archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/shell/osshell/security/aclui/perm.h

240 lines
9.0 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1996 - 1999
  6. //
  7. // File: perm.cpp
  8. //
  9. // This file contains the implementation for the simple permission
  10. // editor page.
  11. //
  12. //--------------------------------------------------------------------------
  14. #include "permset.h"
  15. #include "sddl.h" // ConvertSidToStringSid
  17. #define IDN_CHECKSELECTION 1
  19. void SelectListViewItem(HWND hwndList, int iItem);
  22. //
  23. // Context Help IDs.
  24. //
  25. const static DWORD aPermPageHelpIDs[] =
  26. {
  27. IDC_SPP_GROUP_USER_NAME, IDH_SPP_PRINCIPALS,
  28. IDC_SPP_PRINCIPALS, IDH_SPP_PRINCIPALS,
  29. IDC_SPP_ADD, IDH_SPP_ADD,
  30. IDC_SPP_REMOVE, IDH_SPP_REMOVE,
  31. IDC_SPP_ACCESS, IDH_SPP_PERMS,
  32. IDC_SPP_ACCESS_BIG, IDH_SPP_PERMS,
  33. IDC_SPP_ALLOW, IDH_SPP_PERMS,
  34. IDC_SPP_DENY, IDH_SPP_PERMS,
  35. IDC_SPP_PERMS, IDH_SPP_PERMS,
  36. IDC_SPP_STATIC_ADV, IDH_SPP_ADVANCED,
  37. IDC_SPP_ADVANCED, IDH_SPP_ADVANCED,
  38. IDC_SPP_MORE_MSG, IDH_NOHELP,
  39. 0, 0,
  40. };
  43. class CPrincipal;
  44. typedef class CPrincipal *LPPRINCIPAL;
  45. class CSecurityInfo;
  48. class CPermPage : public CSecurityPage
  49. {
  50. private:
  51. SECURITY_DESCRIPTOR_CONTROL m_wSDControl;
  52. WORD m_wDaclRevision;
  53. PSI_ACCESS m_pDefaultAccess;
  54. BOOL m_fPageDirty;
  55. BOOL m_fBusy;
  56. BOOL m_bWasDenyAcl;
  57. BOOL m_bCustomPermission;
  58. HCURSOR m_hcurBusy;
  59. HWND m_hEffectivePerm;
  60. DWORD m_cInheritableAces;
  61. SI_ACCESS m_CustomAccess;
  62. //This is set to true when user cannot read and write dacl however
  63. //has right to change owner. After changing owner, user will be able
  64. //to read/write acl. ACLUI doesn't have refresh function so user needs
  65. //to close and reopen the property sheet. So if m_CustomAccess is set
  66. //to true and user changes owner we will show an error message to close
  67. //and reopen the property sheet.
  68. //NTRAID#NTBUG9-621338-2002/05/23-hiteshr
  69. BOOL m_bNoReadWriteCanWriteOwner;
  71. public:
  72. CPermPage(LPSECURITYINFO psi)
  73. : CSecurityPage(psi, SI_PAGE_PERM),
  74. m_wDaclRevision(ACL_REVISION),
  75. m_hEffectivePerm(NULL),
  76. m_cInheritableAces(0),
  77. m_bNoReadWriteCanWriteOwner(FALSE)
  78. { m_hcurBusy = LoadCursor(NULL, IDC_APPSTARTING); }
  80. private:
  81. virtual BOOL DlgProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam);
  82. BOOL InitDlg(HWND hDlg);
  83. void InitPrincipalList(HWND hDlg, PACL pDacl);
  84. HRESULT InitCheckList(HWND hDlg);
  85. void EnumerateAcl(HWND hwndList, PACL pAcl);
  86. HRESULT SetPrincipalNamesInList(HWND hwndList, PSID pSid = NULL);
  88. int AddPrincipalToList(HWND hwndList, LPPRINCIPAL pPrincipal);
  89. BOOL OnNotify(HWND hDlg, int idCtrl, LPNMHDR pnmh);
  90. void OnSelChange(HWND hDlg, BOOL bClearFirst = TRUE, BOOL bClearCustomAllow = FALSE, BOOL bClearCustomDeny = FALSE);
  91. void OnApply(HWND hDlg, BOOL bClose);
  92. HRESULT BuildDacl(HWND hDlg,
  93. PSECURITY_DESCRIPTOR *ppSD,
  94. BOOL fIncludeInherited);
  95. HRESULT SetDacl(HWND hDlg,
  96. PSECURITY_DESCRIPTOR psd,
  97. BOOL bDirty = FALSE);
  98. void OnAddPrincipal(HWND hDlg);
  99. void OnRemovePrincipal(HWND hDlg);
  100. void OnAdvanced(HWND hDlg);
  101. void EnablePrincipalControls(HWND hDlg, BOOL fEnable);
  102. void CommitCurrent(HWND hDlg, int iPrincipal = -1);
  103. void OnSize(HWND hDlg, DWORD dwSizeType, ULONG nWidth, ULONG nHeight);
  104. void ClearPermissions(HWND hwndList, BOOL bDisabled = TRUE);
  105. void SetDirty(HWND hDlg, BOOL bDefault = FALSE);
  106. void SetEffectivePerm(HWND hwnd){m_hEffectivePerm = hwnd;}
  107. VOID SetPermLabelText(HWND hDlg);
  109. friend class CPrincipal;
  110. friend class CSecurityInfo;
  111. };
  112. typedef class CPermPage *PPERMPAGE;
  114. class CPrincipal
  115. {
  116. private:
  117. PPERMPAGE m_pPage;
  118. LPTSTR m_pszName;
  119. LPTSTR m_pszDisplayName; //This is only name. Doesn't include Logon Name
  120. PSID m_pSID;
  121. SID_IMAGE_INDEX m_nImageIndex;
  122. BOOL m_bHaveRealName;
  124. public:
  125. CPermissionSet m_permDeny;
  126. CPermissionSet m_permAllow;
  127. CPermissionSet m_permInheritedDeny;
  128. CPermissionSet m_permInheritedAllow;
  130. HDSA m_hAdditionalAllow;
  131. HDSA m_hAdditionalDeny;
  133. public:
  134. CPrincipal(CPermPage *pPage) : m_pPage(pPage), m_nImageIndex(SID_IMAGE_UNKNOWN),
  135. m_pszDisplayName(NULL) {}
  136. ~CPrincipal();
  138. BOOL SetPrincipal(PSID pSID,
  139. SID_NAME_USE sidType = SidTypeUnknown,
  140. LPCTSTR pszName = NULL,
  141. LPCTSTR pszLogonName = NULL);
  142. BOOL SetName(LPCTSTR pszName, LPCTSTR pszLogonName = NULL);
  143. void SetSidType(SID_NAME_USE sidType) { m_nImageIndex = GetSidImageIndex(m_pSID, sidType); }
  144. PSID GetSID() const { return m_pSID; }
  145. LPCTSTR GetName() const { return m_pszName; }
  146. LPCTSTR GetDisplayName() const{ return m_pszDisplayName ? m_pszDisplayName : m_pszName; }
  147. int GetImageIndex() const { return m_nImageIndex; }
  149. BOOL HaveRealName() { return m_bHaveRealName; }
  151. BOOL AddAce(PACE_HEADER pAce);
  152. ULONG GetAclLength(DWORD dwFlags);
  153. BOOL AppendToAcl(PACL pAcl, DWORD dwFlags, PACE_HEADER *ppAcePos);
  155. BOOL HaveInheritedAces(void);
  156. void ConvertInheritedAces(BOOL bDelete);
  158. void AddPermission(BOOL bAllow, PPERMISSION pperm);
  159. void RemovePermission(BOOL bAllow, PPERMISSION pperm);
  161. private:
  162. CPermissionSet* GetPermSet(DWORD dwType, BOOL bInherited);
  163. BOOL AddNormalAce(DWORD dwType, DWORD dwFlags, ACCESS_MASK mask, const GUID *pObjectType);
  164. BOOL AddAdvancedAce(DWORD dwType, PACE_HEADER pAce);
  165. };
  167. // flag bits for GetAclLength & AppendToAcl
  168. #define ACL_NONINHERITED 0x00010000L
  169. #define ACL_INHERITED 0x00020000L
  170. #define ACL_DENY 0x00040000L
  171. #define ACL_ALLOW 0x00080000L
  172. #define ACL_CHECK_CREATOR 0x00100000L
  173. #define ACL_NONOBJECT PS_NONOBJECT
  174. #define ACL_OBJECT PS_OBJECT
  177. //
  178. // Wrapper for ISecurityInformation. Used when invoking
  179. // the advanced ACL editor
  180. //
  181. class CSecurityInfo : public ISecurityInformation, ISecurityInformation2,
  182. IEffectivePermission, ISecurityObjectTypeInfo
  183. , IDsObjectPicker
  184. {
  185. private:
  186. ULONG m_cRef;
  187. PPERMPAGE m_pPage;
  188. HWND m_hDlg;
  190. public:
  191. CSecurityInfo(PPERMPAGE pPage, HWND hDlg)
  192. : m_cRef(1), m_pPage(pPage), m_hDlg(hDlg) {}
  194. // IUnknown methods
  195. STDMETHODIMP QueryInterface(REFIID, LPVOID *);
  196. STDMETHODIMP_(ULONG) AddRef();
  197. STDMETHODIMP_(ULONG) Release();
  199. // ISecurityInformation methods
  200. STDMETHODIMP GetObjectInformation(PSI_OBJECT_INFO pObjectInfo);
  201. STDMETHODIMP GetSecurity(SECURITY_INFORMATION si,
  202. PSECURITY_DESCRIPTOR *ppSD,
  203. BOOL fDefault);
  204. STDMETHODIMP SetSecurity(SECURITY_INFORMATION si,
  205. PSECURITY_DESCRIPTOR pSD);
  206. STDMETHODIMP GetAccessRights(const GUID* pguidObjectType,
  207. DWORD dwFlags,
  208. PSI_ACCESS *ppAccess,
  209. ULONG *pcAccesses,
  210. ULONG *piDefaultAccess);
  211. STDMETHODIMP MapGeneric(const GUID* pguidObjectType,
  212. UCHAR *pAceFlags,
  213. ACCESS_MASK *pmask);
  214. STDMETHODIMP GetInheritTypes(PSI_INHERIT_TYPE *ppInheritTypes,
  215. ULONG *pcInheritTypes);
  216. STDMETHODIMP PropertySheetPageCallback(HWND hwnd, UINT uMsg, SI_PAGE_TYPE uPage);
  218. // ISecurityInformation2 methods
  219. STDMETHODIMP_(BOOL) IsDaclCanonical(PACL pDacl);
  220. STDMETHODIMP LookupSids(ULONG cSids, PSID *rgpSids, LPDATAOBJECT *ppdo);
  222. // IDsObjectPicker methods
  223. STDMETHODIMP Initialize(PDSOP_INIT_INFO pInitInfo);
  224. STDMETHODIMP InvokeDialog(HWND hwndParent, IDataObject **ppdoSelection);
  226. STDMETHOD(GetInheritSource)(SECURITY_INFORMATION si,
  227. PACL pACL,
  228. PINHERITED_FROM *ppInheritArray);
  230. STDMETHOD(GetEffectivePermission) ( THIS_ const GUID* pguidObjectType,
  231. PSID pUserSid,
  232. LPCWSTR pszServerName,
  233. PSECURITY_DESCRIPTOR pSD,
  234. POBJECT_TYPE_LIST *ppObjectTypeList,
  235. ULONG *pcObjectTypeListLength,
  236. PACCESS_MASK *ppGrantedAccessList,
  237. ULONG *pcGrantedAccessListLength);
  240. };