mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
568 lines
15 KiB
568 lines
15 KiB
/*++
|
|
|
|
Microsoft Windows
|
|
Copyright (C) Microsoft Corporation, 1981 - 1998
|
|
|
|
Module Name:
|
|
|
|
secpath.cxx
|
|
|
|
Abstract:
|
|
|
|
this file contains the code for the dialog that is used for associating
|
|
security groups with paths.
|
|
|
|
Author:
|
|
|
|
Rahul Thombre (RahulTh) 4/14/1998
|
|
|
|
Revision History:
|
|
|
|
4/14/1998 RahulTh
|
|
|
|
Created this module.
|
|
|
|
--*/
|
|
|
|
#include "precomp.hxx"
|
|
|
|
//
|
|
//mapping between help ids and controls ids for this dialog
|
|
//
|
|
const DWORD g_aHelpIDMap_IDD_SECPATH[] =
|
|
{
|
|
IDC_SECPATH_ICON, IDH_DISABLEHELP,
|
|
IDC_SECPATH_DESC, IDH_DISABLEHELP,
|
|
IDC_SECPATH_SECGROUP, IDH_DISABLEHELP,
|
|
IDC_EDIT_SECGROUP, IDH_EDIT_SECGROUP,
|
|
IDC_BROWSE_SECGROUP, IDH_BROWSE_SECGROUP,
|
|
IDC_SECPATH_TARGET, IDH_DISABLEHELP,
|
|
0, 0
|
|
};
|
|
|
|
///////////////////////////
|
|
/// Construction
|
|
|
|
CSecGroupPath::CSecGroupPath (CWnd * pParent,
|
|
UINT cookie,
|
|
LPCTSTR szFolderName,
|
|
LPCTSTR szGroupName /*=NULL*/,
|
|
LPCTSTR szGroupSidStr /*=NULL*/,
|
|
LPCTSTR szTarget /*= NULL*/)
|
|
: CDialog(CSecGroupPath::IDD, pParent), m_redirPath (cookie), m_cookie (cookie)
|
|
{
|
|
m_szFolderName = szFolderName;
|
|
m_szGroup = szGroupName;
|
|
m_szSidStr = szGroupSidStr;
|
|
m_szTarget = szTarget;
|
|
if (! m_szTarget.IsEmpty())
|
|
{
|
|
m_szTarget.TrimLeft();
|
|
m_szTarget.TrimRight();
|
|
m_szTarget.TrimRight(L'\\');
|
|
}
|
|
m_bPathValid = FALSE;
|
|
m_iCurrType = -1;
|
|
}
|
|
|
|
/////////////////////////
|
|
///Overrides
|
|
|
|
void CSecGroupPath::DoDataExchange (CDataExchange* pDX)
|
|
{
|
|
CDialog::DoDataExchange(pDX);
|
|
//{{AFX_DATA_MAP(CSecGroupPath)
|
|
DDX_Control(pDX, IDC_EDIT_SECGROUP, m_EditSecGroup);
|
|
DDX_Control(pDX, IDC_BROWSE_SECGROUP, m_btnBrowseSecGroup);
|
|
DDX_Control(pDX, IDC_SECPATH_PLACEHOLDER, m_placeHolder);
|
|
//}}AFX_DATA_MAP
|
|
}
|
|
|
|
/////////////////////
|
|
/// Message maps
|
|
BEGIN_MESSAGE_MAP(CSecGroupPath, CDialog)
|
|
//{{AFX_MSG_MAP(CSecGroupPath)
|
|
ON_BN_CLICKED (IDC_BROWSE_SECGROUP, OnBrowseGroups)
|
|
ON_EN_UPDATE (IDC_EDIT_SECGROUP, OnSecGroupUpdate)
|
|
ON_EN_KILLFOCUS (IDC_EDIT_SECGROUP, OnSecGroupKillFocus)
|
|
ON_MESSAGE (WM_PATH_TWEAKED, OnPathTweak)
|
|
ON_MESSAGE (WM_HELP, OnHelp)
|
|
ON_MESSAGE (WM_CONTEXTMENU, OnContextMenu)
|
|
//}AFX_MSG_MAP
|
|
END_MESSAGE_MAP()
|
|
|
|
BOOL CSecGroupPath::OnInitDialog ()
|
|
{
|
|
CError error (this);
|
|
|
|
CDialog::OnInitDialog();
|
|
|
|
//
|
|
// Make sure that the supplied path is parseable into one of the known
|
|
// types
|
|
//
|
|
if (! m_szTarget.IsEmpty())
|
|
m_redirPath.Load ((LPCTSTR) m_szTarget); // This will always succeed if m_szTarget is not empty
|
|
|
|
m_pathChooser.Instantiate (m_cookie,
|
|
this,
|
|
&m_placeHolder,
|
|
(const CRedirPath *) &m_redirPath,
|
|
SWP_SHOWWINDOW
|
|
);
|
|
|
|
m_EditSecGroup.SetWindowText (m_szGroup);
|
|
m_EditSecGroup.SetSel (0, -1, FALSE);
|
|
m_EditSecGroup.SetFocus();
|
|
SetOKState();
|
|
|
|
return FALSE; //returning FALSE since we are setting the focus to the edit box
|
|
}
|
|
|
|
void CSecGroupPath::OnOK ()
|
|
{
|
|
CError error(this);
|
|
CString szRoot;
|
|
CString szSuffix;
|
|
CRedirPath newPath (m_cookie);
|
|
BOOL bStatus = TRUE;
|
|
UINT pathType;
|
|
|
|
//first check if we have a valid group.
|
|
OnSecGroupKillFocus();
|
|
|
|
//if the target is not a UNC path, try to convert it to one.
|
|
m_pathChooser.OnRootKillFocus();
|
|
|
|
if (!m_fValidSid)
|
|
{
|
|
error.ShowMessage (IDS_NOSECURITY_INFO);
|
|
return;
|
|
}
|
|
|
|
m_EditSecGroup.GetWindowText (m_szGroup);
|
|
m_szGroup.TrimLeft();
|
|
m_szGroup.TrimRight();
|
|
|
|
m_szSidStr.TrimLeft();
|
|
m_szSidStr.TrimRight();
|
|
m_szSidStr.MakeLower();
|
|
|
|
m_pathChooser.GetRoot (szRoot);
|
|
pathType = m_pathChooser.GetType();
|
|
|
|
bStatus = TRUE;
|
|
if (m_redirPath.IsPathDifferent (pathType, (LPCTSTR)szRoot))
|
|
{
|
|
// The path has changed, so use the new suffix
|
|
newPath.GenerateSuffix (szSuffix, m_cookie, pathType);
|
|
bStatus = newPath.Load (pathType, (LPCTSTR) szRoot, (LPCTSTR) szSuffix);
|
|
if (bStatus)
|
|
newPath.GeneratePath (m_szTarget);
|
|
}
|
|
else
|
|
{
|
|
m_redirPath.GeneratePath (m_szTarget);
|
|
}
|
|
|
|
//check if all the data has been provided.
|
|
if (! bStatus ||
|
|
m_szTarget == TEXT("*") || //this particular check is very important -- see code for CFileInfo::LoadSection to see why
|
|
m_szGroup.IsEmpty())
|
|
{
|
|
error.ShowMessage (IDS_INVALID_GROUPPATH);
|
|
}
|
|
else if (pathType != IDS_USERPROFILE_PATH &&
|
|
! PathIsUNC ((LPCTSTR) m_szTarget)
|
|
)
|
|
{
|
|
error.SetStyle (MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2);
|
|
error.SetTitle (IDS_DEFAULT_WARNING_TITLE);
|
|
if (IDYES == error.ShowMessage (IDS_PATHNOTUNC_WARNING))
|
|
{
|
|
CDialog::OnOK();
|
|
}
|
|
}
|
|
else
|
|
{
|
|
CDialog::OnOK();
|
|
}
|
|
}
|
|
|
|
void
|
|
CSecGroupPath::OnCancel (void)
|
|
{
|
|
m_pathChooser.OnCancel();
|
|
CDialog::OnCancel();
|
|
}
|
|
|
|
//browse the security groups
|
|
void CSecGroupPath::OnBrowseGroups ()
|
|
{
|
|
AFX_MANAGE_STATE(AfxGetStaticModuleState());
|
|
|
|
CError error(this);
|
|
PCWSTR apwszAttribs[] =
|
|
{
|
|
L"ObjectSid"
|
|
};
|
|
DWORD dwError = ERROR_SUCCESS;
|
|
HRESULT hr;
|
|
IDsObjectPicker * pDsObjectPicker = NULL;
|
|
DSOP_INIT_INFO InitInfo;
|
|
const ULONG cbNumScopes = 3;
|
|
DSOP_SCOPE_INIT_INFO ascopes[cbNumScopes];
|
|
IDataObject * pdo = NULL;
|
|
STGMEDIUM stgmedium = {
|
|
TYMED_HGLOBAL,
|
|
NULL
|
|
};
|
|
UINT cf = 0;
|
|
PDS_SELECTION_LIST pDsSelList = NULL;
|
|
FORMATETC formatetc = {
|
|
(CLIPFORMAT)cf,
|
|
NULL,
|
|
DVASPECT_CONTENT,
|
|
-1,
|
|
TYMED_HGLOBAL
|
|
};
|
|
PDS_SELECTION pDsSelection = NULL;
|
|
BOOL bAllocatedStgMedium = FALSE;
|
|
SAFEARRAY * pVariantArr = NULL;
|
|
PSID pSid = NULL;
|
|
CString szDomain;
|
|
CString szAcct;
|
|
SID_NAME_USE eUse;
|
|
|
|
|
|
hr = CoInitialize (NULL);
|
|
|
|
if (SUCCEEDED (hr))
|
|
{
|
|
hr = CoCreateInstance (CLSID_DsObjectPicker,
|
|
NULL,
|
|
CLSCTX_INPROC_SERVER,
|
|
IID_IDsObjectPicker,
|
|
(void **) & pDsObjectPicker
|
|
);
|
|
}
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
dwError = IDS_OBJPICK_ERROR;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
|
|
//Initialize the scopes
|
|
ZeroMemory (ascopes, cbNumScopes * sizeof (DSOP_SCOPE_INIT_INFO));
|
|
|
|
ascopes[0].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
|
|
ascopes[0].flType = DSOP_SCOPE_TYPE_ENTERPRISE_DOMAIN;
|
|
ascopes[0].flScope = DSOP_SCOPE_FLAG_STARTING_SCOPE;
|
|
ascopes[0].FilterFlags.Uplevel.flBothModes = DSOP_FILTER_BUILTIN_GROUPS |
|
|
DSOP_FILTER_UNIVERSAL_GROUPS_DL |
|
|
DSOP_FILTER_UNIVERSAL_GROUPS_SE |
|
|
DSOP_FILTER_GLOBAL_GROUPS_DL |
|
|
DSOP_FILTER_GLOBAL_GROUPS_SE;
|
|
ascopes[0].FilterFlags.Uplevel.flNativeModeOnly =
|
|
DSOP_FILTER_DOMAIN_LOCAL_GROUPS_DL |
|
|
DSOP_FILTER_DOMAIN_LOCAL_GROUPS_SE;
|
|
|
|
ascopes[1].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
|
|
ascopes[1].flType = DSOP_SCOPE_TYPE_GLOBAL_CATALOG;
|
|
ascopes[1].FilterFlags.Uplevel.flBothModes =
|
|
ascopes[0].FilterFlags.Uplevel.flBothModes;
|
|
ascopes[1].FilterFlags.Uplevel.flNativeModeOnly =
|
|
ascopes[0].FilterFlags.Uplevel.flNativeModeOnly;
|
|
|
|
ascopes[2].cbSize = sizeof (DSOP_SCOPE_INIT_INFO);
|
|
ascopes[2].flType = DSOP_SCOPE_TYPE_TARGET_COMPUTER;
|
|
ascopes[2].FilterFlags.flDownlevel = DSOP_DOWNLEVEL_FILTER_LOCAL_GROUPS |
|
|
DSOP_DOWNLEVEL_FILTER_GLOBAL_GROUPS;
|
|
|
|
//Populate the InitInfo structure that is used to initialize the object
|
|
//picker.
|
|
ZeroMemory (&InitInfo, sizeof (InitInfo));
|
|
|
|
InitInfo.cbSize = sizeof (InitInfo);
|
|
InitInfo.cDsScopeInfos = cbNumScopes;
|
|
InitInfo.aDsScopeInfos = ascopes;
|
|
InitInfo.cAttributesToFetch = 1;
|
|
InitInfo.apwzAttributeNames = apwszAttribs;
|
|
|
|
hr = pDsObjectPicker->Initialize (&InitInfo);
|
|
|
|
if (FAILED (hr))
|
|
{
|
|
dwError = IDS_OBJPICK_ERROR;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
hr = pDsObjectPicker->InvokeDialog (this->m_hWnd, &pdo);
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
dwError = IDS_OBJPICK_ERROR;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
if (S_FALSE == hr) //the user hit cancel
|
|
goto BrwsGrp_CleanupAndQuit;
|
|
|
|
//if we are here, the user chose, OK, so find out what group was chosen
|
|
cf = RegisterClipboardFormat (CFSTR_DSOP_DS_SELECTION_LIST);
|
|
|
|
if (0 == cf)
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
//set the clipformat for the formatetc structure
|
|
formatetc.cfFormat = (CLIPFORMAT)cf;
|
|
|
|
hr = pdo->GetData (&formatetc, &stgmedium);
|
|
|
|
if (FAILED (hr) )
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
bAllocatedStgMedium = TRUE;
|
|
|
|
pDsSelList = (PDS_SELECTION_LIST) GlobalLock (stgmedium.hGlobal);
|
|
|
|
if (NULL == pDsSelList)
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
|
|
if (!pDsSelList->cItems) //some item must have been selected
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
pDsSelection = &(pDsSelList->aDsSelection[0]);
|
|
|
|
//we must get the ObjectSid attribute, otherwise we fail
|
|
//so make sure that the attribute has been fetched.
|
|
if (!pDsSelList->cFetchedAttributes ||
|
|
(! (VT_ARRAY & pDsSelection->pvarFetchedAttributes->vt)))
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
pVariantArr = pDsSelection->pvarFetchedAttributes->parray;
|
|
pSid = (PSID) pVariantArr->pvData;
|
|
|
|
if (STATUS_SUCCESS != GetFriendlyNameFromSid (pSid, szDomain, szAcct, &eUse))
|
|
{
|
|
dwError = IDS_NOSECURITY_INFO;
|
|
goto BrwsGrp_Err;
|
|
}
|
|
|
|
//store away the string representation of this sid
|
|
if (STATUS_SUCCESS != GetStringFromSid(pSid, m_szSidStr))
|
|
goto BrwsGrp_Err;
|
|
|
|
m_szSidStr.MakeLower();
|
|
if (!szDomain.IsEmpty())
|
|
szAcct = szDomain + '\\' + szAcct;
|
|
|
|
m_EditSecGroup.SetWindowText (szAcct);
|
|
m_fValidSid = TRUE;
|
|
|
|
goto BrwsGrp_CleanupAndQuit;
|
|
|
|
BrwsGrp_Err:
|
|
error.ShowMessage (dwError);
|
|
|
|
BrwsGrp_CleanupAndQuit:
|
|
if (pDsSelList)
|
|
GlobalUnlock (stgmedium.hGlobal);
|
|
if (bAllocatedStgMedium)
|
|
ReleaseStgMedium (&stgmedium);
|
|
if (pdo)
|
|
pdo->Release();
|
|
if (pDsObjectPicker)
|
|
pDsObjectPicker->Release ();
|
|
}
|
|
|
|
void CSecGroupPath::SetOKState (void)
|
|
{
|
|
CString szGroup;
|
|
CString szPath;
|
|
BOOL bCheckPath = FALSE;
|
|
|
|
m_EditSecGroup.GetWindowText(szGroup);
|
|
szGroup.TrimLeft();
|
|
szGroup.TrimRight();
|
|
|
|
if (IDS_SPECIFIC_PATH == m_iCurrType ||
|
|
IDS_PERUSER_PATH == m_iCurrType)
|
|
{
|
|
bCheckPath = TRUE;
|
|
m_pathChooser.GetRoot (szPath);
|
|
szPath.TrimLeft();
|
|
szPath.TrimRight();
|
|
szPath.TrimRight(L'\\');
|
|
}
|
|
|
|
if (szGroup.IsEmpty() || (bCheckPath && szPath.IsEmpty()))
|
|
GetDescendantWindow(IDOK, FALSE)->EnableWindow(FALSE);
|
|
else
|
|
GetDescendantWindow(IDOK, FALSE)->EnableWindow(TRUE);
|
|
}
|
|
|
|
void CSecGroupPath::OnSecGroupUpdate()
|
|
{
|
|
//the group in the edit box is about to change.
|
|
//this means we can no longer trust the sid that we may have
|
|
m_fValidSid = FALSE;
|
|
SetOKState();
|
|
}
|
|
|
|
//we try to get a sid and domain for the group specified
|
|
//if we can't, we simply ignore the error and sit tight.
|
|
void CSecGroupPath::OnSecGroupKillFocus()
|
|
{
|
|
BOOL bStatus;
|
|
CString szGroup;
|
|
WCHAR szWindowText[MAX_PATH];
|
|
WCHAR szDom[MAX_PATH];
|
|
DWORD dwDomLen = MAX_PATH;
|
|
WCHAR* szAcct;
|
|
PSID Sid = NULL;
|
|
DWORD dwSidLen = 0;
|
|
SID_NAME_USE eUse;
|
|
DWORD Status;
|
|
CHourglass hourglass; //LookupAccountName takes a while
|
|
BOOL fDomainSupplied = FALSE;
|
|
|
|
|
|
//if we already have a valid sid, there is nothing to worry.
|
|
if (m_fValidSid)
|
|
goto KillFocusEnd;
|
|
|
|
//we don't have a valid sid, so we try to get one from the data in the
|
|
//group box
|
|
m_EditSecGroup.GetWindowText (szGroup);
|
|
szGroup.TrimLeft();
|
|
szGroup.TrimRight();
|
|
|
|
if (szGroup.IsEmpty())
|
|
goto KillFocusEnd;
|
|
|
|
|
|
//get the account name from the window
|
|
wcscpy (szWindowText, (LPCTSTR) szGroup);
|
|
szAcct = wcsrchr (szWindowText, '\\');
|
|
if (!szAcct)
|
|
{
|
|
szAcct = szWindowText;
|
|
}
|
|
else
|
|
{
|
|
*szAcct++ = 0; //advance it so that it now points to the account
|
|
//and szWindowText will now refer to the supplied domain
|
|
fDomainSupplied = TRUE;
|
|
}
|
|
|
|
do
|
|
{
|
|
bStatus = LookupAccountName (NULL, szAcct, Sid, &dwSidLen,
|
|
szDom, &dwDomLen, &eUse);
|
|
|
|
if (!bStatus)
|
|
{
|
|
Status = GetLastError();
|
|
if (ERROR_INSUFFICIENT_BUFFER != Status)
|
|
goto KillFocusEnd; //we just ignore the error for now
|
|
Sid = (PSID) alloca (dwSidLen);
|
|
if (NULL == Sid)
|
|
goto KillFocusEnd; //we just ignore the error for now
|
|
|
|
continue;
|
|
}
|
|
break;
|
|
} while (1);
|
|
|
|
//we have the sid if we are here
|
|
//make sure it represents a group
|
|
switch (eUse)
|
|
{
|
|
case SidTypeGroup:
|
|
case SidTypeWellKnownGroup:
|
|
case SidTypeAlias:
|
|
break;
|
|
default:
|
|
goto KillFocusEnd;
|
|
}
|
|
|
|
//also make sure that if a domain was supplied, it matches what we
|
|
//got back
|
|
if (fDomainSupplied && (0 != lstrcmpi (szWindowText, szDom)))
|
|
goto KillFocusEnd;
|
|
|
|
//if we are here, then we have the sid for a group
|
|
if (STATUS_SUCCESS != GetStringFromSid (Sid, m_szSidStr))
|
|
goto KillFocusEnd;
|
|
|
|
//we were finally successful in getting the sid in a string format
|
|
m_szSidStr.MakeLower();
|
|
szGroup = szDom;
|
|
if (!szGroup.IsEmpty())
|
|
szGroup += '\\';
|
|
szGroup += szAcct;
|
|
m_EditSecGroup.SetWindowText ((LPCTSTR) szGroup);
|
|
m_fValidSid = TRUE;
|
|
|
|
KillFocusEnd:
|
|
return;
|
|
}
|
|
|
|
void CSecGroupPath::OnPathTweak (WPARAM wParam, LPARAM lParam)
|
|
{
|
|
m_bPathValid = (BOOL) wParam;
|
|
m_iCurrType = (LONG) lParam;
|
|
|
|
SetOKState();
|
|
}
|
|
|
|
LONG CSecGroupPath::OnHelp (WPARAM wParam, LPARAM lParam)
|
|
{
|
|
LONG lResult = 0;
|
|
CString szHelpFile;
|
|
|
|
szHelpFile.LoadString(IDS_HELP_FILE);
|
|
|
|
::WinHelp((HWND)(((LPHELPINFO)lParam)->hItemHandle),
|
|
(LPCTSTR) szHelpFile,
|
|
HELP_WM_HELP,
|
|
(ULONG_PTR)(LPTSTR)g_aHelpIDMap_IDD_SECPATH);
|
|
|
|
return lResult;
|
|
}
|
|
|
|
LONG CSecGroupPath::OnContextMenu (WPARAM wParam, LPARAM lParam)
|
|
{
|
|
AFX_MANAGE_STATE (AfxGetStaticModuleState());
|
|
|
|
LONG lResult = 0;
|
|
CString szHelpFile;
|
|
|
|
szHelpFile.LoadString(IDS_HELP_FILE);
|
|
|
|
::WinHelp((HWND)wParam,
|
|
(LPCTSTR)szHelpFile,
|
|
HELP_CONTEXTMENU,
|
|
(ULONG_PTR)(LPVOID)g_aHelpIDMap_IDD_SECPATH);
|
|
|
|
return lResult;
|
|
}
|