You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
102 lines
2.4 KiB
102 lines
2.4 KiB
//+---------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1997.
|
|
//
|
|
// File: N C P E R M S . H
|
|
//
|
|
// Contents: Common routines for dealing with permissions.
|
|
//
|
|
// Notes: Pollute this under penalty of death.
|
|
//
|
|
// Author: shaunco 10 Oct 1997
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
#pragma once
|
|
#ifndef _NCPERMS_H_
|
|
#define _NCPERMS_H_
|
|
|
|
#include "ncdefine.h" // for NOTHROW
|
|
#include "gpbase.h"
|
|
|
|
#ifdef DBG
|
|
extern DWORD g_dwDbgPermissionsFail; // Debug flag to force permissions to fail
|
|
#endif
|
|
|
|
// Apply Masks
|
|
typedef enum tagNCPERM_APPLY_TO
|
|
{
|
|
APPLY_TO_ADMIN = 0x00000001,
|
|
APPLY_TO_NETCONFIGOPS = 0x00000002,
|
|
APPLY_TO_POWERUSERS = 0x00000004,
|
|
APPLY_TO_USER = 0x00000008,
|
|
APPLY_TO_GUEST = 0x00000010,
|
|
APPLY_TO_LOCATION = 0x00010000,
|
|
APPLY_TO_ALL_USERS = APPLY_TO_ADMIN | APPLY_TO_NETCONFIGOPS | APPLY_TO_POWERUSERS | APPLY_TO_USER,
|
|
APPLY_TO_OPS_OR_ADMIN = APPLY_TO_ADMIN | APPLY_TO_NETCONFIGOPS,
|
|
APPLY_TO_NON_ADMINS = APPLY_TO_NETCONFIGOPS | APPLY_TO_USER | APPLY_TO_POWERUSERS,
|
|
APPLY_TO_POWERUSERSPLUS = APPLY_TO_POWERUSERS | APPLY_TO_NETCONFIGOPS | APPLY_TO_ADMIN,
|
|
APPLY_TO_EVERYBODY = APPLY_TO_ALL_USERS | APPLY_TO_GUEST,
|
|
APPLY_TO_ALL = APPLY_TO_ADMIN | APPLY_TO_NETCONFIGOPS | APPLY_TO_POWERUSERS | APPLY_TO_USER | APPLY_TO_LOCATION
|
|
} NCPERM_APPLY_TO;
|
|
|
|
BOOL
|
|
FIsUserAdmin ();
|
|
|
|
BOOL
|
|
FIsUserNetworkConfigOps ();
|
|
|
|
BOOL
|
|
FIsUserPowerUser();
|
|
|
|
BOOL
|
|
FIsUserGuest();
|
|
|
|
HRESULT
|
|
HrAllocateSecurityDescriptorAllowAccessToWorld (
|
|
OUT PSECURITY_DESCRIPTOR* ppSd);
|
|
|
|
HRESULT
|
|
HrEnablePrivilege (
|
|
IN PCWSTR pszPrivilegeName);
|
|
|
|
HRESULT
|
|
HrEnableAllPrivileges (
|
|
OUT TOKEN_PRIVILEGES** pptpOld);
|
|
|
|
HRESULT
|
|
HrRestorePrivileges (
|
|
IN TOKEN_PRIVILEGES* ptpRestore);
|
|
|
|
// FHasPermission flags are defined in netconp.idl/.h
|
|
//
|
|
BOOL
|
|
FHasPermission(
|
|
IN ULONG ulPermMask,
|
|
IN /*const*/ CGroupPolicyBase* pGPBase = NULL);
|
|
|
|
BOOL
|
|
FHasPermissionFromCache(
|
|
IN ULONG ulPermMask);
|
|
|
|
VOID
|
|
RefreshAllPermission();
|
|
|
|
BOOL
|
|
FProhibitFromAdmins();
|
|
|
|
BOOL
|
|
IsHNetAllowed(
|
|
IN DWORD dwPerm
|
|
);
|
|
|
|
BOOL
|
|
FIsPolicyConfigured(
|
|
IN DWORD ulPerm);
|
|
|
|
BOOL
|
|
IsSameNetworkAsGroupPolicies();
|
|
|
|
#endif // _NCPERMS_H_
|
|
|