Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

363 lines
7.6 KiB

/*++
Copyright (c) 1994-1999 Microsoft Corporation
Module Name :
accentry.h
Abstract:
CAccessEntry class definitions
Author:
Ronald Meijer (ronaldm)
Project:
Internet Services Manager
Revision History:
1/9/2000 sergeia Cleaned out from usrbrows.h to left only CAccessEntry
--*/
#ifndef _ACCENTRY_H
#define _ACCENTRY_H
#ifndef _SHLOBJ_H_
#include <shlobj.h>
#endif // _SHLOBJ_H_
class COMDLL CAccessEntry : public CObjectPlus
/*++
Class Description:
An access description entry, containing a SID and ACCESS mask
of rights specifically granted.
Public Interface:
LookupAccountSid : Resolve account name to SID
CAccessEntry : Constructors
~CAccessEntry : Destructor
ResolveSID : Resolve account name to SID
operator == : Comparison operator
AddPermissions : Add to access mask
RemovePermissions : Remove from access mask
MarkEntryAsNew : Flag object as new
MarkEntryAsClean : Remove dirty flag
QueryUserName : Get the account name
QueryPictureID : Get 0-based bitmap offset for account
GetSid : Get the SID
QueryAccessMask : Get the raw Access granted bits
IsDirty : Determine if item has changed
IsDeleted : Determine if item is flagged for deletion
IsVisible : Determine if item should be shown in listbox
FlagForDeletion : Flag object for deletion or reset that flag
IsSIDResolved : Return TRUE if the SID has already been resolved
HasAppropriateAccess : Compare access bits to see if the objects has
specific permissions
HasSomeAccess : Check to see if object has at least one
permission bit set.
IsDeletable : Determine if object can be deleted
--*/
{
public:
//
// Helper function to look up account sid
//
static BOOL LookupAccountSid(
IN CString & str,
OUT int & nPictureID,
OUT PSID pSid,
IN LPCTSTR lpstrSystemName = NULL
);
//
// Construction/Destruction
//
public:
CAccessEntry(
IN LPVOID pAce,
IN BOOL fResolveSID = FALSE
);
CAccessEntry(
IN ACCESS_MASK accPermissions,
IN PSID pSid,
IN LPCTSTR lpstrSystemName = NULL,
IN BOOL fResolveSID = FALSE
);
CAccessEntry(
IN PSID pSid,
IN LPCTSTR pszUserName,
IN LPCTSTR pszClassName
);
CAccessEntry(
IN CAccessEntry& ae
);
~CAccessEntry();
//
// Operations
//
public:
//void SetAccessMask(LPACCESS_ENTRY lpAccessEntry);
BOOL ResolveSID();
BOOL operator ==(const CAccessEntry & acc) const;
BOOL operator ==(const PSID pSid) const;
void AddPermissions(ACCESS_MASK accnewPermissions);
void RemovePermissions(ACCESS_MASK accPermissions);
void MarkEntryAsNew();
void MarkEntryAsClean();
void MarkEntryAsChanged();
//
// Access Functions
//
public:
LPCTSTR QueryUserName() const;
//
// The "picture" id is the 0-based index of the
// bitmap that goes with this entry, and which
// is used for display in the listbox.
//
int QueryPictureID() const;
PSID GetSid();
ACCESS_MASK QueryAccessMask() const;
//
// Check to see if this entry has undergone
// any changes since we called it up
//
BOOL IsDirty() const;
BOOL IsDeleted() const;
BOOL IsVisible() const;
void FlagForDeletion(
IN BOOL fDelete = TRUE
);
//
// Check to see if we've already looked up the
// name of this SID
//
BOOL IsSIDResolved() const;
//
// Check to see if the add flag has been set for this
// entry.
//
/*
BOOL IsNew() const;
//
// Check to see if the update flag has been set for this
// entry.
//
BOOL IsDifferent() const;
*/
//
// See if the entry has the access mask required.
//
BOOL HasAppropriateAccess(ACCESS_MASK accTargetMask) const;
//
// Check to see if the entry has at least some
// privileges (if it doesn't, it should be deleted)
//
BOOL HasSomeAccess() const;
//
// See if this is a deletable entry
//
BOOL IsDeletable() const;
private:
ACCESS_MASK m_accMask;
CString m_strUserName;
LPTSTR m_lpstrSystemName;
PSID m_pSid;
BOOL m_fDirty;
BOOL m_fSIDResolved;
BOOL m_fDeletable;
BOOL m_fInvisible;
BOOL m_fDeleted;
int m_nPictureID;
int m_fUpdates;
};
//
// Helper functions
//
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
//
// Convert an oblist of CAccessEntry objects to a blob
//
BOOL COMDLL BuildAclBlob(
IN CObListPlus & oblSID,
OUT CBlob & blob
);
//
// Reverse the above. Build an oblist of CAccessEntry lists from
// a blob.
//
DWORD COMDLL BuildAclOblistFromBlob(
IN CBlob & blob,
OUT CObListPlus & oblSID
);
//
// Build a blob representing an ACL with the local domain group
//
DWORD COMDLL BuildAdminAclBlob(
OUT CBlob & blob
);
//
// Inline Expansion
//
// <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
inline int CAccessEntry::QueryPictureID() const
{
ASSERT(m_fSIDResolved);
return m_nPictureID;
}
inline LPCTSTR CAccessEntry::QueryUserName() const
{
return m_strUserName;
}
inline PSID CAccessEntry::GetSid()
{
return m_pSid;
}
inline ACCESS_MASK CAccessEntry::QueryAccessMask() const
{
return m_accMask;
}
inline BOOL CAccessEntry::IsDirty() const
{
return m_fDirty;
}
inline BOOL CAccessEntry::IsDeleted() const
{
return m_fDeleted;
}
inline BOOL CAccessEntry::IsVisible() const
{
return !m_fInvisible;
}
inline void CAccessEntry::FlagForDeletion(
IN BOOL fDelete
)
{
m_fDirty = TRUE;
m_fDeleted = fDelete;
}
inline BOOL CAccessEntry::IsSIDResolved() const
{
return m_fSIDResolved;
}
/*
inline BOOL CAccessEntry::IsNew() const
{
return (m_fUpdates & UPD_ADDED) != 0;
}
inline BOOL CAccessEntry::IsDifferent() const
{
return (m_fUpdates & UPD_CHANGED) != 0;
}
inline void CAccessEntry::SetAccessMask(
IN LPACCESS_ENTRY lpAccessEntry
)
{
m_accMask = lpAccessEntry->AccessRights;
}
*/
inline BOOL CAccessEntry::HasAppropriateAccess(
IN ACCESS_MASK accTargetMask
) const
{
return (m_accMask & accTargetMask) == accTargetMask;
}
inline BOOL CAccessEntry::HasSomeAccess() const
{
return m_accMask;
}
inline BOOL CAccessEntry::IsDeletable() const
{
return m_fDeletable;
}
inline BOOL CAccessEntry::operator ==(
IN const CAccessEntry & acc
) const
{
return ::EqualSid(acc.m_pSid, m_pSid);
}
inline BOOL CAccessEntry::operator ==(
IN const PSID pSid
) const
{
return ::EqualSid(pSid, m_pSid);
}
inline void CAccessEntry::MarkEntryAsNew()
{
m_fDirty = TRUE;
//m_fUpdates |= UPD_ADDED;
}
inline void CAccessEntry::MarkEntryAsClean()
{
m_fDirty = FALSE;
//m_fUpdates = UPD_NONE;
}
inline void CAccessEntry::MarkEntryAsChanged()
{
m_fDirty = TRUE;
//m_fUpdates = UPD_CHANGED;
}
#endif // _ACCENTRY_H