Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

363 lines
7.6 KiB

  1. /*++
  2. Copyright (c) 1994-1999 Microsoft Corporation
  3. Module Name :
  4. accentry.h
  5. Abstract:
  6. CAccessEntry class definitions
  7. Author:
  8. Ronald Meijer (ronaldm)
  9. Project:
  10. Internet Services Manager
  11. Revision History:
  12. 1/9/2000 sergeia Cleaned out from usrbrows.h to left only CAccessEntry
  13. --*/
  14. #ifndef _ACCENTRY_H
  15. #define _ACCENTRY_H
  16. #ifndef _SHLOBJ_H_
  17. #include <shlobj.h>
  18. #endif // _SHLOBJ_H_
  19. class COMDLL CAccessEntry : public CObjectPlus
  20. /*++
  21. Class Description:
  22. An access description entry, containing a SID and ACCESS mask
  23. of rights specifically granted.
  24. Public Interface:
  25. LookupAccountSid : Resolve account name to SID
  26. CAccessEntry : Constructors
  27. ~CAccessEntry : Destructor
  28. ResolveSID : Resolve account name to SID
  29. operator == : Comparison operator
  30. AddPermissions : Add to access mask
  31. RemovePermissions : Remove from access mask
  32. MarkEntryAsNew : Flag object as new
  33. MarkEntryAsClean : Remove dirty flag
  34. QueryUserName : Get the account name
  35. QueryPictureID : Get 0-based bitmap offset for account
  36. GetSid : Get the SID
  37. QueryAccessMask : Get the raw Access granted bits
  38. IsDirty : Determine if item has changed
  39. IsDeleted : Determine if item is flagged for deletion
  40. IsVisible : Determine if item should be shown in listbox
  41. FlagForDeletion : Flag object for deletion or reset that flag
  42. IsSIDResolved : Return TRUE if the SID has already been resolved
  43. HasAppropriateAccess : Compare access bits to see if the objects has
  44. specific permissions
  45. HasSomeAccess : Check to see if object has at least one
  46. permission bit set.
  47. IsDeletable : Determine if object can be deleted
  48. --*/
  49. {
  50. public:
  51. //
  52. // Helper function to look up account sid
  53. //
  54. static BOOL LookupAccountSid(
  55. IN CString & str,
  56. OUT int & nPictureID,
  57. OUT PSID pSid,
  58. IN LPCTSTR lpstrSystemName = NULL
  59. );
  60. //
  61. // Construction/Destruction
  62. //
  63. public:
  64. CAccessEntry(
  65. IN LPVOID pAce,
  66. IN BOOL fResolveSID = FALSE
  67. );
  68. CAccessEntry(
  69. IN ACCESS_MASK accPermissions,
  70. IN PSID pSid,
  71. IN LPCTSTR lpstrSystemName = NULL,
  72. IN BOOL fResolveSID = FALSE
  73. );
  74. CAccessEntry(
  75. IN PSID pSid,
  76. IN LPCTSTR pszUserName,
  77. IN LPCTSTR pszClassName
  78. );
  79. CAccessEntry(
  80. IN CAccessEntry& ae
  81. );
  82. ~CAccessEntry();
  83. //
  84. // Operations
  85. //
  86. public:
  87. //void SetAccessMask(LPACCESS_ENTRY lpAccessEntry);
  88. BOOL ResolveSID();
  89. BOOL operator ==(const CAccessEntry & acc) const;
  90. BOOL operator ==(const PSID pSid) const;
  91. void AddPermissions(ACCESS_MASK accnewPermissions);
  92. void RemovePermissions(ACCESS_MASK accPermissions);
  93. void MarkEntryAsNew();
  94. void MarkEntryAsClean();
  95. void MarkEntryAsChanged();
  96. //
  97. // Access Functions
  98. //
  99. public:
  100. LPCTSTR QueryUserName() const;
  101. //
  102. // The "picture" id is the 0-based index of the
  103. // bitmap that goes with this entry, and which
  104. // is used for display in the listbox.
  105. //
  106. int QueryPictureID() const;
  107. PSID GetSid();
  108. ACCESS_MASK QueryAccessMask() const;
  109. //
  110. // Check to see if this entry has undergone
  111. // any changes since we called it up
  112. //
  113. BOOL IsDirty() const;
  114. BOOL IsDeleted() const;
  115. BOOL IsVisible() const;
  116. void FlagForDeletion(
  117. IN BOOL fDelete = TRUE
  118. );
  119. //
  120. // Check to see if we've already looked up the
  121. // name of this SID
  122. //
  123. BOOL IsSIDResolved() const;
  124. //
  125. // Check to see if the add flag has been set for this
  126. // entry.
  127. //
  128. /*
  129. BOOL IsNew() const;
  130. //
  131. // Check to see if the update flag has been set for this
  132. // entry.
  133. //
  134. BOOL IsDifferent() const;
  135. */
  136. //
  137. // See if the entry has the access mask required.
  138. //
  139. BOOL HasAppropriateAccess(ACCESS_MASK accTargetMask) const;
  140. //
  141. // Check to see if the entry has at least some
  142. // privileges (if it doesn't, it should be deleted)
  143. //
  144. BOOL HasSomeAccess() const;
  145. //
  146. // See if this is a deletable entry
  147. //
  148. BOOL IsDeletable() const;
  149. private:
  150. ACCESS_MASK m_accMask;
  151. CString m_strUserName;
  152. LPTSTR m_lpstrSystemName;
  153. PSID m_pSid;
  154. BOOL m_fDirty;
  155. BOOL m_fSIDResolved;
  156. BOOL m_fDeletable;
  157. BOOL m_fInvisible;
  158. BOOL m_fDeleted;
  159. int m_nPictureID;
  160. int m_fUpdates;
  161. };
  162. //
  163. // Helper functions
  164. //
  165. // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
  166. //
  167. // Convert an oblist of CAccessEntry objects to a blob
  168. //
  169. BOOL COMDLL BuildAclBlob(
  170. IN CObListPlus & oblSID,
  171. OUT CBlob & blob
  172. );
  173. //
  174. // Reverse the above. Build an oblist of CAccessEntry lists from
  175. // a blob.
  176. //
  177. DWORD COMDLL BuildAclOblistFromBlob(
  178. IN CBlob & blob,
  179. OUT CObListPlus & oblSID
  180. );
  181. //
  182. // Build a blob representing an ACL with the local domain group
  183. //
  184. DWORD COMDLL BuildAdminAclBlob(
  185. OUT CBlob & blob
  186. );
  187. //
  188. // Inline Expansion
  189. //
  190. // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
  191. inline int CAccessEntry::QueryPictureID() const
  192. {
  193. ASSERT(m_fSIDResolved);
  194. return m_nPictureID;
  195. }
  196. inline LPCTSTR CAccessEntry::QueryUserName() const
  197. {
  198. return m_strUserName;
  199. }
  200. inline PSID CAccessEntry::GetSid()
  201. {
  202. return m_pSid;
  203. }
  204. inline ACCESS_MASK CAccessEntry::QueryAccessMask() const
  205. {
  206. return m_accMask;
  207. }
  208. inline BOOL CAccessEntry::IsDirty() const
  209. {
  210. return m_fDirty;
  211. }
  212. inline BOOL CAccessEntry::IsDeleted() const
  213. {
  214. return m_fDeleted;
  215. }
  216. inline BOOL CAccessEntry::IsVisible() const
  217. {
  218. return !m_fInvisible;
  219. }
  220. inline void CAccessEntry::FlagForDeletion(
  221. IN BOOL fDelete
  222. )
  223. {
  224. m_fDirty = TRUE;
  225. m_fDeleted = fDelete;
  226. }
  227. inline BOOL CAccessEntry::IsSIDResolved() const
  228. {
  229. return m_fSIDResolved;
  230. }
  231. /*
  232. inline BOOL CAccessEntry::IsNew() const
  233. {
  234. return (m_fUpdates & UPD_ADDED) != 0;
  235. }
  236. inline BOOL CAccessEntry::IsDifferent() const
  237. {
  238. return (m_fUpdates & UPD_CHANGED) != 0;
  239. }
  240. inline void CAccessEntry::SetAccessMask(
  241. IN LPACCESS_ENTRY lpAccessEntry
  242. )
  243. {
  244. m_accMask = lpAccessEntry->AccessRights;
  245. }
  246. */
  247. inline BOOL CAccessEntry::HasAppropriateAccess(
  248. IN ACCESS_MASK accTargetMask
  249. ) const
  250. {
  251. return (m_accMask & accTargetMask) == accTargetMask;
  252. }
  253. inline BOOL CAccessEntry::HasSomeAccess() const
  254. {
  255. return m_accMask;
  256. }
  257. inline BOOL CAccessEntry::IsDeletable() const
  258. {
  259. return m_fDeletable;
  260. }
  261. inline BOOL CAccessEntry::operator ==(
  262. IN const CAccessEntry & acc
  263. ) const
  264. {
  265. return ::EqualSid(acc.m_pSid, m_pSid);
  266. }
  267. inline BOOL CAccessEntry::operator ==(
  268. IN const PSID pSid
  269. ) const
  270. {
  271. return ::EqualSid(pSid, m_pSid);
  272. }
  273. inline void CAccessEntry::MarkEntryAsNew()
  274. {
  275. m_fDirty = TRUE;
  276. //m_fUpdates |= UPD_ADDED;
  277. }
  278. inline void CAccessEntry::MarkEntryAsClean()
  279. {
  280. m_fDirty = FALSE;
  281. //m_fUpdates = UPD_NONE;
  282. }
  283. inline void CAccessEntry::MarkEntryAsChanged()
  284. {
  285. m_fDirty = TRUE;
  286. //m_fUpdates = UPD_CHANGED;
  287. }
  288. #endif // _ACCENTRY_H