static void EvalAceList(Type rightType, List <IAccessControlEntry> aces, SecurityResults securityResults)
        {
            if (!securityResults.ContainsRightType(rightType))
            {
                securityResults.InitResult(rightType);
            }

            if (aces.Count > 0)
            {
                aces.Sort(new AceComparer());

                //Logic: Look in the Dacl for aces of the given AceType, create a new mask of the combined rights.
                //  If Allowed: bitwise-OR the value into the mask.
                //  If Deined: if the mask contains the value, XOR the value out.
                //The result mask contains only the allowed rights.
                int mask = 0;
                foreach (IAccessControlEntry ace in aces)
                {
                    if (ace.Allowed)
                    {
                        mask |= ace.RightData.Value;
                    }
                    else if ((mask & ace.RightData.Value) == ace.RightData.Value)
                    {
                        mask ^= ace.RightData.Value;
                    }
                }


                //For each right of the given acetype, perform a bitwise - AND to see if the right is specified in the mask.
                int[] rights = rightType.GetRightTypeValues();
                for (int i = 0; i < rights.Length; i++)
                {
                    securityResults.GetByTypeRight(rightType, rights[i]).AccessAllowed = (mask & rights[i]) == rights[i];
                }


                RightsAccessorAttribute attrib =
                    (RightsAccessorAttribute)Attribute.GetCustomAttribute(rightType.GetType(), typeof(RightsAccessorAttribute));
                if (attrib != null && attrib.HasMask)
                {
                    EvalExtended(rightType, mask, securityResults, attrib);
                }
            }
        }
        static void EvalAceList(Type rightType, List <IAccessControlEntryAudit> aces, SecurityResults securityResults)
        {
            if (!securityResults.ContainsRightType(rightType))
            {
                securityResults.InitResult(rightType);
            }

            if (aces.Count > 0)
            {
                aces.Sort(new AceComparer());

                //Logic: Look in the Sacl for aces of the given AceType, create a new mask of the combined rights.
                //  If Allowed: bitwise-OR the value into the allowedMask.
                //  If Denied: bitwise-OR the value into the deniedMask.
                //The result mask contains only the allowed rights.
                int allowedMask = 0;
                int deniedMask  = 0;
                foreach (IAccessControlEntryAudit ace in aces)
                {
                    if (ace.Allowed)
                    {
                        allowedMask |= ace.RightData.Value;
                    }
                    if (ace.Denied)
                    {
                        deniedMask |= ace.RightData.Value;
                    }
                }

                //For each right of the given acetype, perform a bitwise-AND to see if the right is specified in the mask.
                int[] rights = rightType.GetRightTypeValues();
                int   right  = 0;
                for (int i = 0; i < rights.Length; i++)
                {
                    right = rights[i];
                    securityResults.GetByTypeRight(rightType, right).AuditSuccess = (allowedMask & right) == right;
                    securityResults.GetByTypeRight(rightType, right).AuditFailure = (deniedMask & right) == right;
                }
            }
        }