archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/shell/osshell/security/aclui/aclbloat.cpp

735 lines
17 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 2001
  6. //
  7. // File: aclbloat.h
  8. //
  9. // This file contains the implementation of ACLBLOAT class which controls the
  10. // dialog box for aclbloat
  11. //
  12. // Author hiteshr 4th April 2001
  13. //
  14. //--------------------------------------------------------------------------
  16. #include "aclpriv.h"
  19. //+--------------------------------------------------------------------------
  20. //
  21. // Member: CACLBloat::CACLBloat
  22. //
  23. // Synopsis: Constructor
  24. //
  25. //
  26. // History: 04-April 2001 hiteshr Created
  27. //
  28. //---------------------------------------------------------------------------
  30. CACLBloat::CACLBloat(LPSECURITYINFO psi,
  31. LPSECURITYINFO2 psi2,
  32. SI_PAGE_TYPE siPageType,
  33. SI_OBJECT_INFO* psiObjectInfo,
  34. HDPA hEntries,
  35. HDPA hPropEntries):m_psi(psi),
  36. m_psi2(psi2),
  37. m_siPageType(siPageType),
  38. m_psiObjectInfo(psiObjectInfo),
  39. m_hEntries(hEntries),
  40. m_hPropEntries(hPropEntries),
  41. m_hMergedEntries(NULL),
  42. m_hFont(NULL)
  43. {
  44. TraceEnter(TRACE_ACLBLOAT, "CACLBloat::CACLBloat");
  45. if(m_psi)
  46. m_psi->AddRef();
  47. if(m_psi2)
  48. m_psi2->AddRef();
  49. }
  51. CACLBloat::~CACLBloat()
  52. {
  53. if(m_psi)
  54. m_psi->Release();
  55. if(m_psi2)
  56. m_psi2->Release();
  58. if(m_hMergedEntries)
  59. {
  60. UINT cItems = DPA_GetPtrCount(m_hMergedEntries);
  61. for(UINT iItems = 0; iItems < cItems; ++iItems)
  62. {
  63. delete (PACE)DPA_FastGetPtr(m_hMergedEntries, iItems);
  64. }
  65. DPA_Destroy(m_hMergedEntries);
  66. }
  68. if(m_hFont)
  69. DeleteObject(m_hFont);
  70. }
  71. //+--------------------------------------------------------------------------
  72. //
  73. // Member: CACLBloat::IsAclBloated
  74. //
  75. // Synopsis: ACL is bloated if number of entries which inherits to child objects
  76. // is more than 8
  77. //
  78. //
  79. // History: 04-April 2001 hiteshr Created
  80. //
  81. //---------------------------------------------------------------------------
  82. BOOL
  83. CACLBloat::IsAclBloated()
  84. {
  85. TraceEnter(TRACE_ACLBLOAT, "CACLBloat::IsAclBloated");
  87. if(!m_hMergedEntries)
  88. {
  89. m_hMergedEntries = DPA_Create(4);
  90. if(!m_hMergedEntries)
  91. return FALSE;
  92. }
  94. if(SUCCEEDED(MergeAces(m_hEntries, m_hPropEntries, m_hMergedEntries)))
  95. {
  96. int cItems = DPA_GetPtrCount(m_hMergedEntries);
  97. if(cItems > ACL_BLOAT_LIMIT)
  98. return TRUE;
  99. }
  100. return FALSE;
  101. }
  104. //+--------------------------------------------------------------------------
  105. //
  106. // Member: CACLBloat::DoModalDialog
  107. //
  108. // Synopsis: Creates modal dialogbox
  109. //
  110. // Arguments: [hwndParent] - handle to owner window of dialog to create
  111. //
  112. // Returns: Dialog's return code
  113. //
  114. // History: 04-April-2001 hiteshr Created
  115. //
  116. //---------------------------------------------------------------------------
  118. BOOL
  119. CACLBloat::DoModalDialog(HWND hwndParent)
  120. {
  121. TraceEnter(TRACE_ACLBLOAT, "CACLBloat::CACLBloat");
  123. INT_PTR iResult = DialogBoxParam(::hModule,
  124. MAKEINTRESOURCE(IDD_ACLBLOAT),
  125. hwndParent,
  126. CACLBloat::_DlgProc,
  127. (LPARAM) this);
  128. return static_cast<BOOL>(iResult);
  129. }
  132. //+--------------------------------------------------------------------------
  133. //
  134. // Member: CACLBloat::_DlgProc
  135. //
  136. // Synopsis: Dialog box callback
  137. //
  138. // Returns: Dialog's return code
  139. //
  140. // History: 04-April-2001 hiteshr Created
  141. //
  142. //---------------------------------------------------------------------------
  143. INT_PTR CALLBACK
  144. CACLBloat::_DlgProc(HWND hDlg,
  145. UINT uMsg,
  146. WPARAM wParam,
  147. LPARAM lParam)
  148. {
  149. BOOL bReturn = TRUE;
  150. CACLBloat *pThis = (CACLBloat *)GetWindowLongPtr(hDlg, DWLP_USER);
  151. if (!pThis && uMsg != WM_INITDIALOG)
  152. {
  153. return FALSE;
  154. }
  156. switch (uMsg)
  157. {
  158. case WM_INITDIALOG:
  159. pThis = (CACLBloat*) lParam;
  160. ASSERT(pThis);
  161. SetWindowLongPtr(hDlg, DWLP_USER, (LONG_PTR) pThis);
  162. pThis->InitDlg(hDlg);
  163. break;
  165. case WM_COMMAND:
  166. bReturn = pThis->OnCommand(hDlg, wParam, lParam);
  167. break;
  169. case WM_NOTIFY:
  170. bReturn = pThis->OnNotify(hDlg, wParam, lParam);
  171. break;
  174. default:
  175. bReturn = FALSE;
  176. break;
  177. }
  179. return bReturn;
  180. }
  182. //+--------------------------------------------------------------------------
  183. //
  184. // Member: CACLBloat::InitDlg
  185. //
  186. // Synopsis: Initialize the ACL bloat dialog box
  187. //
  188. //
  189. // History: 04-April-2001 hiteshr Created
  190. //
  191. //---------------------------------------------------------------------------
  192. HRESULT
  193. CACLBloat::InitDlg( HWND hDlg )
  194. {
  195. TraceEnter(TRACE_ACLBLOAT, "CACLBloat::CACLBloat");
  197. HRESULT hr = S_OK;
  199. HCURSOR hcur = SetCursor(LoadCursor(NULL, IDC_WAIT));
  202. //
  203. // Set up the listview control
  204. //
  206. HWND hListView = GetDlgItem( hDlg, IDC_ACEL_BLOAT );
  207. //
  208. // Set extended LV style for whole line selection with InfoTips
  209. //
  210. ListView_SetExtendedListViewStyleEx(hListView,
  211. LVS_EX_FULLROWSELECT | LVS_EX_INFOTIP,
  212. LVS_EX_FULLROWSELECT | LVS_EX_INFOTIP);
  213. //
  214. // Add appropriate columns
  215. //
  216. RECT rc;
  217. GetClientRect(hListView, &rc);
  219. LV_COLUMN col;
  220. col.mask = LVCF_FMT | LVCF_SUBITEM | LVCF_WIDTH;
  221. col.fmt = LVCFMT_LEFT;
  222. col.iSubItem = 0;
  223. col.cx = rc.right;
  224. ListView_InsertColumn(hListView, 0, &col);
  226. //
  227. //Add the aces to listview
  228. //
  229. hr = AddAcesFromDPA(hListView, m_hMergedEntries);
  230. if(FAILED(hr))
  231. return hr;
  233. //
  234. //Add a warning icon
  235. //
  236. // add the warning icon
  237. HICON hWarn = LoadIcon(NULL, IDI_WARNING);
  238. SendDlgItemMessage(hDlg, // dialog box window handle
  239. IDC_BLOAT_WARN_ICON, // icon identifier
  240. STM_SETIMAGE, // message to send
  241. (WPARAM) IMAGE_ICON, // image type
  242. (LPARAM) hWarn); // icon handle
  245. //
  246. //Set the title of dialog box
  247. //
  248. LPTSTR pszCaption = NULL;
  249. if(FormatStringID(&pszCaption,
  250. ::hModule,
  251. m_siPageType == SI_PAGE_AUDIT ? IDS_ACEE_AUDIT_TITLE : IDS_ACEE_PERM_TITLE,
  252. m_psiObjectInfo->pszObjectName))
  253. {
  254. SetWindowText(hDlg, pszCaption);
  255. LocalFreeString(&pszCaption);
  256. }
  258. //
  259. //Set the warning message
  260. //
  261. UINT cItem = DPA_GetPtrCount(m_hMergedEntries);
  262. WCHAR buffer[34];
  263. _itow(cItem,buffer,10);
  264. if(FormatStringID(&pszCaption,
  265. ::hModule,
  266. m_siPageType == SI_PAGE_AUDIT ? IDS_BLOAT_AUDIT_WARN : IDS_BLOAT_PERM_WARN,
  267. buffer))
  268. {
  269. SetDlgItemText(hDlg, IDC_BLOAT_LV_STATIC, pszCaption);
  270. LocalFreeString(&pszCaption);
  271. }
  273. //
  274. //Set the line 1
  275. //
  276. WCHAR szBuffer[1024];
  277. if(LoadString(::hModule,
  278. m_siPageType == SI_PAGE_AUDIT ? IDS_BLOAT_AUDIT_LINE1: IDS_BLOAT_PERM_LINE1,
  279. szBuffer,
  280. 1024))
  281. SetDlgItemText(hDlg,IDC_BLOAT_LINE1_STATIC, szBuffer);
  283. //
  284. //Set the line 2
  285. //
  286. if(LoadString(::hModule,
  287. m_siPageType == SI_PAGE_AUDIT ? IDS_BLOAT_AUDIT_LINE2: IDS_BLOAT_PERM_LINE2,
  288. szBuffer,
  289. 1024))
  290. SetDlgItemText(hDlg,IDC_BLOAT_LINE2_STATIC, szBuffer);
  292. //
  293. //make warning bold
  294. //
  295. MakeBold(GetDlgItem(hDlg,IDC_ACLB_WARNING), &m_hFont);
  297. SetCursor(hcur);
  299. return hr;
  300. }
  302. BOOL
  303. CACLBloat::OnNotify(HWND hDlg, WPARAM wParam, LPARAM lParam)
  304. {
  305. LPNMHDR pnmh = (LPNMHDR)lParam;
  306. LPNM_LISTVIEW pnmlv = (LPNM_LISTVIEW)lParam;
  307. // Set default return value
  308. SetWindowLongPtr(hDlg, DWLP_MSGRESULT, PSNRET_NOERROR);
  310. switch (pnmh->code)
  311. {
  313. #define lvi (((NMLVDISPINFO*)lParam)->item)
  314. case LVN_GETDISPINFO:
  315. {
  316. PACE pAce = (PACE)lvi.lParam;
  317. if ((lvi.mask & LVIF_TEXT) && pAce)
  318. {
  319. if (0 == lvi.iSubItem)
  320. {
  321. lvi.pszText = pAce->GetAccessType();
  322. }
  323. }
  324. }
  325. break;
  326. #undef lvi
  328. }
  330. return TRUE;
  331. }
  334. //+--------------------------------------------------------------------------
  335. //
  336. // Member: CACLBloat::MergeAces
  337. //
  338. // Synopsis: Merges the aces from Object and Property Pages in to single
  339. // List
  340. //
  341. //
  342. // History: 04-April-2001 hiteshr Created
  343. //
  344. //---------------------------------------------------------------------------
  346. HRESULT
  347. CACLBloat::MergeAces(HDPA hEntries, HDPA hPropEntries, HDPA hMergedList)
  348. {
  350. if(!hMergedList || (!hEntries && !hPropEntries))
  351. return E_POINTER;
  354. HRESULT hr = S_OK;
  355. if(hEntries)
  356. {
  357. UINT cItems = DPA_GetPtrCount(hEntries);
  358. for(UINT iItems = 0; iItems < cItems; ++iItems)
  359. {
  360. hr = AddAce(hMergedList,
  361. (PACE_HEADER)DPA_FastGetPtr(hEntries, iItems));
  362. if(FAILED(hr))
  363. return hr;
  364. }
  365. }
  367. if(hPropEntries)
  368. {
  369. UINT cItems = DPA_GetPtrCount(hPropEntries);
  370. for(UINT iItems = 0; iItems < cItems; ++iItems)
  371. {
  372. hr = AddAce(hMergedList,
  373. (PACE_HEADER)DPA_FastGetPtr(hPropEntries, iItems));
  374. if(FAILED(hr))
  375. return hr;
  376. }
  377. }
  378. return S_OK;
  379. }
  381. //+--------------------------------------------------------------------------
  382. //
  383. // Member: CACLBloat::AddAce
  384. //
  385. // Synopsis: Converts AceHeader to ACLUI Ace structure
  386. //
  387. //
  388. // History: 04-April-2001 hiteshr Created
  389. //
  390. //---------------------------------------------------------------------------
  391. HRESULT
  392. CACLBloat::AddAce(HDPA hEntries,
  393. PACE_HEADER pAceHeader)
  394. {
  395. //
  396. //This Ace doesn't propogate to child objects,
  397. //so we don't show this.
  398. //
  399. if(!(pAceHeader->AceFlags & CONTAINER_INHERIT_ACE))
  400. return S_OK;
  402. PACE pAce = new CAce(pAceHeader);
  403. if (pAce)
  404. {
  405. return AddAce(hEntries, pAce);
  406. }
  407. else
  408. return E_OUTOFMEMORY;
  409. }
  411. //+--------------------------------------------------------------------------
  412. //
  413. // Member: CACLBloat::AddAce
  414. //
  415. // Synopsis: Add an Ace to list. First it tries to merge it with existing
  416. // aces in the list.
  417. //
  418. //
  419. // History: 04-April-2001 hiteshr Created
  420. //
  421. //---------------------------------------------------------------------------
  422. HRESULT
  423. CACLBloat::AddAce(HDPA hEntries,
  424. PACE pAceNew)
  425. {
  426. TraceEnter(TRACE_ACLBLOAT, "CACLBloat::AddAce");
  427. TraceAssert(hEntries != NULL);
  428. TraceAssert(pAceNew != NULL);
  430. if (pAceNew == NULL)
  431. return E_POINTER;
  433. m_psi->MapGeneric(&pAceNew->ObjectType, &pAceNew->AceFlags, &pAceNew->Mask);
  435. //
  436. // Try to merge the new ACE with an existing entry in the list.
  437. //
  438. int cItems = DPA_GetPtrCount(hEntries);
  439. for( int iItems = 0; iItems < cItems; ++iItems)
  440. {
  441. PACE pAceCompare = (PACE)DPA_FastGetPtr(hEntries, iItems);
  443. if (pAceCompare != NULL)
  444. {
  445. switch (pAceNew->Merge(pAceCompare))
  446. {
  447. case MERGE_MODIFIED_FLAGS:
  448. case MERGE_MODIFIED_MASK:
  449. // The ACEs were merged into pAceNew.
  450. case MERGE_OK_1:
  451. //
  452. // The new ACE implies the existing ACE, so the existing
  453. // ACE can be removed.
  454. //
  455. // First copy the name so we don't have to look
  456. // it up again. (Don't copy the other strings
  457. // since they may be different.)
  458. //
  459. // Then keep looking. Maybe we can remove some more entries
  460. // before adding the new one.
  461. //
  462. DPA_DeletePtr(hEntries, iItems);
  463. delete pAceCompare;
  464. --cItems;
  465. --iItems;
  466. break;
  468. case MERGE_OK_2:
  469. //
  470. // The existing ACE implies the new ACE, so we don't
  471. // need to do anything here.
  472. //
  473. delete pAceNew;
  474. return S_OK;
  475. break;
  476. }
  477. }
  478. }
  480. DPA_AppendPtr(hEntries, pAceNew);
  481. return S_OK;
  482. }
  484. //+--------------------------------------------------------------------------
  485. //
  486. // Member: CACLBloat::GetItemString
  487. //
  488. // Synopsis: Gets a display name for the item.
  489. //
  490. //
  491. // History: 04-April-2001 hiteshr Created
  492. //
  493. //---------------------------------------------------------------------------
  494. LPCTSTR
  495. CACLBloat::GetItemString(LPCTSTR pszItem,
  496. LPTSTR pszBuffer,
  497. UINT ccBuffer)
  498. {
  499. TraceEnter(TRACE_ACELIST, "CACLBloat::GetItemString");
  501. if (pszItem == NULL)
  502. {
  503. LoadString(::hModule, IDS_SPECIAL, pszBuffer, ccBuffer);
  504. pszItem = pszBuffer;
  505. }
  506. else if (IS_INTRESOURCE(pszItem))
  507. {
  508. if (LoadString(m_psiObjectInfo->hInstance,
  509. (UINT)((ULONG_PTR)pszItem),
  510. pszBuffer,
  511. ccBuffer) == 0)
  512. {
  513. LoadString(::hModule, IDS_SPECIAL, pszBuffer, ccBuffer);
  514. }
  515. pszItem = pszBuffer;
  516. }
  518. TraceLeaveValue(pszItem);
  519. }
  521. //+--------------------------------------------------------------------------
  522. //
  523. // Member: CACLBloat::TranslateAceIntoRights
  524. //
  525. // Synopsis: Converts Aces Mask in to a string taking into account
  526. // the Object Guid.
  527. //
  528. //
  529. // History: 04-April-2001 hiteshr Created
  530. //
  531. //---------------------------------------------------------------------------
  532. LPCTSTR
  533. CACLBloat::TranslateAceIntoRights(DWORD dwMask,
  534. const GUID *pObjectType,
  535. PSI_ACCESS pAccess,
  536. ULONG cAccess)
  537. {
  538. TraceEnter(TRACE_ACELIST, "CACLBloat::TranslateAceIntoRights");
  539. TraceAssert(pObjectType != NULL);
  540. if(!pAccess || !cAccess)
  541. return NULL;
  544. LPCTSTR pszName = NULL;
  545. if (pAccess && cAccess)
  546. {
  547. //
  548. // Look for a name for the mask
  549. //
  550. for (UINT iItem = 0; iItem < cAccess; iItem++)
  551. {
  552. if ( dwMask == pAccess[iItem].mask &&
  553. IsSameGUID(pObjectType, pAccess[iItem].pguid) )
  554. {
  555. pszName = pAccess[iItem].pszName;
  556. break;
  557. }
  558. }
  559. }
  561. TraceLeaveValue(pszName);
  562. }
  564. //+--------------------------------------------------------------------------
  565. //
  566. // Member: CACLBloat::AddAcesFromDPA
  567. //
  568. // Synopsis: Add ace from list to ListView control.
  569. //
  570. //
  571. // History: 04-April-2001 hiteshr Created
  572. //
  573. //---------------------------------------------------------------------------
  574. HRESULT
  575. CACLBloat::AddAcesFromDPA(HWND hListView, HDPA hEntries)
  576. {
  577. ULONG iDefaultAccess = 0;
  578. PSI_ACCESS pAccess = NULL;
  579. ULONG cAccess = 0;
  580. HRESULT hr = S_OK;
  582. if(!hEntries)
  583. return E_POINTER;
  585. //
  586. //Get the count of items
  587. //
  588. int cItems = DPA_GetPtrCount(hEntries);
  589. GUID* pGUID = NULL;
  591. PACE pAce = (PACE)DPA_FastGetPtr(hEntries, 0);
  592. if(pAce)
  593. {
  594. //
  595. //Get the AccessRight array for the guid
  596. //
  597. hr = m_psi->GetAccessRights(&pAce->InheritedObjectType,
  598. SI_ADVANCED|SI_EDIT_EFFECTIVE,
  599. &pAccess,
  600. &cAccess,
  601. &iDefaultAccess);
  603. if(FAILED(hr))
  604. return hr;
  605. pGUID = &pAce->InheritedObjectType;
  606. }
  608. for( int iItem = 0; iItem < cItems; ++iItem)
  609. {
  610. pAce = (PACE)DPA_FastGetPtr(hEntries, iItem);
  611. if(pAce)
  612. {
  613. if(!IsSameGUID(pGUID, &pAce->InheritedObjectType))
  614. {
  615. //
  616. //if Guid is not same as one for which we have access right info,
  617. //fetch access right info for new guid
  618. //
  619. hr = m_psi->GetAccessRights(&pAce->InheritedObjectType,
  620. SI_ADVANCED | SI_EDIT_EFFECTIVE,
  621. &pAccess,
  622. &cAccess,
  623. &iDefaultAccess);
  625. if(FAILED(hr))
  626. return hr;
  627. pGUID = &pAce->InheritedObjectType;
  628. }
  630. TCHAR szBuffer[MAX_COLUMN_CHARS];
  631. LPCTSTR pszRights = NULL;
  632. pszRights = TranslateAceIntoRights(pAce->Mask,
  633. &pAce->ObjectType,
  634. pAccess,
  635. cAccess);
  637. //
  638. // If this is a property ACE, give it a name like "Read property" or
  639. // "Write property". Also, remember that it's a property ACE so we
  640. // can show the Property page first when editing this ACE.
  641. //
  642. // This is a bit slimy, since it assumes DS property access bits are
  643. // the only ones that will ever be used on the properties page.
  644. //
  645. if ((m_psiObjectInfo->dwFlags & SI_EDIT_PROPERTIES) &&
  646. (pAce->Flags & ACE_OBJECT_TYPE_PRESENT) &&
  647. (pAce->Mask & (ACTRL_DS_READ_PROP | ACTRL_DS_WRITE_PROP)) &&
  648. !(pAce->Mask & ~(ACTRL_DS_READ_PROP | ACTRL_DS_WRITE_PROP)))
  649. {
  650. pAce->SetPropertyAce(TRUE);
  652. if (pszRights == NULL)
  653. {
  654. UINT idString = 0;
  656. switch (pAce->Mask & (ACTRL_DS_READ_PROP | ACTRL_DS_WRITE_PROP))
  657. {
  658. case ACTRL_DS_READ_PROP:
  659. idString = IDS_READ_PROP;
  660. break;
  662. case ACTRL_DS_WRITE_PROP:
  663. idString = IDS_WRITE_PROP;
  664. break;
  666. case (ACTRL_DS_READ_PROP | ACTRL_DS_WRITE_PROP):
  667. idString = IDS_READ_WRITE_PROP;
  668. break;
  669. }
  671. if (idString)
  672. {
  673. LoadString(::hModule, idString, szBuffer, ARRAYSIZE(szBuffer));
  674. pszRights = szBuffer;
  675. }
  676. }
  677. }
  679. pszRights = GetItemString(pszRights, szBuffer, ARRAYSIZE(szBuffer));
  680. pAce->SetAccessType(pszRights);
  682. LV_ITEM lvi;
  683. lvi.mask = LVIF_TEXT | LVIF_PARAM | LVIF_STATE;
  684. lvi.state = 0;
  685. lvi.stateMask = LVIS_CUT;
  686. lvi.iItem = iItem;
  687. lvi.iSubItem = 0;
  688. lvi.pszText = LPSTR_TEXTCALLBACK;
  689. lvi.lParam = (LPARAM)pAce;
  691. //
  692. // insert the item into the list
  693. //
  694. iItem = ListView_InsertItem(hListView, &lvi);
  696. if (iItem == -1)
  697. delete pAce;
  700. }
  701. }
  702. return hr;
  703. }
  706. BOOL
  707. CACLBloat::OnCommand(HWND hDlg, WPARAM wParam, LPARAM lParam)
  708. {
  709. BOOL fHandled = TRUE;
  711. switch (LOWORD(wParam))
  712. {
  713. case IDOK:
  714. EndDialog(hDlg, FALSE);
  715. break;
  717. case IDCANCEL:
  718. EndDialog(hDlg, TRUE);
  719. break;
  721. case IDHELP:
  722. HtmlHelp(NULL,
  723. L"aclui.chm::/ACLUI_acl_BP.htm",
  724. HH_DISPLAY_TOPIC,
  725. 0);
  726. break;
  728. default:
  729. fHandled = FALSE;
  730. break;
  731. }
  732. return fHandled;
  733. }