archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/shell/osshell/security/aclui/effperm.cpp

549 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1996 - 1999
  6. //
  7. // File: owner.cpp
  8. //
  9. // This file contains the implementation of the Owner page.
  10. //
  11. //--------------------------------------------------------------------------
  12. #include "aclpriv.h"
  13. #include <initguid.h> // needed to get the GUIDs defined in oleacc.h
  14. #include <oleacc.h> // contains IAccProp* definitions
  18. //Context Help IDs
  19. const static DWORD aEffHelpIDs[] =
  20. {
  21. IDC_EFF_NAME_STATIC, IDH_EFF_NAME,
  22. IDC_EFF_NAME, IDH_EFF_NAME,
  23. IDC_EFF_SELECT, IDH_EFF_SELECT,
  24. IDC_EFF_PERMISSION_STATIC, IDH_EFF_PERM_LIST,
  25. IDC_EFF_PERM_LIST, IDH_EFF_PERM_LIST,
  26. IDC_EFF_STATIC, -1,
  27. 0, 0
  28. };
  31. LPCWSTR g_ListStateMap =
  32. L"A:0"
  33. L":0:0x50" // checked, disabled - STATE_SYSTEM_READONLY | STATE_SYSTEM_CHECKED
  34. L":1:0x40" // disabled - STATE_SYSTEM_READONLY
  35. L":";
  38. LPCWSTR g_ListRoleMap =
  39. L"A:0"
  40. L":0:0x2C" // checkbox - ROLE_SYSTEM_CHECKBUTTON (ie. checkbox)
  41. L":1:0x2C"
  42. L":";
  45. int LV_ADDITEM(HWND hwndList,
  46. LPCTSTR pszName,
  47. int index,
  48. PSI_ACCESS pAccess,
  49. BOOL bChecked)
  50. {
  51. LVITEM lvItem;
  52. TraceAssert(pAccess != NULL);
  53. TraceAssert(pszName != NULL);
  55. lvItem.mask = LVIF_TEXT | LVIF_PARAM | LVIF_IMAGE;
  56. lvItem.iItem = index;
  57. lvItem.iSubItem = 0;
  58. lvItem.pszText = (LPTSTR)pszName;
  59. lvItem.lParam = (LPARAM)pAccess;
  60. lvItem.iImage = bChecked ? 0 : 1;
  62. // Insert item into list
  63. index = ListView_InsertItem(hwndList, &lvItem);
  64. ListView_SetCheckState(hwndList,index,bChecked);
  66. return index;
  67. }
  69. typedef struct _EffCacheItem
  70. {
  71. POBJECT_TYPE_LIST pObjectTypeList;
  72. ULONG cObjectTypeListLength;
  73. PACCESS_MASK pGrantedAccessList;
  74. PSID pSid;
  75. }EFFCACHEITEM,*PEFFCACHEITEM;
  78. //This Function checks is pAccess is granted.
  79. BOOL IsChecked( PSI_ACCESS pAccess,
  80. PEFFCACHEITEM pCacheItem)
  81. {
  82. TraceEnter(TRACE_EFFPERM, "IsChecked");
  83. TraceAssert(pCacheItem != NULL);
  84. TraceAssert(pAccess != NULL);
  86. POBJECT_TYPE_LIST pObjectTypeList = pCacheItem->pObjectTypeList;
  87. ULONG cObjectTypeListLength = pCacheItem->cObjectTypeListLength;
  88. PACCESS_MASK pGrantedAccessList = pCacheItem->pGrantedAccessList;
  90. //0th Grant is for full object.
  91. if( (pAccess->mask & pGrantedAccessList[0]) == pAccess->mask )
  92. return TRUE;
  94. BOOL bGuidNULL = pAccess->pguid ?IsEqualGUID(*(pAccess->pguid), GUID_NULL): TRUE;
  95. LPGUID pguid;
  97. for( UINT i = 1; i < cObjectTypeListLength; ++i )
  98. {
  99. pguid = pObjectTypeList[i].ObjectType;
  100. if( pguid == NULL ||
  101. IsEqualGUID(*pguid, GUID_NULL) ||
  102. (!bGuidNULL && IsEqualGUID(*pguid,*(pAccess->pguid))) )
  103. {
  104. if( (pAccess->mask & pGrantedAccessList[i]) == pAccess->mask )
  105. return TRUE;
  106. }
  107. }
  108. return FALSE;
  109. }
  113. class CEffPage: public CSecurityPage
  114. {
  115. public:
  116. CEffPage(LPSECURITYINFO psi, SI_OBJECT_INFO *psiObjectInfo);
  117. virtual ~CEffPage();
  119. private:
  120. virtual BOOL DlgProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam);
  121. BOOL InitDlg(HWND hDlg);
  122. void OnSelect(HWND hDlg);
  123. void InitListBox(HWND hDlg);
  124. HRESULT GetEffectivePerm(PSID pSid, PEFFCACHEITEM *ppCacheItem);
  125. PSID GetSelectedSID(){ return m_pSid; }
  127. private:
  128. PSID m_pSid; //Sid of the security principal for which permissions are displayed
  130. PSI_ACCESS m_pAccess;
  131. ULONG m_cAccesses;
  132. };
  135. HPROPSHEETPAGE
  136. CreateEffectivePermPage(LPSECURITYINFO psi, SI_OBJECT_INFO *psiObjectInfo)
  137. {
  138. HPROPSHEETPAGE hPage = NULL;
  139. CEffPage *pPage;
  141. TraceEnter(TRACE_EFFPERM, "CreateEffectivePermPage");
  142. TraceAssert(psi!=NULL);
  143. TraceAssert(psiObjectInfo);
  145. pPage = new CEffPage(psi, psiObjectInfo);
  147. if (pPage)
  148. {
  149. hPage = pPage->CreatePropSheetPage(MAKEINTRESOURCE(IDD_EFFECTIVE_PERM_PAGE));
  151. if (!hPage)
  152. delete pPage;
  153. }
  155. TraceLeaveValue(hPage);
  156. }
  159. CEffPage::CEffPage(LPSECURITYINFO psi, SI_OBJECT_INFO *psiObjectInfo)
  160. : CSecurityPage(psi, SI_PAGE_OWNER) , m_pSid(NULL),
  161. m_pAccess(NULL), m_cAccesses(0)
  162. {
  163. // Lookup known SIDs asynchronously so the dialog
  164. // will initialize faster
  165. }
  167. CEffPage::~CEffPage()
  168. {
  169. if (m_pSid)
  170. LocalFree(m_pSid);
  171. }
  172. BOOL
  173. CEffPage::DlgProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
  174. {
  175. BOOL bResult = TRUE;
  176. LPPSHNOTIFY lpsn;
  177. switch(uMsg)
  178. {
  179. case WM_INITDIALOG:
  180. InitDlg(hDlg);
  181. break;
  184. case WM_COMMAND:
  185. switch (GET_WM_COMMAND_ID(wParam, lParam))
  186. {
  187. case IDC_EFF_SELECT:
  188. OnSelect(hDlg);
  189. break;
  190. default:
  191. bResult = FALSE;
  192. }
  193. break;
  195. case WM_HELP:
  196. if (IsWindowEnabled(hDlg))
  197. {
  198. WinHelp((HWND)((LPHELPINFO)lParam)->hItemHandle,
  199. c_szAcluiHelpFile,
  200. HELP_WM_HELP,
  201. (DWORD_PTR)aEffHelpIDs);
  202. }
  203. break;
  205. case WM_CONTEXTMENU:
  206. if (IsWindowEnabled(hDlg))
  207. {
  208. WinHelp(hDlg,
  209. c_szAcluiHelpFile,
  210. HELP_CONTEXTMENU,
  211. (DWORD_PTR)aEffHelpIDs);
  212. }
  213. break;
  214. case PSM_QUERYSIBLINGS:
  215. if(GetSelectedSID())
  216. InitListBox(hDlg);
  217. break;
  219. default:
  220. bResult = FALSE;
  221. }
  223. return bResult;
  224. }
  227. BOOL
  228. CEffPage::InitDlg( HWND hDlg )
  229. {
  231. HWND hwndList;
  232. RECT rc;
  233. LV_COLUMN col;
  234. TCHAR szBuffer[MAX_COLUMN_CHARS];
  235. HRESULT hr = S_OK;
  236. ULONG iDefaultAccess;
  237. HCURSOR hcur = SetCursor(LoadCursor(NULL, IDC_WAIT));
  239. TraceEnter(TRACE_EFFPERM, "CEffPage::InitDlg");
  240. TraceAssert(hDlg != NULL);
  241. TraceAssert(m_psi != NULL);
  242. TraceAssert(m_pei != NULL);
  244. hwndList = GetDlgItem(hDlg, IDC_EFF_PERM_LIST);
  246. //
  247. // Create & set the image list for the listview. If there is a
  248. // problem CreateSidImageList will return NULL which won't hurt
  249. // anything. In that case we'll just continue without an image list.
  250. //
  251. ListView_SetImageList(hwndList,
  252. LoadImageList(::hModule, MAKEINTRESOURCE(IDB_CHECKBOX)),
  253. LVSIL_SMALL);
  256. // Set extended LV style for whole line selection with InfoTips
  257. ListView_SetExtendedListViewStyleEx(hwndList,
  258. LVS_EX_FULLROWSELECT | LVS_EX_INFOTIP,
  259. LVS_EX_FULLROWSELECT | LVS_EX_INFOTIP);
  262. IAccPropServices * pAccPropSvc = NULL;
  263. hr = CoCreateInstance( CLSID_AccPropServices, NULL, CLSCTX_SERVER, IID_IAccPropServices, (void **) & pAccPropSvc );
  264. if( hr == S_OK && pAccPropSvc )
  265. {
  266. // Don't have to check HRESULT here, since if they fail we just ignore anyway,
  267. // but may want to log it while debugging.
  268. pAccPropSvc->SetHwndPropStr(hwndList, OBJID_CLIENT, 0, PROPID_ACC_ROLEMAP, g_ListRoleMap );
  269. pAccPropSvc->SetHwndPropStr(hwndList, OBJID_CLIENT, 0, PROPID_ACC_STATEMAP, g_ListStateMap );
  270. pAccPropSvc->Release();
  271. }
  275. //
  276. // Add appropriate listview columns
  277. //
  278. GetClientRect(hwndList, &rc);
  280. LoadString(::hModule, IDS_PERMISSIONS, szBuffer, ARRAYSIZE(szBuffer));
  281. col.mask = LVCF_FMT | LVCF_TEXT | LVCF_SUBITEM | LVCF_WIDTH;
  282. col.fmt = LVCFMT_LEFT;
  283. col.pszText = szBuffer;
  284. col.iSubItem = 0;
  285. col.cx = rc.right - GetSystemMetrics(SM_CXVSCROLL);
  286. ListView_InsertColumn(hwndList, 0, &col);
  289. //Get the access Rights
  290. hr = m_psi->GetAccessRights(&GUID_NULL,
  291. SI_ADVANCED|SI_EDIT_EFFECTIVE,
  292. &m_pAccess,
  293. &m_cAccesses,
  294. &iDefaultAccess);
  295. FailGracefully(hr, "GetAccessRights Failed");
  296. //Initialize the List box
  297. InitListBox(hDlg);
  299. exit_gracefully:
  302. SetCursor(hcur);
  304. if (FAILED(hr))
  305. {
  306. HWND hwnd;
  307. // Hide and disable everything
  308. for (hwnd = GetWindow(hDlg, GW_CHILD);
  309. hwnd != NULL;
  310. hwnd = GetWindow(hwnd, GW_HWNDNEXT))
  311. {
  312. ShowWindow(hwnd, SW_HIDE);
  313. EnableWindow(hwnd, FALSE);
  314. }
  316. // Enable and show the "No Security" message
  317. hwnd = GetDlgItem(hDlg, IDC_NO_EFFECTIVE);
  318. EnableWindow(hwnd, TRUE);
  319. ShowWindow(hwnd, SW_SHOW);
  320. }
  322. TraceLeaveValue(TRUE);
  323. }
  325. VOID
  326. CEffPage::OnSelect(HWND hDlg)
  327. {
  328. PUSER_LIST pUserList = NULL;
  329. LPEFFECTIVEPERMISSION pei;
  330. HRESULT hr = S_OK;
  332. TraceEnter(TRACE_EFFPERM, "CEffPage::OnSelect");
  334. if (S_OK == GetUserGroup(hDlg, FALSE, &pUserList))
  335. {
  336. TraceAssert(NULL != pUserList);
  337. TraceAssert(1 == pUserList->cUsers);
  339. // Free up previous sid
  340. if (m_pSid)
  341. LocalFree(m_pSid);
  343. // Copy the new sid
  344. m_pSid = LocalAllocSid(pUserList->rgUsers[0].pSid);
  345. if (m_pSid)
  346. {
  347. SetDlgItemText(hDlg, IDC_EFF_NAME, pUserList->rgUsers[0].pszName);
  348. }
  349. LocalFree(pUserList);
  350. InitListBox(hDlg);
  351. }
  352. }
  355. VOID
  356. CEffPage::InitListBox(HWND hDlg)
  357. {
  358. HWND hwndList;
  359. BOOL bProperties;
  361. PSI_ACCESS pAccess;
  362. ULONG cAccesses;
  363. DWORD dwType;
  364. TCHAR szName[MAX_PATH];
  365. PSID pSid = NULL;
  366. PEFFCACHEITEM pCacheItem = NULL;
  367. int index;
  368. TraceEnter(TRACE_EFFPERM, "CEffPage::InitListBox");
  369. TraceAssert( m_pAccess != NULL );
  370. TraceAssert(m_cAccesses != 0 );
  372. HRESULT hr = S_OK;
  373. hwndList = GetDlgItem(hDlg, IDC_EFF_PERM_LIST);
  375. if(!IsWindowEnabled(hwndList))
  376. {
  377. //Hide Error Message
  378. HWND hwnd = GetDlgItem(hDlg, IDC_EFF_ERROR);
  379. EnableWindow(hwnd, FALSE);
  380. ShowWindow(hwnd, SW_HIDE);
  381. //Show List box
  382. EnableWindow(hwndList, TRUE);
  383. ShowWindow(hwndList, SW_SHOW);
  384. }
  386. //Clear all items
  387. ListView_DeleteAllItems(hwndList);
  389. pAccess = m_pAccess;
  390. cAccesses = m_cAccesses;
  391. dwType = SI_ACCESS_SPECIFIC | SI_ACCESS_PROPERTY;
  393. //Get the current sid
  394. pSid = GetSelectedSID();
  395. if( pSid )
  396. {
  397. hr = GetEffectivePerm(pSid, &pCacheItem);
  398. FailGracefully(hr,"GetEffectivePermission Failed");
  399. }
  401. index = 0;
  402. // Enumerate the permissions and add to the checklist
  403. ULONG i;
  404. for (i = 0; i < cAccesses; i++, pAccess++)
  405. {
  406. LPCTSTR pszName;
  408. // Only add permissions that have any of the flags specified in dwType
  409. if (!(pAccess->dwFlags & dwType))
  410. continue;
  412. //Don't Add Permission which have inherit only on
  413. if( pAccess->dwFlags & INHERIT_ONLY_ACE )
  414. continue;
  416. pszName = pAccess->pszName;
  417. if (IS_INTRESOURCE(pszName))
  418. {
  419. TraceAssert(m_siObjectInfo.hInstance != NULL);
  421. if (LoadString(m_siObjectInfo.hInstance,
  422. (UINT)((ULONG_PTR)pszName),
  423. szName,
  424. ARRAYSIZE(szName)) == 0)
  425. {
  426. LoadString(::hModule,
  427. IDS_UNKNOWN,
  428. szName,
  429. ARRAYSIZE(szName));
  430. }
  431. pszName = szName;
  432. }
  434. BOOL bChecked = FALSE;
  435. if(pSid)
  436. {
  437. bChecked = IsChecked( pAccess, pCacheItem );
  438. }
  439. index = LV_ADDITEM( hwndList, pszName, index, pAccess, bChecked);
  440. index++;
  441. }
  442. if(index)
  443. {
  444. SelectListViewItem(hwndList, 0);
  445. // Redraw the list
  446. SendMessage(hwndList, WM_SETREDRAW, TRUE, 0);
  447. ListView_RedrawItems(hwndList, 0, -1);
  448. }
  452. exit_gracefully:
  453. if(pCacheItem)
  454. {
  455. if(pCacheItem->pGrantedAccessList)
  456. LocalFree(pCacheItem->pGrantedAccessList);
  457. LocalFree(pCacheItem);
  458. }
  459. if(FAILED(hr))
  460. {
  461. //Hide List box
  462. HWND hwnd = GetDlgItem(hDlg, IDC_EFF_PERM_LIST);
  463. EnableWindow(hwnd, FALSE);
  464. ShowWindow(hwnd, SW_HIDE);
  466. //Format Error Message To Display
  467. WCHAR buffer[MAX_PATH];
  468. LPWSTR pszCaption = NULL;
  469. GetWindowText(GetDlgItem(hDlg, IDC_EFF_NAME),
  470. buffer,
  471. MAX_PATH-1);
  472. FormatStringID(&pszCaption, ::hModule, IDS_EFF_ERROR, buffer);
  474. //Show Error Message
  475. hwnd = GetDlgItem(hDlg, IDC_EFF_ERROR);
  476. EnableWindow(hwnd, TRUE);
  477. SetWindowText(hwnd,pszCaption);
  478. ShowWindow(hwnd, SW_SHOW);
  479. LocalFreeString(&pszCaption);
  480. }
  481. TraceLeaveVoid();
  482. }
  484. //Calling function frees *ppCacheItem->pGrantedAccessList
  485. //and *ppCacheItem
  487. HRESULT
  488. CEffPage::GetEffectivePerm(PSID pSid,
  489. PEFFCACHEITEM *ppCacheItem )
  490. {
  491. PSECURITY_DESCRIPTOR pSD;
  493. HRESULT hr = S_OK;
  494. ULONG cItems = 0;
  495. PEFFCACHEITEM pCacheTemp = NULL;
  497. TraceEnter(TRACE_EFFPERM, "CEffPage::GetEffectivePerm");
  498. TraceAssert(pSid != NULL);
  499. TraceAssert(ppCacheItem != NULL);
  501. pCacheTemp = (PEFFCACHEITEM)LocalAlloc( LPTR, sizeof(EFFCACHEITEM) + GetLengthSid(pSid));
  503. if(!pCacheTemp)
  504. ExitGracefully(hr, E_OUTOFMEMORY, "Lcoal Alloc Failed");
  505. pCacheTemp->pSid = (PSID)(pCacheTemp + 1);
  506. CopySid(GetLengthSid(pSid), pCacheTemp->pSid, pSid);
  509. if(m_psi)
  510. {
  511. hr = m_psi->GetSecurity(OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
  512. &pSD,
  513. FALSE);
  514. FailGracefully(hr, "GetSecurity Failed");
  515. }
  517. if( m_pei)
  518. {
  519. DWORD dwTemp;
  520. hr = m_pei->GetEffectivePermission(&(m_siObjectInfo.guidObjectType),
  521. pCacheTemp->pSid,
  522. m_siObjectInfo.pszServerName,
  523. //NULL,
  524. pSD,
  525. &(pCacheTemp->pObjectTypeList),
  526. &(pCacheTemp->cObjectTypeListLength),
  527. &(pCacheTemp->pGrantedAccessList),
  528. &dwTemp);
  529. if(SUCCEEDED(hr))
  530. {
  531. if(!pCacheTemp->pObjectTypeList || !pCacheTemp->pGrantedAccessList)
  532. hr = E_FAIL;
  533. }
  535. FailGracefully(hr, "GetEffectivePermission Failed");
  537. }
  538. exit_gracefully:
  540. if( !SUCCEEDED(hr) )
  541. {
  542. LocalFree(pCacheTemp);
  543. pCacheTemp = NULL;
  544. }
  545. *ppCacheItem = pCacheTemp;
  547. TraceLeaveResult(hr);
  548. }