archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
 
 
 
 
 
 
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/shell/osshell/security/aclui/perm.h

240 lines
9.0 KiB
Raw Blame History

//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1996 - 1999
//
// File: perm.cpp
//
// This file contains the implementation for the simple permission
// editor page.
//
//--------------------------------------------------------------------------
#include "permset.h"
#include "sddl.h" // ConvertSidToStringSid
#define IDN_CHECKSELECTION 1
void SelectListViewItem(HWND hwndList, int iItem);
//
// Context Help IDs.
//
const static DWORD aPermPageHelpIDs[] =
{
IDC_SPP_GROUP_USER_NAME, IDH_SPP_PRINCIPALS,
IDC_SPP_PRINCIPALS, IDH_SPP_PRINCIPALS,
IDC_SPP_ADD, IDH_SPP_ADD,
IDC_SPP_REMOVE, IDH_SPP_REMOVE,
IDC_SPP_ACCESS, IDH_SPP_PERMS,
IDC_SPP_ACCESS_BIG, IDH_SPP_PERMS,
IDC_SPP_ALLOW, IDH_SPP_PERMS,
IDC_SPP_DENY, IDH_SPP_PERMS,
IDC_SPP_PERMS, IDH_SPP_PERMS,
IDC_SPP_STATIC_ADV, IDH_SPP_ADVANCED,
IDC_SPP_ADVANCED, IDH_SPP_ADVANCED,
IDC_SPP_MORE_MSG, IDH_NOHELP,
0, 0,
};
class CPrincipal;
typedef class CPrincipal *LPPRINCIPAL;
class CSecurityInfo;
class CPermPage : public CSecurityPage
{
private:
SECURITY_DESCRIPTOR_CONTROL m_wSDControl;
WORD m_wDaclRevision;
PSI_ACCESS m_pDefaultAccess;
BOOL m_fPageDirty;
BOOL m_fBusy;
BOOL m_bWasDenyAcl;
BOOL m_bCustomPermission;
HCURSOR m_hcurBusy;
HWND m_hEffectivePerm;
DWORD m_cInheritableAces;
SI_ACCESS m_CustomAccess;
//This is set to true when user cannot read and write dacl however
//has right to change owner. After changing owner, user will be able
//to read/write acl. ACLUI doesn't have refresh function so user needs
//to close and reopen the property sheet. So if m_CustomAccess is set
//to true and user changes owner we will show an error message to close
//and reopen the property sheet.
//NTRAID#NTBUG9-621338-2002/05/23-hiteshr
BOOL m_bNoReadWriteCanWriteOwner;
public:
CPermPage(LPSECURITYINFO psi)
: CSecurityPage(psi, SI_PAGE_PERM),
m_wDaclRevision(ACL_REVISION),
m_hEffectivePerm(NULL),
m_cInheritableAces(0),
m_bNoReadWriteCanWriteOwner(FALSE)
{ m_hcurBusy = LoadCursor(NULL, IDC_APPSTARTING); }
private:
virtual BOOL DlgProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam);
BOOL InitDlg(HWND hDlg);
void InitPrincipalList(HWND hDlg, PACL pDacl);
HRESULT InitCheckList(HWND hDlg);
void EnumerateAcl(HWND hwndList, PACL pAcl);
HRESULT SetPrincipalNamesInList(HWND hwndList, PSID pSid = NULL);
int AddPrincipalToList(HWND hwndList, LPPRINCIPAL pPrincipal);
BOOL OnNotify(HWND hDlg, int idCtrl, LPNMHDR pnmh);
void OnSelChange(HWND hDlg, BOOL bClearFirst = TRUE, BOOL bClearCustomAllow = FALSE, BOOL bClearCustomDeny = FALSE);
void OnApply(HWND hDlg, BOOL bClose);
HRESULT BuildDacl(HWND hDlg,
PSECURITY_DESCRIPTOR *ppSD,
BOOL fIncludeInherited);
HRESULT SetDacl(HWND hDlg,
PSECURITY_DESCRIPTOR psd,
BOOL bDirty = FALSE);
void OnAddPrincipal(HWND hDlg);
void OnRemovePrincipal(HWND hDlg);
void OnAdvanced(HWND hDlg);
void EnablePrincipalControls(HWND hDlg, BOOL fEnable);
void CommitCurrent(HWND hDlg, int iPrincipal = -1);
void OnSize(HWND hDlg, DWORD dwSizeType, ULONG nWidth, ULONG nHeight);
void ClearPermissions(HWND hwndList, BOOL bDisabled = TRUE);
void SetDirty(HWND hDlg, BOOL bDefault = FALSE);
void SetEffectivePerm(HWND hwnd){m_hEffectivePerm = hwnd;}
VOID SetPermLabelText(HWND hDlg);
friend class CPrincipal;
friend class CSecurityInfo;
};
typedef class CPermPage *PPERMPAGE;
class CPrincipal
{
private:
PPERMPAGE m_pPage;
LPTSTR m_pszName;
LPTSTR m_pszDisplayName; //This is only name. Doesn't include Logon Name
PSID m_pSID;
SID_IMAGE_INDEX m_nImageIndex;
BOOL m_bHaveRealName;
public:
CPermissionSet m_permDeny;
CPermissionSet m_permAllow;
CPermissionSet m_permInheritedDeny;
CPermissionSet m_permInheritedAllow;
HDSA m_hAdditionalAllow;
HDSA m_hAdditionalDeny;
public:
CPrincipal(CPermPage *pPage) : m_pPage(pPage), m_nImageIndex(SID_IMAGE_UNKNOWN),
m_pszDisplayName(NULL) {}
~CPrincipal();
BOOL SetPrincipal(PSID pSID,
SID_NAME_USE sidType = SidTypeUnknown,
LPCTSTR pszName = NULL,
LPCTSTR pszLogonName = NULL);
BOOL SetName(LPCTSTR pszName, LPCTSTR pszLogonName = NULL);
void SetSidType(SID_NAME_USE sidType) { m_nImageIndex = GetSidImageIndex(m_pSID, sidType); }
PSID GetSID() const { return m_pSID; }
LPCTSTR GetName() const { return m_pszName; }
LPCTSTR GetDisplayName() const{ return m_pszDisplayName ? m_pszDisplayName : m_pszName; }
int GetImageIndex() const { return m_nImageIndex; }
BOOL HaveRealName() { return m_bHaveRealName; }
BOOL AddAce(PACE_HEADER pAce);
ULONG GetAclLength(DWORD dwFlags);
BOOL AppendToAcl(PACL pAcl, DWORD dwFlags, PACE_HEADER *ppAcePos);
BOOL HaveInheritedAces(void);
void ConvertInheritedAces(BOOL bDelete);
void AddPermission(BOOL bAllow, PPERMISSION pperm);
void RemovePermission(BOOL bAllow, PPERMISSION pperm);
private:
CPermissionSet* GetPermSet(DWORD dwType, BOOL bInherited);
BOOL AddNormalAce(DWORD dwType, DWORD dwFlags, ACCESS_MASK mask, const GUID *pObjectType);
BOOL AddAdvancedAce(DWORD dwType, PACE_HEADER pAce);
};
// flag bits for GetAclLength & AppendToAcl
#define ACL_NONINHERITED 0x00010000L
#define ACL_INHERITED 0x00020000L
#define ACL_DENY 0x00040000L
#define ACL_ALLOW 0x00080000L
#define ACL_CHECK_CREATOR 0x00100000L
#define ACL_NONOBJECT PS_NONOBJECT
#define ACL_OBJECT PS_OBJECT
//
// Wrapper for ISecurityInformation. Used when invoking
// the advanced ACL editor
//
class CSecurityInfo : public ISecurityInformation, ISecurityInformation2,
IEffectivePermission, ISecurityObjectTypeInfo
, IDsObjectPicker
{
private:
ULONG m_cRef;
PPERMPAGE m_pPage;
HWND m_hDlg;
public:
CSecurityInfo(PPERMPAGE pPage, HWND hDlg)
: m_cRef(1), m_pPage(pPage), m_hDlg(hDlg) {}
// IUnknown methods
STDMETHODIMP QueryInterface(REFIID, LPVOID *);
STDMETHODIMP_(ULONG) AddRef();
STDMETHODIMP_(ULONG) Release();
// ISecurityInformation methods
STDMETHODIMP GetObjectInformation(PSI_OBJECT_INFO pObjectInfo);
STDMETHODIMP GetSecurity(SECURITY_INFORMATION si,
PSECURITY_DESCRIPTOR *ppSD,
BOOL fDefault);
STDMETHODIMP SetSecurity(SECURITY_INFORMATION si,
PSECURITY_DESCRIPTOR pSD);
STDMETHODIMP GetAccessRights(const GUID* pguidObjectType,
DWORD dwFlags,
PSI_ACCESS *ppAccess,
ULONG *pcAccesses,
ULONG *piDefaultAccess);
STDMETHODIMP MapGeneric(const GUID* pguidObjectType,
UCHAR *pAceFlags,
ACCESS_MASK *pmask);
STDMETHODIMP GetInheritTypes(PSI_INHERIT_TYPE *ppInheritTypes,
ULONG *pcInheritTypes);
STDMETHODIMP PropertySheetPageCallback(HWND hwnd, UINT uMsg, SI_PAGE_TYPE uPage);
// ISecurityInformation2 methods
STDMETHODIMP_(BOOL) IsDaclCanonical(PACL pDacl);
STDMETHODIMP LookupSids(ULONG cSids, PSID *rgpSids, LPDATAOBJECT *ppdo);
// IDsObjectPicker methods
STDMETHODIMP Initialize(PDSOP_INIT_INFO pInitInfo);
STDMETHODIMP InvokeDialog(HWND hwndParent, IDataObject **ppdoSelection);
STDMETHOD(GetInheritSource)(SECURITY_INFORMATION si,
PACL pACL,
PINHERITED_FROM *ppInheritArray);
STDMETHOD(GetEffectivePermission) ( THIS_ const GUID* pguidObjectType,
PSID pUserSid,
LPCWSTR pszServerName,
PSECURITY_DESCRIPTOR pSD,
POBJECT_TYPE_LIST *ppObjectTypeList,
ULONG *pcObjectTypeListLength,
PACCESS_MASK *ppGrantedAccessList,
ULONG *pcGrantedAccessListLength);
};