/// <summary>
/// Set ACL for control.
/// </summary>
/// <param name="acl">The ACL to view.</param>
/// <param name="access_type">The enum type for the view.</param>
/// <param name="mapping">Generic mapping for the type.</param>
/// <param name="valid_access">The valid bit mask for access for this type.</param>
/// <param name="is_container">True to indicate this object is a container.</param>
/// <param name="sdk_names">Show the ACEs using SDK style names.</param>
public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container, bool sdk_names)
{
_acl = acl;
_access_type = access_type;
_mapping = mapping;
_valid_access = valid_access;
_is_container = is_container;
_sdk_names = sdk_names;
showSDKNamesToolStripMenuItem.Checked = sdk_names;
bool has_conditional_ace = false;
bool has_inherited_object_ace = false;
bool has_object_ace = false;
List <string> flags = new List <string>();
if (acl.Defaulted)
{
flags.Add("Defaulted");
}
if (acl.Protected)
{
flags.Add("Protected");
}
if (acl.AutoInherited)
{
flags.Add("AutoInherited");
}
if (acl.AutoInheritReq)
{
flags.Add("AutoInheritReq");
}
if (flags.Count > 0)
{
lblFlags.Text = $"Flags: {string.Join(", ", flags)}";
}
else
{
lblFlags.Text = "Flags: None";
}
if (acl.NullAcl)
{
lblFlags.Text += Environment.NewLine + "NULL ACL";
listViewAcl.Visible = false;
listViewAccess.Visible = false;
groupBoxAclEntries.Visible = false;
groupBoxAccess.Visible = false;
return;
}
listViewAcl.Items.Clear();
listViewAcl.Visible = true;
listViewAccess.Visible = true;
listViewAccess.Items.Clear();
_current_access_type = null;
groupBoxAclEntries.Visible = true;
groupBoxAccess.Visible = true;
foreach (var ace in acl)
{
if (ace.IsConditionalAce)
{
has_conditional_ace = true;
}
if (ace.IsObjectAce)
{
if (ace.ObjectType.HasValue)
{
has_object_ace = true;
}
if (ace.InheritedObjectType.HasValue)
{
has_inherited_object_ace = true;
}
}
}
if (!has_conditional_ace)
{
listViewAcl.Columns.Remove(columnHeaderCondition);
copyConditionToolStripMenuItem.Visible = false;
}
if (!has_object_ace)
{
listViewAcl.Columns.Remove(columnHeaderObject);
}
if (!has_inherited_object_ace)
{
listViewAcl.Columns.Remove(columnHeaderInheritedObject);
}
foreach (var ace in acl)
{
var item = listViewAcl.Items.Add(sdk_names ? NtSecurity.AceTypeToSDKName(ace.Type) : ace.Type.ToString());
item.SubItems.Add(ace.Sid.Name);
string access;
if (ace.Type == AceType.MandatoryLabel)
{
access = NtSecurity.AccessMaskToString(ace.Mask.ToMandatoryLabelPolicy(), sdk_names);
}
else if (ace.Flags.HasFlag(AceFlags.InheritOnly))
{
access = NtSecurity.AccessMaskToString(ace.Mask.ToSpecificAccess(access_type), sdk_names);
}
else
{
AccessMask mapped_mask = mapping.MapMask(ace.Mask);
mapped_mask = mapping.UnmapMask(mapped_mask);
access = NtSecurity.AccessMaskToString(mapped_mask.ToSpecificAccess(access_type), sdk_names);
}
item.SubItems.Add(access);
item.SubItems.Add(sdk_names ? NtSecurity.AceFlagsToSDKName(ace.Flags) : ace.Flags.ToString());
if (has_conditional_ace)
{
item.SubItems.Add(ace.Condition);
}
if (has_object_ace)
{
item.SubItems.Add(ace.ObjectType?.ToString() ?? string.Empty);
}
if (has_inherited_object_ace)
{
item.SubItems.Add(ace.InheritedObjectType?.ToString() ?? string.Empty);
}
item.Tag = ace;
switch (ace.Type)
{
case AceType.Allowed:
case AceType.AllowedCallback:
case AceType.AllowedCallbackObject:
case AceType.AllowedObject:
item.BackColor = Color.LightGreen;
break;
case AceType.Denied:
case AceType.DeniedCallback:
case AceType.DeniedCallbackObject:
case AceType.DeniedObject:
item.BackColor = Color.LightSalmon;
break;
case AceType.ProcessTrustLabel:
item.BackColor = Color.LightSkyBlue;
break;
case AceType.MandatoryLabel:
item.BackColor = Color.LightGoldenrodYellow;
break;
case AceType.Audit:
case AceType.AuditCallback:
case AceType.AuditCallbackObject:
case AceType.AuditObject:
item.BackColor = Color.LightCoral;
break;
}
}
listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent);
listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
}
