|
|
/*++
Copyright (c) 1996 Microsoft Corporation
Module Name : admacl.hxx
Abstract: This header file declares Admin API Access Check API
Author:
Philippe Choquier 26-Nov-1996--*/
#if !defined(_ADMACL_H)
#define _ADMACL_H
class CInitAdmacl{public: CInitAdmacl(); ~CInitAdmacl();};
extern CInitAdmacl g_cinitadmacl;
#define AAC_GETALL (DWORD)-1
#define AAC_ENUM_KEYS (DWORD)-2
#define AAC_COPYKEY (DWORD)-3
#define AAC_DELETEKEY (DWORD)-4
#define ISPATHDELIM(a) ((a)=='/' || (a)=='\\')
#define ISPATHDELIMW(a) ((a)==(WCHAR)'/' || (a)==(WCHAR)'\\')
#define ADMINACL_NONINIT_SIGN 0x4b6d2dc9
#define ADMINACL_INIT_SIGN 0x5a6d2dc9
#define ADMINACL_FREED_SIGN 0x676d2dc9
class CAdminAcl{public: CAdminAcl() { m_cRef = 1; m_wchPath[0] = '\0'; m_dwAclRef = 0; m_pAcl = NULL; m_pMDCom = NULL; m_dwSignature = ADMINACL_NONINIT_SIGN; }
~CAdminAcl();
DWORD AddRef();
DWORD Release();
LPWSTR GetPath() { return m_wchPath; }
BOOL Init( IMDCOM*, LPVOID pvAdmin, METADATA_HANDLE hAdminHandle, LPCWSTR pszPath, LPBYTE pAcl, DWORD dwAclRef, PBOOL pbIsPathCorrect );
LPBYTE GetAcl() { return m_pAcl; }
METADATA_HANDLE GetAdminHandle() { return m_hAdminHandle; }
LPVOID GetAdminContext() { return m_pvAdmin; }
public: DWORD m_dwSignature;
private: WCHAR m_wchPath[MAX_PATH]; METADATA_HANDLE m_hAdminHandle; LPBYTE m_pAcl; DWORD m_dwAclRef; LPVOID m_pvAdmin; IMDCOM* m_pMDCom; volatile DWORD m_cRef;};
#define MAX_CACHED_ADMIN_ACL 256
class CAdminAclCache{private: // Disable usage (no implementation)
CAdminAclCache(const CAdminAclCache&); void operator=(const CAdminAclCache&);
public: CAdminAclCache();
~CAdminAclCache();
STDMETHODIMP Init();
STDMETHODIMP IsEnabled();
STDMETHODIMP IsEmpty();
STDMETHODIMP Disable();
STDMETHODIMP Enable();
STDMETHODIMP Flush();
STDMETHODIMP Remove(LPVOID pvAdmin, METADATA_HANDLE hAdminHandle);
STDMETHODIMP Find(LPVOID pvAdmin, METADATA_HANDLE hAdminHandle, LPCWSTR pszRelPath, CAdminAcl **ppAdminAcl);
STDMETHODIMP Add(CAdminAcl *pAdminAcl);
private: STDMETHODIMP _Find(LPVOID pvAdmin, METADATA_HANDLE hAdminHandle, LPCWSTR pszRelPath, CAdminAcl **ppAdminAcl, DWORD *pdwIndex);
STDMETHODIMP _MoveFirst(DWORD i); STDMETHODIMP _InsertFirst(CAdminAcl *pAdminAcl, CAdminAcl **ppAdminAclToRelease);
volatile LONG m_fEnabled; volatile DWORD m_cAdminAclCache; CAdminAcl *m_rgpAdminAclCache[MAX_CACHED_ADMIN_ACL]; CReaderWriterLock3 m_Lock;};
extern CAdminAclCache g_AclCache;
class COpenHandle{public: COpenHandle() : m_pszPath( NULL ) {}
~COpenHandle() { if( m_pszPath ) { LocalFree(m_pszPath); } }
LPWSTR GetPath() { return m_pszPath; }
HRESULT Init(METADATA_HANDLE hAdminHandle, LPCWSTR pszPath, LPCWSTR pszParentPath );
METADATA_HANDLE GetAdminHandle() { return m_hAdminHandle; }
BOOL GetAcl( IMDCOM* pMDCom, LPCWSTR pszPath, LPBYTE* pAcl, LPDWORD pdwRef );
BOOL CheckSubAcls( IMDCOM *pMDCom, LPCWSTR pszPath, LPBOOL pfIsAnyAcl );
VOID AddRef() {InterlockedIncrement(&m_lRefCount);} VOID Release(PVOID pvAdmin);
private: LPWSTR m_pszPath; METADATA_HANDLE m_hAdminHandle; long m_lRefCount;} ;
BOOLAdminAclNotifySetOrDeleteProp( METADATA_HANDLE hMB, DWORD dwId );
BOOLAdminAclAccessCheck( IMDCOM* pMDCom, LPVOID pvAdmin, METADATA_HANDLE hMB, LPCWSTR pszPath, DWORD dwId, // check for MD_ADMIN_ACL, must have special right to write them
DWORD dwAccess, // METADATA_PERMISSION_*
COpenHandle* pohHandle, LPBOOL pfEnableSecureAccess = NULL );
BOOLAdminAclNotifyOpen( LPVOID pvAdmin, METADATA_HANDLE hMB, LPCWSTR pszPath, BOOL fIsNse );
BOOLAdminAclNotifyClose( LPVOID pvAdmin, METADATA_HANDLE hMB );
BOOLAdminAclFlushCache( );
voidAdminAclDisableAclCache();
voidAdminAclEnableAclCache();
#endif
|
