public Acl <ulong> GetById(ulong objectId)
{
if (objectId == 808) // parent of crm article
{
var acl = new Acl <ulong>();
acl.Add(new Allow <ulong>(77, Right.View)); // add parent 77 access to read parent of crm articles
return(acl);
}
return(new Acl <ulong>());
}
private void ParseAcl(string acl)
{
//and example of a real acl string:
//user::rw-,user:6b157067-78b0-4478-ba7b-ade5c66f1a9a:rwx,group::r--,mask::rwx,other::---
Acl.Clear();
if (acl == null)
{
return;
}
foreach (string textForm in acl.Split(','))
{
bool isDefault = textForm.StartsWith("default:");
string processForm = isDefault ? textForm.Substring(8) : textForm;
var entry = new AclEntry(processForm);
if (entry.ObjectId == null)
{
//special entry
if (entry.Type == "user")
{
OwningUserPermissions = entry;
}
else if (entry.Type == "group")
{
OwningGroupPermissions = entry;
}
//ignore other special objects as they're not important
}
else
{
//push ID'd objects to the rest of the ACL
if (isDefault)
{
DefaultAcl.Add(entry);
}
else
{
Acl.Add(entry);
}
}
}
}
public EditableAcl(AccessControl acl)
{
OwnerUser = new EditableAclEntry(acl.OwningUserPermissions);
OwnerGroup = new EditableAclEntry(acl.OwningGroupPermissions);
OwnerUser.Identity = acl.OwnerUserId;
OwnerGroup.Identity = acl.OwnerGroupId;
foreach (AclEntry acle in acl.Acl)
{
Acl.Add(new EditableAclEntry(acle));
}
foreach (AclEntry acle in acl.DefaultAcl)
{
DefaultAcl.Add(new EditableAclEntry(acle));
}
}
/// <summary>
/// Constructor from a token default DACL and ownership values.
/// </summary>
/// <param name="token">The token to use for its default DACL</param>
public SecurityDescriptor(NtToken token) : this()
{
Owner = new SecurityDescriptorSid(token.Owner, true);
Group = new SecurityDescriptorSid(token.PrimaryGroup, true);
Dacl = token.DefaultDalc;
if (token.IntegrityLevel< TokenIntegrityLevel.Medium)
{
Sacl = new Acl();
Sacl.Add(new Ace(AceType.MandatoryLabel, AceFlags.None, 1, token.IntegrityLevelSid.Sid));
}
}
