Source code of Windows XP (NT5)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
//+--------------------------------------------------------------------------
// File: officer.h
// Contents: officer rights classes
//---------------------------------------------------------------------------
#include "sid.h"
#include "tptrlist.h"
namespace CertSrv {
class CClientPermission { public: CClientPermission(BOOL fAllow, PSID pSid); ~CClientPermission() {}
static BOOL IsInitialized(CClientPermission* pObj) { return NULL != pObj && NULL != ((PSID)pObj->m_Sid); } void SetPermission(BOOL fAllow) { m_fAllow = fAllow;} BOOL GetPermission() { return m_fAllow; } LPCWSTR GetName() { return m_Sid.GetName(); } PSID GetSid() { return m_Sid.GetSid(); } friend class COfficerRights; BOOL operator==(const CClientPermission& rhs) { return EqualSid(GetSid(), (const_cast<CClientPermission&>(rhs)).GetSid()); }
protected: BOOL m_fAllow; CSid m_Sid; };
class COfficerRights { public: COfficerRights() : m_pSid(NULL), m_List() {} ~COfficerRights() { delete m_pSid; }
HRESULT Init(PACCESS_ALLOWED_CALLBACK_ACE pAce); HRESULT Add(PSID pSID, BOOL fAllow); HRESULT RemoveAt(DWORD dwIndex) { return m_List.RemoveAt(dwIndex)?S_OK:E_INVALIDARG; } HRESULT SetAt(DWORD dwIndex, BOOL fAllow) { CClientPermission *pClient = m_List.GetAt(dwIndex); if(!pClient) return E_INVALIDARG; pClient->SetPermission(fAllow); return S_OK; } CClientPermission* GetAt(DWORD dwIndex) { return m_List.GetAt(dwIndex); }
DWORD Find(PSID pSid); DWORD GetCount() { return m_List.GetCount(); } LPCWSTR GetName() { return m_pSid->GetName(); }; PSID GetSid() { return m_pSid->GetSid(); }
friend class COfficerRightsList; protected:
DWORD GetAceSize(BOOL fAllow); HRESULT AddAce(PACL pAcl, BOOL fAllow); HRESULT AddSidList(PACCESS_ALLOWED_CALLBACK_ACE pAce);
void Cleanup() { if (m_pSid) { delete m_pSid; m_pSid=NULL; } m_List.Cleanup(); } // following bools are used to decide if this COfficerRights has to
// be represented as one or two aces (allow/deny) in the ACL
CSid* m_pSid; // use pointer instead of member object because
// we don't know the sid at construct time
TPtrList<CClientPermission> m_List; };
class COfficerRightsList { public: COfficerRightsList() : m_List(NULL), m_dwCountList(0) {} ~COfficerRightsList();
HRESULT Load(PSECURITY_DESCRIPTOR pSD); HRESULT Save(PSECURITY_DESCRIPTOR &rpSD); COfficerRights* GetAt(DWORD dwIndex) { if(dwIndex>=m_dwCountList) return NULL; return m_List[dwIndex]; }
DWORD GetCount() { return m_dwCountList;}
void Dump(); void Cleanup() { if (m_List != NULL) { for(DWORD dwCount=0;dwCount<m_dwCountList;dwCount++) { if (m_List[dwCount] != NULL) delete m_List[dwCount]; }
LocalFree(m_List); m_List = NULL; } m_dwCountList = 0; }
protected:
HRESULT BuildAcl(PACL &rpAcl); COfficerRights **m_List; DWORD m_dwCountList; };
}; // namespace CertSrv
|