Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

157 lines
4.3 KiB

  1. //+-------------------------------------------------------------------
  2. //
  3. // Copyright (C) 1995, Microsoft Corporation.
  4. //
  5. // File: ACCACC.hxx
  6. //
  7. // Contents: class encapsulating NT security user ACCACC.
  8. //
  9. // Classes: CACCACC
  10. //
  11. // Functions:
  12. //
  13. // History: Nov-93 Created DaveMont
  14. //
  15. //--------------------------------------------------------------------
  16. #ifndef __ACCACC__
  17. #define __ACCACC__
  18. #include <t2.hxx>
  19. #include <account.hxx>
  20. //+-------------------------------------------------------------------
  21. //
  22. // Class: CAccountAccess
  23. //
  24. // Purpose: encapsulation of class Account and NT access masks. This
  25. // class interfaces with the security system to get SIDs from
  26. // usernames and vis-versa.
  27. //
  28. // this class has also been supplimented to contain information
  29. // about ACEs with the same SID in the ACL if a (edit) merge
  30. // operation is occuring
  31. //
  32. //--------------------------------------------------------------------
  33. class CAccountAccess: private CAccount
  34. {
  35. public:
  36. CAccountAccess(WCHAR *Name, WCHAR *System);
  37. ULONG Init(ULONG access);
  38. inline void ReInit();
  39. inline ULONG Sid(SID **psid);
  40. inline BYTE AceType();
  41. inline ACCESS_MASK AccessMask();
  42. inline void ClearAccessMask();
  43. void AddInheritance(BYTE Flags);
  44. inline ULONG TestInheritance();
  45. private:
  46. ACCESS_MASK _savemask; // saved requested mask (because _mask gets cleared if
  47. // the ace is not used).
  48. ACCESS_MASK _mask; // requested mask
  49. BYTE _acetype;
  50. ULONG _foundinheritance; // contains the OR of all the inheritances from the original ACL
  51. };
  52. // this is used in conjunction with ACE inherit flags to indicate that access
  53. // rights in an ACE apply to the container as well
  54. #define APPLIES_TO_CONTAINER 0x4
  55. //+---------------------------------------------------------------------------
  56. //
  57. // Member: CAccountAccess::Init, public
  58. //
  59. // Synopsis: initializes access mask
  60. //
  61. // Arguments: IN [access] - access mask
  62. //
  63. //----------------------------------------------------------------------------
  64. void CAccountAccess::ReInit()
  65. {
  66. _mask = _savemask;
  67. }
  68. //+---------------------------------------------------------------------------
  69. //
  70. // Member: CAccountAccess::Sid, public
  71. //
  72. // Synopsis: returns the principal for the class
  73. //
  74. // Arguments: OUT [psid] - address of the principal name
  75. //
  76. //----------------------------------------------------------------------------
  77. ULONG CAccountAccess::Sid(SID **psid)
  78. {
  79. return(GetAccountSid(psid));
  80. }
  81. //+---------------------------------------------------------------------------
  82. //
  83. // Member: CAccountAccess::AceType, public
  84. //
  85. // Synopsis: returns the acetype (denied, allowed)
  86. //
  87. // Arguments: none
  88. //
  89. //----------------------------------------------------------------------------
  90. BYTE CAccountAccess::AceType()
  91. {
  92. return(_acetype);
  93. }
  94. //+---------------------------------------------------------------------------
  95. //
  96. // Member: CAccountAccess::AccessMask, public
  97. //
  98. // Synopsis: returns the access mask
  99. //
  100. // Arguments: none
  101. //
  102. //----------------------------------------------------------------------------
  103. ACCESS_MASK CAccountAccess::AccessMask()
  104. {
  105. return(_mask);
  106. }
  107. //+---------------------------------------------------------------------------
  108. //
  109. // Member: CAccountAccess::ClearAccessMask, public
  110. //
  111. // Synopsis: returns the access mask
  112. //
  113. // Arguments: none
  114. //
  115. //----------------------------------------------------------------------------
  116. void CAccountAccess::ClearAccessMask()
  117. {
  118. _mask = 0;
  119. }
  120. //+---------------------------------------------------------------------------
  121. //
  122. // Member: CAccountAccess::TestInheritance, public
  123. //
  124. // Synopsis: checks that the inheritance is valid,
  125. // that objects & containers inherit, and rights are applied to the object.
  126. //
  127. // Arguments: none
  128. //
  129. //--------------------------------------------------------------------
  130. ULONG CAccountAccess::TestInheritance()
  131. {
  132. if (_foundinheritance == ( OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | APPLIES_TO_CONTAINER))
  133. return(ERROR_SUCCESS);
  134. else
  135. return(ERROR_INVALID_DATA);
  136. }
  137. #endif // __ACCACC__