Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

517 lines
15 KiB

/*++ BUILD Version: 0001 // Increment this if a change has global effects ;both
;both
Copyright (c) 1993-1999, Microsoft Corporation ;both
;both
Module Name: ;both
;both
aclapi.h
aclapip.h ;internal
;both
Abstract: ;both
;both
Public
Private ;internal
Structure/constant definitions and typedefines for the Win32 Access ;both
Control APIs ;both
;both
--*/ ;both
#ifndef __ACCESS_CONTROL_API__
#define __ACCESS_CONTROL_API__
#ifndef __ACCESS_CONTROL_API_P__ ;internal
#define __ACCESS_CONTROL_API_P__ ;internal
;both
#include <windows.h>
#include <accctrl.h>
#ifdef __cplusplus ;both
extern "C" { ;both
#endif ;both
//
// Progress Function:
// Caller of tree operation implements this Progress function, then
// passes its function pointer to tree operation.
// Tree operation invokes Progress function to provide progress and error
// information to the caller during the potentially long execution
// of the tree operation. Tree operation provides the name of the object
// last processed and the error status of the operation on that object.
// Tree operation also passes the current InvokeSetting value.
// Caller may change the InvokeSetting value, for example, from "Always"
// to "Only On Error."
//
typedef VOID (*FN_PROGRESS) (
IN LPWSTR pObjectName, // name of object just processed
IN DWORD Status, // status of operation on object
IN OUT PPROG_INVOKE_SETTING pInvokeSetting, // Never, always,
IN PVOID Args, // Caller specific data
IN BOOL SecuritySet // Whether security was set
);
WINADVAPI
DWORD
WINAPI
SetEntriesInAcl%(
IN ULONG cCountOfExplicitEntries,
IN PEXPLICIT_ACCESS_% pListOfExplicitEntries,
IN PACL OldAcl,
OUT PACL * NewAcl
);
WINADVAPI
DWORD
WINAPI
GetExplicitEntriesFromAcl%(
IN PACL pacl,
OUT PULONG pcCountOfExplicitEntries,
OUT PEXPLICIT_ACCESS_% * pListOfExplicitEntries
);
WINADVAPI
DWORD
WINAPI
GetEffectiveRightsFromAcl%(
IN PACL pacl,
IN PTRUSTEE_% pTrustee,
OUT PACCESS_MASK pAccessRights
);
WINADVAPI
DWORD
WINAPI
GetAuditedPermissionsFromAcl%(
IN PACL pacl,
IN PTRUSTEE_% pTrustee,
OUT PACCESS_MASK pSuccessfulAuditedRights,
OUT PACCESS_MASK pFailedAuditRights
);
WINADVAPI
DWORD
WINAPI
GetNamedSecurityInfo%(
IN LPTSTR% pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
OUT PSID * ppsidOwner,
OUT PSID * ppsidGroup,
OUT PACL * ppDacl,
OUT PACL * ppSacl,
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor
);
WINADVAPI
DWORD
WINAPI
GetSecurityInfo(
IN HANDLE handle,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
OUT PSID * ppsidOwner,
OUT PSID * ppsidGroup,
OUT PACL * ppDacl,
OUT PACL * ppSacl,
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor
);
WINADVAPI
DWORD
WINAPI
SetNamedSecurityInfo%(
IN LPTSTR% pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID psidOwner,
IN PSID psidGroup,
IN PACL pDacl,
IN PACL pSacl
);
WINADVAPI
DWORD
WINAPI
SetSecurityInfo(
IN HANDLE handle,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID psidOwner,
IN PSID psidGroup,
IN PACL pDacl,
IN PACL pSacl
);
WINADVAPI
DWORD
WINAPI
GetInheritanceSource%(
IN LPTSTR% pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN BOOL Container,
IN GUID ** pObjectClassGuids OPTIONAL,
IN DWORD GuidCount,
IN PACL pAcl,
IN PFN_OBJECT_MGR_FUNCTS pfnArray OPTIONAL,
IN PGENERIC_MAPPING pGenericMapping,
OUT PINHERITED_FROM% pInheritArray
);
WINADVAPI
DWORD
WINAPI
FreeInheritedFromArray(
IN PINHERITED_FROMW pInheritArray,
IN USHORT AceCnt,
IN PFN_OBJECT_MGR_FUNCTS pfnArray OPTIONAL
);
WINADVAPI
DWORD
WINAPI
TreeResetNamedSecurityInfo%(
IN LPTSTR% pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID pOwner,
IN PSID pGroup,
IN PACL pDacl,
IN PACL pSacl,
IN BOOL KeepExplicit,
IN FN_PROGRESS fnProgress,
IN PROG_INVOKE_SETTING ProgressInvokeSetting,
IN PVOID Args
);
//----------------------------------------------------------------------------
// The following API are provided for trusted servers to use to
// implement access control on their own objects.
//----------------------------------------------------------------------------
WINADVAPI
DWORD
WINAPI
BuildSecurityDescriptor%(
IN PTRUSTEE_% pOwner,
IN PTRUSTEE_% pGroup,
IN ULONG cCountOfAccessEntries,
IN PEXPLICIT_ACCESS_% pListOfAccessEntries,
IN ULONG cCountOfAuditEntries,
IN PEXPLICIT_ACCESS_% pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pOldSD,
OUT PULONG pSizeNewSD,
OUT PSECURITY_DESCRIPTOR * pNewSD
);
WINADVAPI
DWORD
WINAPI
LookupSecurityDescriptorParts%(
OUT PTRUSTEE_% * pOwner,
OUT PTRUSTEE_% * pGroup,
OUT PULONG cCountOfAccessEntries,
OUT PEXPLICIT_ACCESS_% * pListOfAccessEntries,
OUT PULONG cCountOfAuditEntries,
OUT PEXPLICIT_ACCESS_% * pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pSD
);
//----------------------------------------------------------------------------
// The following helper API are provided for building
// access control structures.
//----------------------------------------------------------------------------
WINADVAPI
VOID
WINAPI
BuildExplicitAccessWithName%(
IN OUT PEXPLICIT_ACCESS_% pExplicitAccess,
IN LPTSTR% pTrusteeName,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance
);
WINADVAPI
VOID
WINAPI
BuildImpersonateExplicitAccessWithName%(
IN OUT PEXPLICIT_ACCESS_% pExplicitAccess,
IN LPTSTR% pTrusteeName,
IN PTRUSTEE_% pTrustee,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance
);
WINADVAPI
VOID
WINAPI
BuildTrusteeWithName%(
IN OUT PTRUSTEE_% pTrustee,
IN LPTSTR% pName
);
WINADVAPI
VOID
WINAPI
BuildImpersonateTrustee%(
IN OUT PTRUSTEE_% pTrustee,
IN PTRUSTEE_% pImpersonateTrustee
);
WINADVAPI
VOID
WINAPI
BuildTrusteeWithSid%(
IN OUT PTRUSTEE_% pTrustee,
IN PSID pSid
);
WINADVAPI
VOID
WINAPI
BuildTrusteeWithObjectsAndSid%(
IN OUT PTRUSTEE_% pTrustee,
IN POBJECTS_AND_SID pObjSid,
IN GUID * pObjectGuid,
IN GUID * pInheritedObjectGuid,
IN PSID pSid
);
WINADVAPI
VOID
WINAPI
BuildTrusteeWithObjectsAndName%(
IN OUT PTRUSTEE_% pTrustee,
IN POBJECTS_AND_NAME_% pObjName,
IN SE_OBJECT_TYPE ObjectType,
IN LPTSTR% ObjectTypeName,
IN LPTSTR% InheritedObjectTypeName,
IN LPTSTR% Name
);
WINADVAPI
LPTSTR%
WINAPI
GetTrusteeName%(
IN PTRUSTEE_% pTrustee
);
WINADVAPI
TRUSTEE_TYPE
WINAPI
GetTrusteeType%(
IN PTRUSTEE_% pTrustee
);
WINADVAPI
TRUSTEE_FORM
WINAPI
GetTrusteeForm%(
IN PTRUSTEE_% pTrustee
);
WINADVAPI
MULTIPLE_TRUSTEE_OPERATION
WINAPI
GetMultipleTrusteeOperation%(
IN PTRUSTEE_% pTrustee
);
WINADVAPI
PTRUSTEE_%
WINAPI
GetMultipleTrustee%(
IN PTRUSTEE_% pTrustee
);
;begin_internal
#if(_WIN32_WINNT >= 0x0500)
WINADVAPI
DWORD
WINAPI
GetNamedSecurityInfoEx%(
IN LPCTSTR% lpObject,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN LPCTSTR% lpProvider,
IN LPCTSTR% lpProperty,
OUT PACTRL_ACCESS% *ppAccessList,
OUT PACTRL_AUDIT% *ppAuditList,
OUT LPTSTR% *lppOwner,
OUT LPTSTR% *lppGroup
);
WINADVAPI
DWORD
WINAPI
SetNamedSecurityInfoEx%(
IN LPCTSTR% lpObject,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN LPCTSTR% lpProvider,
IN PACTRL_ACCESS% pAccessList,
IN PACTRL_AUDIT% pAuditList,
IN LPTSTR% lpOwner,
IN LPTSTR% lpGroup,
IN PACTRL_OVERLAPPED pOverlapped
);
WINADVAPI
DWORD
WINAPI
GetSecurityInfoEx%(
IN HANDLE hObject,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN LPCTSTR% lpProvider,
IN LPCTSTR% lpProperty,
OUT PACTRL_ACCESS% *ppAccessList,
OUT PACTRL_AUDIT% *ppAuditList,
OUT LPTSTR% *lppOwner,
OUT LPTSTR% *lppGroup
);
WINADVAPI
DWORD
WINAPI
SetSecurityInfoEx%(
IN HANDLE hObject,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN LPCTSTR% lpProvider,
IN PACTRL_ACCESS% pAccessList,
IN PACTRL_AUDIT% pAuditList,
IN LPTSTR% lpOwner,
IN LPTSTR% lpGroup,
OUT PACTRL_OVERLAPPED pOverlapped
);
WINADVAPI
DWORD
WINAPI
ConvertAccessToSecurityDescriptor%(
IN PACTRL_ACCESS% pAccessList,
IN PACTRL_AUDIT% pAuditList,
IN LPCTSTR% lpOwner,
IN LPCTSTR% lpGroup,
OUT PSECURITY_DESCRIPTOR *ppSecDescriptor
);
WINADVAPI
DWORD
WINAPI
ConvertSecurityDescriptorToAccess%(
IN HANDLE hObject,
IN SE_OBJECT_TYPE ObjectType,
IN PSECURITY_DESCRIPTOR pSecDescriptor,
OUT PACTRL_ACCESS% *ppAccessList,
OUT PACTRL_AUDIT% *ppAuditList,
OUT LPTSTR% *lppOwner,
OUT LPTSTR% *lppGroup
);
WINADVAPI
DWORD
WINAPI
ConvertSecurityDescriptorToAccessNamed%(
IN LPCTSTR% lpObject,
IN SE_OBJECT_TYPE ObjectType,
IN PSECURITY_DESCRIPTOR pSecDescriptor,
OUT PACTRL_ACCESS% *ppAccessList,
OUT PACTRL_AUDIT% *ppAuditList,
OUT LPTSTR% *lppOwner,
OUT LPTSTR% *lppGroup
);
WINADVAPI
DWORD
WINAPI
SetEntriesInAccessList%(
IN ULONG cEntries,
IN PACTRL_ACCESS_ENTRY% pAccessEntryList,
IN ACCESS_MODE AccessMode,
IN LPCTSTR% lpProperty,
IN PACTRL_ACCESS% pOldList,
OUT PACTRL_ACCESS% *ppNewList
);
WINADVAPI
DWORD
WINAPI
SetEntriesInAuditList%(
IN ULONG cEntries,
IN PACTRL_ACCESS_ENTRY% pAccessEntryList,
IN ACCESS_MODE AccessMode,
IN LPCTSTR% lpProperty,
IN PACTRL_AUDIT% pOldList,
OUT PACTRL_AUDIT% *ppNewList
);
WINADVAPI
DWORD
WINAPI
TrusteeAccessToObject%(
IN LPCTSTR% lpObject,
IN SE_OBJECT_TYPE ObjectType,
IN LPCTSTR% lpProvider,
IN PTRUSTEE_% pTrustee,
IN ULONG cEntries,
IN OUT PTRUSTEE_ACCESS% pTrusteeAccess
);
WINADVAPI
DWORD
WINAPI
GetOverlappedAccessResults(
IN PACTRL_OVERLAPPED pOverlapped,
IN BOOL fWaitForCompletion,
OUT PDWORD pResult,
OUT PULONG pcItemsProcessed OPTIONAL
);
WINADVAPI
DWORD
WINAPI
CancelOverlappedAccess(
IN PACTRL_OVERLAPPED pOverlapped
);
WINADVAPI
DWORD
WINAPI
GetAccessPermissionsForObject%(
IN LPCTSTR% lpObject,
IN SE_OBJECT_TYPE ObjectType,
IN LPCTSTR% lpObjType,
IN LPCTSTR% lpProvider,
OUT PULONG pcEntries,
OUT PACTRL_ACCESS_INFO% *ppAccessInfoList,
OUT PULONG pcRights,
OUT PACTRL_CONTROL_INFO% *ppRightsList,
OUT PULONG pfAccessFlags
);
#endif /* _WIN32_WINNT >= 0x0500 */
;end_internal
//
// Temporary requirement for the technology preview, no longer required
//
#define AccProvInit(err)
#ifdef __cplusplus ;both
} ;both
#endif ;both
#endif // endif __ACCESS_CONTROL_API_P__ ;internal
#endif // __ACCESS_CONTROL_API__