = ERROR_SUCCESS;
  210. HRESULT hr;
  211. IDsObjectPicker * pDsObjectPicker = NULL;
  212. DSOP_INIT_INFO InitInfo;
  213. const ULONG cbNumScopes = 3;
  214. DSOP_SCOPE_INIT_INFO ascopes[cbNumScopes];
  215. IDataObject * pdo = NULL;
  216. STGMEDIUM stgmedium = {
  217. TYMED_HGLOBAL,
  218. NULL
  219. };
  220. UINT cf = 0;
  221. PDS_SELECTION_LIST pDsSelList = NULL;
  222. FORMATETC formatetc = {
  223. (CLIPFORMAT)cf,
  224. NULL,
  225. DVASPECT_CONTENT,
  226. -1,
  227. TYMED_HGLOBAL
  228. };
  229. PDS_SELECTION pDsSelection = NULL;
  230. BOOL bAllocatedStgMedium = FALSE;
  231. SAFEARRAY * pVariantArr = NULL;
  232. PSID pSid = NULL;
  233. CString szDomain;
  234. CString szAcct;
  235. SID_NAME_USE eUse;
  238. hr = CoInitialize (NULL);
  240. if (SUCCEEDED (hr))
  241. {
  242. hr = CoCreateInstance (CLSID_DsObjectPicker,
  243. NULL,
  244. CLSCTX_INPROC_SERVER,
  245. IID_IDsObjectPicker,
  246. (void **) & pDsObjectPicker
  247. );
  248. }
  250. if (FAILED(hr))
  251. {
  252. dwError = IDS_OBJPICK_ERROR;
  253. goto BrwsGrp_Err;
  254. }
  257. //Initialize the scopes
  258. ZeroMemory (ascopes, cbNumScopes * sizeof (DSOP_SCOPE_INIT_INFO));
  260. ascopes[0].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
  261. ascopes[0].flType = DSOP_SCOPE_TYPE_ENTERPRISE_DOMAIN;
  262. ascopes[0].flScope = DSOP_SCOPE_FLAG_STARTING_SCOPE;
  263. ascopes[0].FilterFlags.Uplevel.flBothModes = DSOP_FILTER_BUILTIN_GROUPS |
  264. DSOP_FILTER_UNIVERSAL_GROUPS_DL |
  265. DSOP_FILTER_UNIVERSAL_GROUPS_SE |
  266. DSOP_FILTER_GLOBAL_GROUPS_DL |
  267. DSOP_FILTER_GLOBAL_GROUPS_SE;
  268. ascopes[0].FilterFlags.Uplevel.flNativeModeOnly =
  269. DSOP_FILTER_DOMAIN_LOCAL_GROUPS_DL |
  270. DSOP_FILTER_DOMAIN_LOCAL_GROUPS_SE;
  272. ascopes[1].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
  273. ascopes[1].flType = DSOP_SCOPE_TYPE_GLOBAL_CATALOG;
  274. ascopes[1].FilterFlags.Uplevel.flBothModes =
  275. ascopes[0].FilterFlags.Uplevel.flBothModes;
  276. ascopes[1].FilterFlags.Uplevel.flNativeModeOnly =
  277. ascopes[0].FilterFlags.Uplevel.flNativeModeOnly;
  279. ascopes[2].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
  280. ascopes[2].flType = DSOP_SCOPE_TYPE_TARGET_COMPUTER;
  281. ascopes[2].FilterFlags.flDownlevel = DSOP_DOWNLEVEL_FILTER_LOCAL_GROUPS |
  282. DSOP_DOWNLEVEL_FILTER_GLOBAL_GROUPS;
  284. //Populate the InitInfo structure that is used to initialize the object
  285. //picker.
  286. ZeroMemory (&InitInfo, sizeof (InitInfo));
  288. InitInfo.cbSize = sizeof (InitInfo);
  289. InitInfo.cDsScopeInfos = cbNumScopes;
  290. InitInfo.aDsScopeInfos = ascopes;
  291. InitInfo.cAttributesToFetch = 1;
  292. InitInfo.apwzAttributeNames = apwszAttribs;
  294. hr = pDsObjectPicker->Initialize (&InitInfo);
  296. if (FAILED (hr))
  297. {
  298. dwError = IDS_OBJPICK_ERROR;
  299. goto BrwsGrp_Err;
  300. }
  302. hr = pDsObjectPicker->InvokeDialog (this->m_hWnd, &pdo);
  304. if (FAILED(hr))
  305. {
  306. dwError = IDS_OBJPICK_ERROR;
  307. goto BrwsGrp_Err;
  308. }
  310. if (S_FALSE == hr) //the user hit cancel
  311. goto BrwsGrp_CleanupAndQuit;
  313. //if we are here, the user chose, OK, so find out what group was chosen
  314. cf = RegisterClipboardFormat (CFSTR_DSOP_DS_SELECTION_LIST);
  316. if (0 == cf)
  317. {
  318. dwError = IDS_NOSECURITY_INFO;
  319. goto BrwsGrp_Err;
  320. }
  322. //set the clipformat for the formatetc structure
  323. formatetc.cfFormat = (CLIPFORMAT)cf;
  325. hr = pdo->GetData (&formatetc, &stgmedium);
  327. if (FAILED (hr) )
  328. {
  329. dwError = IDS_NOSECURITY_INFO;
  330. goto BrwsGrp_Err;
  331. }
  333. bAllocatedStgMedium = TRUE;
  335. pDsSelList = (PDS_SELECTION_LIST) GlobalLock (stgmedium.hGlobal);
  337. if (NULL == pDsSelList)
  338. {
  339. dwError = IDS_NOSECURITY_INFO;
  340. goto BrwsGrp_Err;
  341. }
  344. if (!pDsSelList->cItems) //some item must have been selected
  345. {
  346. dwError = IDS_NOSECURITY_INFO;
  347. goto BrwsGrp_Err;
  348. }
  350. pDsSelection = &(pDsSelList->aDsSelection[0]);
  352. //we must get the ObjectSid attribute, otherwise we fail
  353. //so make sure that the attribute has been fetched.
  354. if (!pDsSelList->cFetchedAttributes ||
  355. (! (VT_ARRAY & pDsSelection->pvarFetchedAttributes->vt)))
  356. {
  357. dwError = IDS_NOSECURITY_INFO;
  358. goto BrwsGrp_Err;
  359. }
  361. pVariantArr = pDsSelection->pvarFetchedAttributes->parray;
  362. pSid = (PSID) pVariantArr->pvData;
  364. if (STATUS_SUCCESS != GetFriendlyNameFromSid (pSid, szDomain, szAcct, &eUse))
  365. {
  366. dwError = IDS_NOSECURITY_INFO;
  367. goto BrwsGrp_Err;
  368. }
  370. //store away the string representation of this sid
  371. if (STATUS_SUCCESS != GetStringFromSid(pSid, m_szSidStr))
  372. goto BrwsGrp_Err;
  374. m_szSidStr.MakeLower();
  375. if (!szDomain.IsEmpty())
  376. szAcct = szDomain + '\\' + szAcct;
  378. m_EditSecGroup.SetWindowText (szAcct);
  379. m_fValidSid = TRUE;
  381. goto BrwsGrp_CleanupAndQuit;
  383. BrwsGrp_Err:
  384. error.ShowMessage (dwError);
  386. BrwsGrp_CleanupAndQuit:
  387. if (pDsSelList)
  388. GlobalUnlock (stgmedium.hGlobal);
  389. if (bAllocatedStgMedium)
  390. ReleaseStgMedium (&stgmedium);
  391. if (pdo)
  392. pdo->Release();
  393. if (pDsObjectPicker)
  394. pDsObjectPicker->Release ();
  395. }
  397. void CSecGroupPath::SetOKState (void)
  398. {
  399. CString szGroup;
  400. CString szPath;
  401. BOOL bCheckPath = FALSE;
  403. m_EditSecGroup.GetWindowText(szGroup);
  404. szGroup.TrimLeft();
  405. szGroup.TrimRight();
  407. if (IDS_SPECIFIC_PATH == m_iCurrType ||
  408. IDS_PERUSER_PATH == m_iCurrType)
  409. {
  410. bCheckPath = TRUE;
  411. m_pathChooser.GetRoot (szPath);
  412. szPath.TrimLeft();
  413. szPath.TrimRight();
  414. szPath.TrimRight(L'\\');
  415. }
  417. if (szGroup.IsEmpty() || (bCheckPath && szPath.IsEmpty()))
  418. GetDescendantWindow(IDOK, FALSE)->EnableWindow(FALSE);
  419. else
  420. GetDescendantWindow(IDOK, FALSE)->EnableWindow(TRUE);
  421. }
  423. void CSecGroupPath::OnSecGroupUpdate()
  424. {
  425. //the group in the edit box is about to change.
  426. //this means we can no longer trust the sid that we may have
  427. m_fValidSid = FALSE;
  428. SetOKState();
  429. }
  431. //we try to get a sid and domain for the group specified
  432. //if we can't, we simply ignore the error and sit tight.
  433. void CSecGroupPath::OnSecGroupKillFocus()
  434. {
  435. BOOL bStatus;
  436. CString szGroup;
  437. WCHAR* szWindowText = NULL;
  438. WCHAR szDom[MAX_PATH];
  439. DWORD dwDomLen = MAX_PATH;
  440. WCHAR* szAcct;
  441. PSID Sid = NULL;
  442. DWORD dwSidLen = 0;
  443. SID_NAME_USE eUse;
  444. DWORD Status;
  445. CHourglass hourglass; //LookupAccountName takes a while
  446. BOOL fDomainSupplied = FALSE;
  449. //if we already have a valid sid, there is nothing to worry.
  450. if (m_fValidSid)
  451. goto KillFocusEnd;
  453. //we don't have a valid sid, so we try to get one from the data in the
  454. //group box
  455. m_EditSecGroup.GetWindowText (szGroup);
  456. szGroup.TrimLeft();
  457. szGroup.TrimRight();
  459. if (szGroup.IsEmpty())
  460. goto KillFocusEnd;
  462. ULONG ulNoChars;
  464. ulNoChars = wcslen( (LPCWSTR)szGroup )+1;
  465. szWindowText = new WCHAR[ulNoChars];
  466. if ( szWindowText == NULL )
  467. {
  468. goto KillFocusEnd;
  469. }
  471. //get the account name from the window
  473. HRESULT hr;
  475. hr = StringCchCopy (szWindowText, ulNoChars, (LPCWSTR) szGroup);
  476. ASSERT(SUCCEEDED(hr));
  478. szAcct = wcsrchr (szWindowText, '\\');
  479. if (!szAcct)
  480. {
  481. szAcct = szWindowText;
  482. }
  483. else
  484. {
  485. *szAcct++ = 0; //advance it so that it now points to the account
  486. //and szWindowText will now refer to the supplied domain
  487. fDomainSupplied = TRUE;
  488. }
  490. do
  491. {
  492. bStatus = LookupAccountName (NULL, szAcct, Sid, &dwSidLen,
  493. szDom, &dwDomLen, &eUse);
  495. if (!bStatus)
  496. {
  497. Status = GetLastError();
  498. if (ERROR_INSUFFICIENT_BUFFER != Status)
  499. goto KillFocusEnd; //we just ignore the error for now
  501. LocalFree(Sid);
  502. Sid = (PSID) LocalAlloc (LPTR, dwSidLen);
  503. if (NULL == Sid)
  504. goto KillFocusEnd; //we just ignore the error for now
  506. continue;
  507. }
  508. break;
  509. } while (1);
  511. //we have the sid if we are here
  512. //make sure it represents a group
  513. switch (eUse)
  514. {
  515. case SidTypeGroup:
  516. case SidTypeWellKnownGroup:
  517. case SidTypeAlias:
  518. break;
  519. default:
  520. goto KillFocusEnd;
  521. }
  523. //also make sure that if a domain was supplied, it matches what we
  524. //got back
  525. if (fDomainSupplied && (0 != lstrcmpi (szWindowText, szDom)))
  526. goto KillFocusEnd;
  528. //if we are here, then we have the sid for a group
  529. if (STATUS_SUCCESS != GetStringFromSid (Sid, m_szSidStr))
  530. goto KillFocusEnd;
  532. //we were finally successful in getting the sid in a string format
  533. m_szSidStr.MakeLower();
  534. szGroup = szDom;
  535. if (!szGroup.IsEmpty())
  536. szGroup += '\\';
  537. szGroup += szAcct;
  538. m_EditSecGroup.SetWindowText ((LPCTSTR) szGroup);
  539. m_fValidSid = TRUE;
  541. KillFocusEnd:
  543. LocalFree(Sid);
  544. if ( szWindowText != NULL )
  545. {
  546. delete [] szWindowText;
  547. }
  548. return;
  549. }
  551. void CSecGroupPath::OnPathTweak (WPARAM wParam, LPARAM lParam)
  552. {
  553. m_bPathValid = (BOOL) wParam;
  554. m_iCurrType = (LONG) lParam;
  556. SetOKState();
  557. }
  559. LONG CSecGroupPath::OnHelp (WPARAM wParam, LPARAM lParam)
  560. {
  561. LONG lResult = 0;
  562. CString szHelpFile;
  564. szHelpFile.LoadString(IDS_HELP_FILE);
  566. ::WinHelp((HWND)(((LPHELPINFO)lParam)->hItemHandle),
  567. (LPCTSTR) szHelpFile,
  568. HELP_WM_HELP,
  569. (ULONG_PTR)(LPTSTR)g_aHelpIDMap_IDD_SECPATH);
  571. return lResult;
  572. }
  574. LONG CSecGroupPath::OnContextMenu (WPARAM wParam, LPARAM lParam)
  575. {
  576. AFX_MANAGE_STATE (AfxGetStaticModuleState());
  578. LONG lResult = 0;
  579. CString szHelpFile;
  581. szHelpFile.LoadString(IDS_HELP_FILE);
  583. ::WinHelp((HWND)wParam,
  584. (LPCTSTR)szHelpFile,
  585. HELP_CONTEXTMENU,
  586. (ULONG_PTR)(LPVOID)g_aHelpIDMap_IDD_SECPATH);
  588. return lResult;
  589. }