protected internal AuthorizationRule(System.Security.Principal.IdentityReference identity, int accessMask, bool isInherited, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags)
{
if (identity == null)
{
throw new ArgumentNullException("identity");
}
if (accessMask == 0)
{
throw new ArgumentException(Environment.GetResourceString("Argument_ArgumentZero"), "accessMask");
}
if ((inheritanceFlags < System.Security.AccessControl.InheritanceFlags.None) || (inheritanceFlags > (System.Security.AccessControl.InheritanceFlags.ObjectInherit | System.Security.AccessControl.InheritanceFlags.ContainerInherit)))
{
throw new ArgumentOutOfRangeException("inheritanceFlags", Environment.GetResourceString("Argument_InvalidEnumValue", new object[] { inheritanceFlags, "InheritanceFlags" }));
}
if ((propagationFlags < System.Security.AccessControl.PropagationFlags.None) || (propagationFlags > (System.Security.AccessControl.PropagationFlags.InheritOnly | System.Security.AccessControl.PropagationFlags.NoPropagateInherit)))
{
throw new ArgumentOutOfRangeException("propagationFlags", Environment.GetResourceString("Argument_InvalidEnumValue", new object[] { inheritanceFlags, "PropagationFlags" }));
}
if (!identity.IsValidTargetType(typeof(SecurityIdentifier)))
{
throw new ArgumentException(Environment.GetResourceString("Arg_MustBeIdentityReferenceType"), "identity");
}
this._identity = identity;
this._accessMask = accessMask;
this._isInherited = isInherited;
this._inheritanceFlags = inheritanceFlags;
if (inheritanceFlags != System.Security.AccessControl.InheritanceFlags.None)
{
this._propagationFlags = propagationFlags;
}
else
{
this._propagationFlags = System.Security.AccessControl.PropagationFlags.None;
}
}
public override AccessRule AccessRuleFactory (IdentityReference identityReference,
int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags,
AccessControlType type)
{
return new PipeAccessRule (identityReference, (PipeAccessRights)accessMask, type);
}
public MutexAuditRule (IdentityReference identity,
MutexRights eventRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.rights = eventRights;
}
public override sealed AccessRule AccessRuleFactory (IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AccessControlType type)
{
return new FileSystemAccessRule (identityReference, (FileSystemRights) accessMask, isInherited,
inheritanceFlags, propagationFlags, type);
}
private static void AddAclRuleOnDirectory(string directory, IdentityReference identity, FileSystemRights rights, AccessControlType type)
{
var acl = Directory.GetAccessControl(directory);
acl.PurgeAccessRules(identity);
acl.AddAccessRule(new FileSystemAccessRule(identity, rights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, type));
Directory.SetAccessControl(directory, acl);
}
private static void AddAclRuleOnFile(string file, IdentityReference identity, FileSystemRights rights, AccessControlType type)
{
var acl = File.GetAccessControl(file);
acl.PurgeAccessRules(identity);
acl.AddAccessRule(new FileSystemAccessRule(identity, rights, type));
File.SetAccessControl(file, acl);
}
public SemaphoreAccessRule (IdentityReference identity,
SemaphoreRights semaphoreRights,
AccessControlType type)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, type)
{
this.semaphoreRights = semaphoreRights;
}
public EventWaitHandleAuditRule (IdentityReference identity,
EventWaitHandleRights eventRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
if (eventRights < EventWaitHandleRights.Modify ||
eventRights > EventWaitHandleRights.FullControl) {
throw new ArgumentOutOfRangeException ("eventRights");
}
if (flags < AuditFlags.None ||
flags > AuditFlags.Failure) {
throw new ArgumentOutOfRangeException ("flags");
}
if (identity == null) {
throw new ArgumentNullException ("identity");
}
if (eventRights == 0) {
throw new ArgumentNullException ("eventRights");
}
if (flags == AuditFlags.None) {
throw new ArgumentException ("flags");
}
if (!(identity is SecurityIdentifier)) {
throw new ArgumentException ("identity");
}
this.rights = eventRights;
}
public virtual AuditRule AuditRuleFactory (IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags flags,
Guid objectType, Guid inheritedObjectType)
{
throw GetNotImplementedException ();
}
public override sealed AuditRule AuditRuleFactory (IdentityReference identityReference,
int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags,
AuditFlags flags)
{
return new PipeAuditRule (identityReference, (PipeAccessRights)accessMask, flags);
}
protected AccessRule (IdentityReference identity,
int accessMask,
bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AccessControlType type)
: base (identity, accessMask, isInherited,
inheritanceFlags, propagationFlags)
{
if (!(identity is SecurityIdentifier)) {
throw new ArgumentException ("identity");
}
if (type < AccessControlType.Allow ||
type > AccessControlType.Deny) {
throw new ArgumentException ("type");
}
if (accessMask == 0) {
/* FIXME: check inheritance and
* propagation flags too
*/
throw new ArgumentOutOfRangeException ();
}
this.type = type;
}
public WaitableTimerAccessRule(
IdentityReference identity,
WaitableTimerRights timerRights,
AccessControlType type)
: this(identity, (int)timerRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
/// <summary>
/// Displays the dialog.
/// </summary>
public bool ShowDialog(ApplicationAccessRule accessRule)
{
AccessTypeCB.SelectedItem = accessRule.RuleType;
IdentityNameTB.Text = accessRule.IdentityName;
m_identity = accessRule.IdentityReference;
if (m_identity == null)
{
AccountInfo account = AccountInfo.Create(IdentityNameTB.Text);
if (account != null)
{
m_identity = account.GetIdentityReference();
}
}
if (accessRule.Right != ApplicationAccessRight.None)
{
AccessRightCB.SelectedItem = accessRule.Right;
}
if (ShowDialog() != DialogResult.OK)
{
return false;
}
accessRule.RuleType = (AccessControlType)AccessTypeCB.SelectedItem;
accessRule.Right = (ApplicationAccessRight)AccessRightCB.SelectedItem;
accessRule.IdentityReference = m_identity;
return true;
}
public EventWaitHandleAccessRule (IdentityReference identity,
EventWaitHandleRights eventRights,
AccessControlType type)
: base (identity, (int)eventRights, false,
InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)
{
}
public MutexAccessRule (IdentityReference identity,
MutexRights eventRights,
AccessControlType type)
: base (identity, (int)eventRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public SemaphoreAuditRule (IdentityReference identity,
SemaphoreRights semaphoreRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.semaphoreRights = semaphoreRights;
}
public override AccessRule AccessRuleFactory(
System.Security.Principal.IdentityReference identityReference,
int accessMask, bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AccessControlType type)
{
return(new GrantAccessRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, type));
}
public override AuditRule AuditRuleFactory(
System.Security.Principal.IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags flags)
{
throw new NotImplementedException();
}
public CryptoKeyAuditRule (IdentityReference identity,
CryptoKeyRights cryptoKeyRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.rights = cryptoKeyRights;
}
protected internal AuthorizationRule(System.Security.Principal.IdentityReference identity, int accessMask, bool isInherited, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags)
{
if (identity == null)
{
throw new ArgumentNullException("identity");
}
if (accessMask == 0)
{
throw new ArgumentException(Environment.GetResourceString("Argument_ArgumentZero"), "accessMask");
}
if ((inheritanceFlags < System.Security.AccessControl.InheritanceFlags.None) || (inheritanceFlags > (System.Security.AccessControl.InheritanceFlags.ObjectInherit | System.Security.AccessControl.InheritanceFlags.ContainerInherit)))
{
throw new ArgumentOutOfRangeException("inheritanceFlags", Environment.GetResourceString("Argument_InvalidEnumValue", new object[] { inheritanceFlags, "InheritanceFlags" }));
}
if ((propagationFlags < System.Security.AccessControl.PropagationFlags.None) || (propagationFlags > (System.Security.AccessControl.PropagationFlags.InheritOnly | System.Security.AccessControl.PropagationFlags.NoPropagateInherit)))
{
throw new ArgumentOutOfRangeException("propagationFlags", Environment.GetResourceString("Argument_InvalidEnumValue", new object[] { inheritanceFlags, "PropagationFlags" }));
}
if (!identity.IsValidTargetType(typeof(SecurityIdentifier)))
{
throw new ArgumentException(Environment.GetResourceString("Arg_MustBeIdentityReferenceType"), "identity");
}
this._identity = identity;
this._accessMask = accessMask;
this._isInherited = isInherited;
this._inheritanceFlags = inheritanceFlags;
if (inheritanceFlags != System.Security.AccessControl.InheritanceFlags.None)
{
this._propagationFlags = propagationFlags;
}
else
{
this._propagationFlags = System.Security.AccessControl.PropagationFlags.None;
}
}
protected internal AuthorizationRule (IdentityReference identity,
int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
if (!(identity is SecurityIdentifier) && !(identity is NTAccount))
throw new ArgumentException ("identity");
// Unit testing showed that MS.NET 4.0 actually throws ArgumentException
// for accessMask == 0, not the ArgumentOutOfRangeException specified.
if (accessMask == 0)
throw new ArgumentException ("accessMask");
if (0 != (inheritanceFlags & ~(InheritanceFlags.ContainerInherit|InheritanceFlags.ObjectInherit)))
throw new ArgumentOutOfRangeException ();
if (0 != (propagationFlags & ~(PropagationFlags.NoPropagateInherit|PropagationFlags.InheritOnly)))
throw new ArgumentOutOfRangeException ();
this.identity = identity;
this.accessMask = accessMask;
this.isInherited = isInherited;
this.inheritanceFlags = inheritanceFlags;
this.propagationFlags = propagationFlags;
}
public CryptoKeyAccessRule (IdentityReference identity,
CryptoKeyRights cryptoKeyRights,
AccessControlType type)
: base (identity, (int)cryptoKeyRights, false,
InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)
{
}
public WaitableTimerAuditRule(
IdentityReference identity,
WaitableTimerRights timerRights,
AuditFlags flags)
: this(identity, (int)timerRights, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
}
public FileSystemAccessRule (IdentityReference identity,
FileSystemRights fileSystemRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AccessControlType type)
: this (identity, fileSystemRights, false, inheritanceFlags, propagationFlags, type)
{
}
public CryptoKeyAccessRule (IdentityReference identity, CryptoKeyRights cryptoKeyRights, AccessControlType type)
: this (identity,
AccessMaskFromRights(cryptoKeyRights, type),
false,
InheritanceFlags.None,
PropagationFlags.None,
type) {
}
private static bool HasFilePermissions(string path, IdentityReference identity, FileSystemRights permissions)
{
var dirInfo = new FileInfo(path);
var dirSecurity = dirInfo.GetAccessControl(AccessControlSections.All);
AuthorizationRuleCollection rules = dirSecurity.GetAccessRules(true, true, typeof(NTAccount));
return HasPermissions(rules, identity, permissions);
}
public MutexAccessRule (IdentityReference identity,
MutexRights eventRights,
AccessControlType type)
// FIXME: accessMask=0 likely causes an error
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, type)
{
this.rights = eventRights;
}
public RegistryAuditRule (IdentityReference identity,
RegistryRights registryRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (identity, registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
private static void SetDirectoryAccess(string path, IdentityReference user, System.Security.AccessControl.FileSystemRights fileSystemRights)
{
DirectorySecurity directorySecurity = Directory.GetAccessControl(path, AccessControlSections.All);
directorySecurity.AddAccessRule(new FileSystemAccessRule(user, fileSystemRights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, directorySecurity);
}
public TestRule (IdentityReference identity,
int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
: base (identity, accessMask, isInherited, inheritanceFlags, propagationFlags)
{
}
public FileSystemAuditRule (IdentityReference identity,
FileSystemRights fileSystemRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (identity, fileSystemRights, false, inheritanceFlags, propagationFlags, flags)
{
}
public RegistryAccessRule (IdentityReference identity,
RegistryRights registryRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AccessControlType type)
: this (identity, registryRights, false, inheritanceFlags, propagationFlags, type)
{
}
public EventWaitHandleAccessRule (IdentityReference identity,
EventWaitHandleRights eventRights,
AccessControlType type)
// FIXME: accessMask=0 likely causes an error
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)
{
this.rights = eventRights;
}
