/// <summary>使用指定的值初始化 <see cref="T:System.Security.AuthorizationControl.AccessRule" /> 类的一个新实例。</summary>
/// <param name="identity">应用访问规则的标识。此参数必须是可以强制转换为 <see cref="T:System.Security.Principal.SecurityIdentifier" /> 的对象。</param>
/// <param name="accessMask">此规则的访问掩码。访问掩码是一个 32 位的匿名位集合,其含义是由每个集成器定义的。</param>
/// <param name="isInherited">若从父容器继承此规则,则为 true。</param>
/// <param name="inheritanceFlags">访问规则的继承属性。</param>
/// <param name="propagationFlags">继承的访问规则是否自动传播。如果 <paramref name="inheritanceFlags" /> 设置为 <see cref="F:System.Security.AccessControl.InheritanceFlags.None" />,则将忽略传播标志。</param>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="identity" /> 参数的值不能强制转换为 <see cref="T:System.Security.Principal.SecurityIdentifier" />。</exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">
/// <paramref name="accessMask" /> 参数的值为零,或者 <paramref name="inheritanceFlags" /> 或 <paramref name="propagationFlags" /> 参数包含无法识别的标志值。</exception>
protected internal AuthorizationRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
if (identity == (IdentityReference)null)
{
throw new ArgumentNullException("identity");
}
if (accessMask == 0)
{
throw new ArgumentException(Environment.GetResourceString("Argument_ArgumentZero"), "accessMask");
}
if (inheritanceFlags < InheritanceFlags.None || inheritanceFlags > (InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit))
{
throw new ArgumentOutOfRangeException("inheritanceFlags", Environment.GetResourceString("Argument_InvalidEnumValue", (object)inheritanceFlags, (object)"InheritanceFlags"));
}
if (propagationFlags < PropagationFlags.None || propagationFlags > (PropagationFlags.NoPropagateInherit | PropagationFlags.InheritOnly))
{
throw new ArgumentOutOfRangeException("propagationFlags", Environment.GetResourceString("Argument_InvalidEnumValue", (object)inheritanceFlags, (object)"PropagationFlags"));
}
if (!identity.IsValidTargetType(typeof(SecurityIdentifier)))
{
throw new ArgumentException(Environment.GetResourceString("Arg_MustBeIdentityReferenceType"), "identity");
}
this._identity = identity;
this._accessMask = accessMask;
this._isInherited = isInherited;
this._inheritanceFlags = inheritanceFlags;
if (inheritanceFlags != InheritanceFlags.None)
{
this._propagationFlags = propagationFlags;
}
else
{
this._propagationFlags = PropagationFlags.None;
}
}
internal protected AuthorizationRule(
IdentityReference identity,
int accessMask,
bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
if (identity == null)
{
throw new ArgumentNullException("identity");
}
if (accessMask == 0)
{
throw new ArgumentException(
SR.Argument_ArgumentZero,
"accessMask");
}
if (inheritanceFlags < InheritanceFlags.None || inheritanceFlags > (InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit))
{
throw new ArgumentOutOfRangeException(
"inheritanceFlags",
SR.Format(SR.Argument_InvalidEnumValue, inheritanceFlags, "InheritanceFlags"));
}
if (propagationFlags < PropagationFlags.None || propagationFlags > (PropagationFlags.NoPropagateInherit | PropagationFlags.InheritOnly))
{
throw new ArgumentOutOfRangeException(
"propagationFlags",
SR.Format(SR.Argument_InvalidEnumValue, inheritanceFlags, "PropagationFlags"));
}
Contract.EndContractBlock();
if (identity.IsValidTargetType(typeof(SecurityIdentifier)) == false)
{
throw new ArgumentException(
SR.Arg_MustBeIdentityReferenceType,
"identity");
}
_identity = identity;
_accessMask = accessMask;
_isInherited = isInherited;
_inheritanceFlags = inheritanceFlags;
if (inheritanceFlags != 0)
{
_propagationFlags = propagationFlags;
}
else
{
_propagationFlags = 0;
}
}
public static HttpUrlSecurity[] GetHttpUrlSecurity()
{
InitializeHttp();
try
{
var urls = new List<HttpUrlSecurity>();
uint recordNum = 0;
while (true)
{
var inputConfigInfoQuery = new HTTP_SERVICE_CONFIG_URLACL_QUERY
{
QueryDesc = HTTP_SERVICE_CONFIG_QUERY_TYPE.HttpServiceConfigQueryNext,
dwToken = recordNum++
};
var size = Marshal.SizeOf(typeof(HTTP_SERVICE_CONFIG_URLACL_QUERY));
var pInputConfigInfo = Marshal.AllocCoTaskMem(size);
Marshal.StructureToPtr(inputConfigInfoQuery, pInputConfigInfo, false);
var pOutputConfigInfo = Marshal.AllocCoTaskMem(0);
var returnLength = 0;
var retVal = HttpQueryServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfo,
Marshal.SizeOf(inputConfigInfoQuery),
pOutputConfigInfo,
returnLength,
out returnLength,
IntPtr.Zero);
if (Win32ErrorCodes.InsufficientBuffer == retVal)
{
Marshal.FreeCoTaskMem(pOutputConfigInfo);
pOutputConfigInfo = Marshal.AllocCoTaskMem(Convert.ToInt32(returnLength));
retVal = HttpQueryServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfo,
Marshal.SizeOf(inputConfigInfoQuery),
pOutputConfigInfo,
returnLength,
out returnLength,
IntPtr.Zero);
}
else if( Win32ErrorCodes.NoMoreItems == retVal )
{
break;
}
if (Win32ErrorCodes.Ok == retVal)
{
var outputConfigInfo = (HTTP_SERVICE_CONFIG_URLACL_SET)
Marshal.PtrToStructure(pOutputConfigInfo, typeof(HTTP_SERVICE_CONFIG_URLACL_SET));
var sd = new CommonSecurityDescriptor(false, false, outputConfigInfo.ParamDesc.pStringSecurityDescriptor);
var urlAcl = new HttpUrlSecurity(outputConfigInfo.KeyDesc.pUrlPrefix);
foreach (var genericAce in sd.DiscretionaryAcl)
{
var rule = (CommonAce) genericAce;
IdentityReference id = rule.SecurityIdentifier;
if (id.IsValidTargetType(typeof(NTAccount)))
{
try
{
id = id.Translate(typeof(NTAccount));
}
catch
{
}
}
urlAcl.AddAccessRule(new HttpUrlAccessRule(id, (HttpUrlAccessRights)rule.AccessMask));
}
urls.Add(urlAcl);
}
else
{
throw new Win32Exception();
}
}
return urls.ToArray();
}
finally
{
TerminateHttp();
}
}