archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/win32/accctrl2/inc/cacl.hxx

184 lines
6.5 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1993 - 1995.
  5. //
  6. // File: aclbuild.hxx
  7. //
  8. // Contents: Class to generate and read ACLs from and into ACCESS_ENTRYs
  9. //
  10. // History: 8-94 Created DaveMont
  11. //
  12. //--------------------------------------------------------------------
  13. #ifndef __ACLBUILD__
  14. #define __ACLBUILD__
  16. #include <accctrl.h>
  18. //
  19. // Valid returned ACE flags
  20. //
  23. #define ACLBUILD_VALID_ACE_FLAGS (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE)
  25. class CAccountAccess;
  26. class CMemberCheck;
  27. class CIterator;
  28. class CAclIterator;
  29. class CAesIterator;
  31. //
  32. // IsContainer enumerated type, used by aclbuild.hxx (exposed here for cairole\stg)
  33. //
  35. typedef enum _IS_CONTAINER
  36. {
  37. ACCESS_TO_UNKNOWN = 0,
  38. ACCESS_TO_OBJECT,
  39. ACCESS_TO_CONTAINER
  40. } IS_CONTAINER, *PIS_CONTAINER;
  41. #ifdef __cplusplus
  42. extern "C" {
  43. #endif
  44. //
  45. // mask conversions, (exposed here for cairole\stg)
  46. //
  47. ULONG NTAccessMaskToProvAccessRights(IN SE_OBJECT_TYPE SeObjectType,
  48. IN BOOL fIsContainer,
  49. IN ACCESS_MASK AccessMask);
  51. ACCESS_MASK ProvAccessRightsToNTAccessMask(IN SE_OBJECT_TYPE SeObjectType,
  52. IN ULONG AccessRights);
  53. #ifdef __cplusplus
  54. }
  55. #endif
  56. //============================================================================
  57. //+---------------------------------------------------------------------------
  58. //
  59. // Class: CAcl
  60. //
  61. // Synopsis: Base class for ACL generation and reading, see aclbuild.cxx
  62. // header for detailed description
  63. //
  64. //----------------------------------------------------------------------------
  65. class CAcl
  66. {
  67. public:
  68. CAcl(LPWSTR system,
  69. IS_CONTAINER fdir,
  70. BOOL fSaveNamesAndSids,
  71. BOOL fUsedByProviderIndependentApi);
  72. ~CAcl();
  74. void * operator new(size_t size);
  75. void operator delete(void * p, size_t size);
  76. inline ULONG AclRevision();
  77. inline ULONG Capabilities();
  79. DWORD WINAPI SetAcl( PACL pacl);
  81. DWORD WINAPI ClearAll();
  83. DWORD WINAPI ClearAccessEntries();
  85. DWORD WINAPI AddAccessEntries( ULONG ccount,
  86. PACCESS_ENTRY pae);
  88. DWORD WINAPI BuildAcl(PACL *pacl);
  90. DWORD WINAPI BuildAccessEntries(PULONG csize,
  91. PULONG ccount,
  92. PACCESS_ENTRY *pae,
  93. BOOL fAbsolute);
  95. DWORD WINAPI GetEffectiveRights(PTRUSTEE ptrustee,
  96. PACCESS_MASK accessmask);
  98. DWORD WINAPI GetAuditedRights(PTRUSTEE ptrustee,
  99. PACCESS_MASK successmask,
  100. PACCESS_MASK failuremask);
  101. protected:
  103. DWORD WINAPI _Pass1(PULONG cSize, PULONG cCount, BOOL fBuildAcl);
  105. DWORD WINAPI _CheckEntryList(CAccountAccess *pCAA,
  106. CAccountAccess **plistCAA,
  107. ULONG clistlength,
  108. PULONG cSize,
  109. PULONG cCount,
  110. BOOL fBuildAcl) ;
  112. DWORD WINAPI _UseEntry(CAccountAccess *pCAA,
  113. PULONG cSize,
  114. PULONG cCount,
  115. BOOL fBuildAcl);
  117. DWORD WINAPI _RemoveEntry(CAccountAccess *pCAA,
  118. PULONG cSize,
  119. PULONG cCount,
  120. BOOL fBuildAcl);
  122. DWORD WINAPI _MergeEntries(CAccountAccess *pnewCAA,
  123. CAccountAccess *poldCAA,
  124. PULONG cSize,
  125. PULONG cCount,
  126. BOOL fBuildAcl);
  128. void _BuildAccessEntry(CAccountAccess *pCAA,
  129. LPWSTR *nameptr,
  130. PACCESS_ENTRY pAccessEntry,
  131. BOOL fAbsolute);
  133. void _BuildDualAuditEntries(CAccountAccess *pCAA,
  134. LPWSTR *nameptr,
  135. PACCESS_ENTRY pae,
  136. DWORD *ccount,
  137. BOOL fAbsolute);
  139. ULONG _GetAceSize(CAccountAccess *pcaa);
  140. DWORD WINAPI _GetAccessEntrySize(CAccountAccess *pcaa,
  141. PULONG cAccessEntrySize);
  142. DWORD WINAPI _AddEntry(CIterator *ci,
  143. CAccountAccess **pcaa,
  144. PULONG pcaaindex);
  145. DWORD WINAPI _CheckForDuplicateEntries(CAccountAccess **pcaa,
  146. ULONG curindex,
  147. ULONG countold);
  148. DWORD WINAPI _SetAceFlags(ULONG AceIndex,
  149. PACL pacl,
  150. CAccountAccess *pcaa);
  152. DWORD WINAPI _ComputeEffective(CAccountAccess *pCAA,
  153. CMemberCheck *cMC,
  154. PACCESS_MASK AllowMask,
  155. PACCESS_MASK DenyMask);
  157. DWORD WINAPI _InitIterators();
  159. BOOL _fused_by_provider_independent_api; // cluge to make provider
  160. // independent masks work
  161. ULONG _aclrevision;
  162. ULONG _capabilities;
  163. CAccountAccess **_pcaaacl; // list of acl account accesses
  164. CAccountAccess **_pcaaaes; // list of access entry account accesses
  165. ULONG _pcaaaclindex;
  166. ULONG _pcaaaesindex;
  167. LPWSTR _system;
  168. IS_CONTAINER _fdir;
  169. BOOL _fsave_names_and_sids;
  170. CAclIterator *_pcacli; // acl iterator
  171. CAesIterator *_pcaeli; // access entry iterator
  172. };
  174. //----------------------------------------------------------------------------
  175. ULONG CAcl::AclRevision()
  176. {
  177. return(_aclrevision);
  178. }
  179. //----------------------------------------------------------------------------
  180. ULONG CAcl::Capabilities()
  181. {
  182. return(_capabilities);
  183. }
  184. #endif // __ACLBUILD__