// this method is called by SecurityInfoCCW.GetSecurity
// its return is the SecurityDescriptor in binary format
// it loads the data from the registry
// [loads data from registry to UI]
public IntPtr GetSecurity(SecurityInfos requestedInformation, bool wantDefault)
{
if (requestedInformation == SecurityInfos.DiscretionaryAcl)
{
StringBuilder securityDescriptorBuilder = new StringBuilder("D:");
System.Collections.ArrayList kerb = new System.Collections.ArrayList(current.KerberosGlobalAcl);
System.Collections.ArrayList indexesOfInvalidItems = new System.Collections.ArrayList();
for (int i = 0; i < kerb.Count; i++)
{
try
{
string sid = ((new NTAccount((string)kerb[i])).Translate(typeof(SecurityIdentifier))).ToString();
securityDescriptorBuilder.Append("(A;;LCSWRP;;;" + sid + ")");
}
catch (ArgumentException) // invalid account, do not consider it
{
indexesOfInvalidItems.Add(i);
}
catch (IdentityNotMappedException)
{
indexesOfInvalidItems.Add(i);
}
}
//remove invalid items based on indexesOfInvalidItems
for (int i = indexesOfInvalidItems.Count - 1; i >= 0; i--)
{
kerb.RemoveAt((int)indexesOfInvalidItems[i]);
}
// rebuild the ACL, taking care not to leave it null
if (kerb.Count <= 0)
{
current.KerberosGlobalAcl = new string[] { "" };
}
else
{
current.KerberosGlobalAcl = (string[])kerb.ToArray(typeof(string));
}
IntPtr securityDescriptor;
int size = 0;
// call external function for transformig String SecurityDescriptors
// into their internal representation
#pragma warning suppress 56523
bool ret = SafeNativeMethods.ConvertStringSecurityDescriptorToSecurityDescriptor(
securityDescriptorBuilder.ToString(),
1, /*
* must be SDDL_REVISION_1 == 1 always
*/
out securityDescriptor,
out size
);
if (!ret)
{
return(IntPtr.Zero);
}
return(securityDescriptor);
}
return(IntPtr.Zero);
}
