public virtual AuditRule AuditRuleFactory (IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags flags,
Guid objectType, Guid inheritedObjectType)
{
throw GetNotImplementedException ();
}
public EventWaitHandleAuditRule (IdentityReference identity,
EventWaitHandleRights eventRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
if (eventRights < EventWaitHandleRights.Modify ||
eventRights > EventWaitHandleRights.FullControl) {
throw new ArgumentOutOfRangeException ("eventRights");
}
if (flags < AuditFlags.None ||
flags > AuditFlags.Failure) {
throw new ArgumentOutOfRangeException ("flags");
}
if (identity == null) {
throw new ArgumentNullException ("identity");
}
if (eventRights == 0) {
throw new ArgumentNullException ("eventRights");
}
if (flags == AuditFlags.None) {
throw new ArgumentException ("flags");
}
if (!(identity is SecurityIdentifier)) {
throw new ArgumentException ("identity");
}
this.rights = eventRights;
}
public RegistryAuditRule
(String identity, RegistryRights registryRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags auditFlags)
: base(IdentityReference.IdentityFromName(identity),
(int)registryRights, false, inheritanceFlags,
propagationFlags, auditFlags) {}
public MutexAuditRule (IdentityReference identity,
MutexRights eventRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.rights = eventRights;
}
public FileSystemAuditRule
(String identity, FileSystemRights fileSystemRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags auditFlags)
: base(IdentityReference.IdentityFromName(identity),
(int)fileSystemRights, false, inheritanceFlags,
propagationFlags, auditFlags) {}
public override sealed AuditRule AuditRuleFactory (IdentityReference identityReference,
int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags,
AuditFlags flags)
{
return new PipeAuditRule (identityReference, (PipeAccessRights)accessMask, flags);
}
public CryptoKeyAuditRule (IdentityReference identity,
CryptoKeyRights cryptoKeyRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.rights = cryptoKeyRights;
}
private static bool TestRemoveAudit(SystemAcl systemAcl, RawAcl rawAcl, AuditFlags auditFlag, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removePossible)
{
bool result = true;
bool isRemoved = false;
byte[] sAclBinaryForm = null;
byte[] rAclBinaryForm = null;
isRemoved = systemAcl.RemoveAudit(auditFlag, sid, accessMask, inheritanceFlags, propagationFlags);
if ((isRemoved == removePossible) &&
(systemAcl.Count == rawAcl.Count) &&
(systemAcl.BinaryLength == rawAcl.BinaryLength))
{
sAclBinaryForm = new byte[systemAcl.BinaryLength];
rAclBinaryForm = new byte[rawAcl.BinaryLength];
systemAcl.GetBinaryForm(sAclBinaryForm, 0);
rawAcl.GetBinaryForm(rAclBinaryForm, 0);
if (!Utils.IsBinaryFormEqual(sAclBinaryForm, rAclBinaryForm))
result = false;
//redundant index check
for (int i = 0; i < systemAcl.Count; i++)
{
if (!Utils.IsAceEqual(systemAcl[i], rawAcl[i]))
{
result = false;
break;
}
}
}
else
result = false;
return result;
}
public WaitableTimerAuditRule(
IdentityReference identity,
WaitableTimerRights timerRights,
AuditFlags flags)
: this(identity, (int)timerRights, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
}
public SemaphoreAuditRule (IdentityReference identity,
SemaphoreRights semaphoreRights,
AuditFlags flags)
: base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.semaphoreRights = semaphoreRights;
}
public bool RemoveAudit (AuditFlags auditFlags,
SecurityIdentifier sid,
int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
throw new NotImplementedException ();
}
public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType)
{
if (!base.IsDS)
{
throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_OnlyValidForDS"));
}
base.RemoveQualifiedAcesSpecific(sid, AceQualifier.SystemAudit, accessMask, (AceFlags) ((byte) (GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags))), objectFlags, objectType, inheritedObjectType);
}
public void AddAudit (AuditFlags auditFlags,
SecurityIdentifier sid, int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
// CommonAce?
throw new NotImplementedException ();
}
public RegistryAuditRule (IdentityReference identity,
RegistryRights registryRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (identity, registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
public RegistryAuditRule (string identity,
RegistryRights registryRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (new NTAccount (identity), registryRights, inheritanceFlags, propagationFlags, flags)
{
}
public void AddAudit (AuditFlags auditFlags,
SecurityIdentifier sid, int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
AddAce (AceQualifier.SystemAudit, sid, accessMask,
inheritanceFlags, propagationFlags, auditFlags);
}
public FileSystemAuditRule (IdentityReference identity,
FileSystemRights fileSystemRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (identity, fileSystemRights, false, inheritanceFlags, propagationFlags, flags)
{
}
public FileSystemAuditRule (string identity,
FileSystemRights fileSystemRights,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: this (new SecurityIdentifier (identity), fileSystemRights, inheritanceFlags, propagationFlags, flags)
{
}
public void AddAudit(AuditFlags auditFlags, SecurityIdentifier sid,
int accessMask, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
ObjectAceFlags objectFlags, Guid objectType,
Guid inheritedObjectType)
{
// TODO
}
internal RegistryAuditRule (IdentityReference identity,
RegistryRights registryRights,
bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: base (identity, (int)registryRights, isInherited, inheritanceFlags, propagationFlags, flags)
{
}
internal FileSystemAuditRule (IdentityReference identity,
FileSystemRights fileSystemRights,
bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags flags)
: base (identity, (int)fileSystemRights, isInherited, inheritanceFlags, propagationFlags, flags)
{
}
public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid,
int accessMask, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
ObjectAceFlags objectFlags, Guid objectType,
Guid inheritedObjectType)
{
// TODO
return false;
}
public EventWaitHandleAuditRule (IdentityReference identity,
EventWaitHandleRights eventRights,
AuditFlags flags)
: base (identity, (int)eventRights, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
if (eventRights < EventWaitHandleRights.Modify ||
eventRights > EventWaitHandleRights.FullControl) {
throw new ArgumentOutOfRangeException ("eventRights");
}
}
// Constructor.
protected AuditRule
(IdentityReference identity, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AuditFlags auditFlags)
: base(identity, accessMask, isInherited,
inheritanceFlags, propagationFlags)
{
this.auditFlags = auditFlags;
}
// Constructor.
protected ObjectAuditRule
(IdentityReference identity, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, Guid objectType,
Guid inheritedObjectType, AuditFlags auditFlags)
: base(identity, accessMask, isInherited,
inheritanceFlags, propagationFlags, auditFlags)
{
this.objectType = objectType;
this.inheritedObjectType = inheritedObjectType;
}
public bool RemoveAudit (AuditFlags auditFlags,
SecurityIdentifier sid,
int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
ObjectAceFlags objectFlags,
Guid objectType,
Guid inheritedObjectType)
{
throw new NotImplementedException ();
}
public PipeAuditRule(
IdentityReference identity,
PipeAccessRights rights,
AuditFlags flags)
: this(
identity,
AccessMaskFromRights(rights),
false,
flags)
{
}
public PipeAuditRule(
String identity,
PipeAccessRights rights,
AuditFlags flags)
: this(
new NTAccount(identity),
AccessMaskFromRights(rights),
false,
flags)
{
}
public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
if (inheritanceFlags != InheritanceFlags.None)
{
throw new ArgumentException(System.SR.GetString("Argument_NonContainerInvalidAnyFlag"), "inheritanceFlags");
}
if (propagationFlags != PropagationFlags.None)
{
throw new ArgumentException(System.SR.GetString("Argument_NonContainerInvalidAnyFlag"), "propagationFlags");
}
return new PipeAuditRule(identityReference, accessMask, isInherited, flags);
}
public void AddAudit (AuditFlags auditFlags,
SecurityIdentifier sid, int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
ObjectAceFlags objectFlags,
Guid objectType,
Guid inheritedObjectType)
{
AddAce (AceQualifier.SystemAudit, sid, accessMask,
inheritanceFlags, propagationFlags, auditFlags,
objectFlags, objectType, inheritedObjectType);
}
/// <summary>新建审核规则,指定此规则应用到的用户、要审核的访问权限、规则的继承和传播以及触发此规则的结果。</summary>
/// <returns>一个 <see cref="T:System.Security.AccessControl.RegistryAuditRule" /> 对象,表示指定用户的指定审核规则,带有指定标志。该方法的返回类型是基类 <see cref="T:System.Security.AccessControl.AuditRule" />,但可以安全地将返回值强制转换为派生类。</returns>
/// <param name="identityReference">一个 <see cref="T:System.Security.Principal.IdentityReference" />,用于标识此规则应用到的用户或组。</param>
/// <param name="accessMask">
/// <see cref="T:System.Security.AccessControl.RegistryRights" /> 值的按位组合,用于指定要审核的访问权限,将被强制转换为整数。</param>
/// <param name="isInherited">一个布尔值,指定规则是否为继承的规则。</param>
/// <param name="inheritanceFlags">
/// <see cref="T:System.Security.AccessControl.InheritanceFlags" /> 值的按位组合,指定子项如何继承规则。</param>
/// <param name="propagationFlags">
/// <see cref="T:System.Security.AccessControl.PropagationFlags" /> 值的按位组合,用于修改子项继承规则的方式。如果 <paramref name="inheritanceFlags" /> 的值为 <see cref="F:System.Security.AccessControl.InheritanceFlags.None" />,则它没有意义。</param>
/// <param name="flags">
/// <see cref="T:System.Security.AccessControl.AuditFlags" /> 值的按位组合,它指定是审核成功的访问、失败的访问还是对这两种情况都进行审核。</param>
/// <exception cref="T:System.ArgumentOutOfRangeException">
/// <paramref name="accessMask" />、<paramref name="inheritanceFlags" />、<paramref name="propagationFlags" /> 或 <paramref name="flags" /> 指定了一个无效值。</exception>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="identityReference" /> 为 null。- 或 -<paramref name="accessMask" /> 是零。</exception>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="identityReference" /> 既不属于类型 <see cref="T:System.Security.Principal.SecurityIdentifier" />,也不属于可以转换为 <see cref="T:System.Security.Principal.SecurityIdentifier" /> 类型的类型(如 <see cref="T:System.Security.Principal.NTAccount" />)。</exception>
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
return((AuditRule) new RegistryAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags));
}
public override AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
return(new ShareAuditRule(identityReference, (ShareRights)accessMask, flags));
}
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags, Guid objectType,
Guid inheritedObjectType)
{
return(new CustomAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags,
objectType, inheritedObjectType, flags));
}
public CustomAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags)
: base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, objectType, inheritedObjectType, auditFlags)
{
}
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary>
/// <param name="identity">审核规则应用到的标识。</param>
/// <param name="rights">审核规则的权限。</param>
/// <param name="inheritanceFlags">审核规则的继承属性。</param>
/// <param name="propagationFlags">继承的审核规则是否自动传播。</param>
/// <param name="flags">审核规则的条件。</param>
public AuditRule(string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this((IdentityReference) new NTAccount(identity), (int)(ValueType)rights, false, inheritanceFlags, propagationFlags, flags)
{
}
public void AddAuditRule(IdentityReference identityReference, ThreadAccessRights accessMask, AuditFlags flags)
{
AddAuditRule(new ThreadAuditRule(identityReference, accessMask, flags));
}
// Constructors
public CryptoKeyAuditRule(System.Security.Principal.IdentityReference identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags)
{
}
internal AuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, flags)
{
}
// // Summary: // Initializes a new instance of the System.Security.AccessControl.CryptoKeyAuditRule // class using the specified values. // // Parameters: // identity: // The identity to which the audit rule applies. // // cryptoKeyRights: // The cryptographic key operation for which this audit rule generates audits. // // flags: // The conditions that generate audits. extern public CryptoKeyAuditRule(string identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags);
/// <summary>Initializes a new instance of the <see cref="T:System.Security.AccessControl.FileSystemAuditRule" /> class representing the specified audit rule for the specified user.</summary>
/// <param name="identityReference">An <see cref="T:System.Security.Principal.IdentityReference" /> object that represents a user account.</param>
/// <param name="accessMask">An integer that specifies an access type.</param>
/// <param name="isInherited">
/// <see langword="true" /> if the access rule is inherited; otherwise, <see langword="false" />. </param>
/// <param name="inheritanceFlags">One of the <see cref="T:System.Security.AccessControl.InheritanceFlags" /> values that specifies how to propagate access masks to child objects.</param>
/// <param name="propagationFlags">One of the <see cref="T:System.Security.AccessControl.PropagationFlags" /> values that specifies how to propagate Access Control Entries (ACEs) to child objects.</param>
/// <param name="flags">One of the <see cref="T:System.Security.AccessControl.AuditFlags" /> values that specifies the type of auditing to perform.</param>
/// <returns>A new <see cref="T:System.Security.AccessControl.FileSystemAuditRule" /> object representing the specified audit rule for the specified user.</returns>
/// <exception cref="T:System.ArgumentOutOfRangeException">The <paramref name="accessMask" />, <paramref name="inheritanceFlags" />, <paramref name="propagationFlags" />, or <paramref name="flags" /> properties specify an invalid value.</exception>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="identityReference" /> property is <see langword="null" />. -or-The <paramref name="accessMask" /> property is zero.</exception>
/// <exception cref="T:System.ArgumentException">The <paramref name="identityReference" /> property is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" />, nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception>
// Token: 0x06001F49 RID: 8009 RVA: 0x0006D79B File Offset: 0x0006B99B
public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
return(new FileSystemAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags));
}
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary>
/// <param name="identity">审核规则应用到的标识。</param>
/// <param name="rights">审核规则的权限。</param>
/// <param name="flags">审核规则的条件。</param>
public AuditRule(IdentityReference identity, T rights, AuditFlags flags)
: this(identity, rights, InheritanceFlags.None, PropagationFlags.None, flags)
{
}
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary>
/// <param name="identity">审核规则应用到的标识。</param>
/// <param name="rights">审核规则的权限。</param>
/// <param name="inheritanceFlags">审核规则的继承属性。</param>
/// <param name="propagationFlags">继承的审核规则是否自动传播。</param>
/// <param name="flags">审核规则的条件。</param>
public AuditRule(IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this(identity, (int)(ValueType)rights, false, inheritanceFlags, propagationFlags, flags)
{
}
/// <summary>Removes the specified audit rule from the current <see cref="T:System.Security.AccessControl.SystemAcl" /> object.</summary>
/// <param name="auditFlags">The type of audit rule to remove.</param>
/// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to remove an audit rule.</param>
/// <param name="accessMask">The access mask for the rule to be removed.</param>
/// <param name="inheritanceFlags">Flags that specify the inheritance properties of the rule to be removed.</param>
/// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the rule to be removed.</param>
/// <returns>
/// <see langword="true" /> if this method successfully removes the specified audit rule; otherwise, <see langword="false" />.</returns>
// Token: 0x06001EDA RID: 7898 RVA: 0x0006CA2C File Offset: 0x0006AC2C
public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
return(base.RemoveQualifiedAces(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), true, ObjectAceFlags.None, Guid.Empty, Guid.Empty));
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.AccessControl.SemaphoreAuditRule" /> class, specifying the user or group to audit, the rights to audit, and whether to audit success, failure, or both.</summary>
/// <param name="identity">The user or group the rule applies to. Must be of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> or a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</param>
/// <param name="eventRights">A bitwise combination of <see cref="T:System.Security.AccessControl.SemaphoreRights" /> values specifying the kinds of access to audit.</param>
/// <param name="flags">A bitwise combination of <see cref="T:System.Security.AccessControl.AuditFlags" /> values specifying whether to audit success, failure, or both.</param>
/// <exception cref="T:System.ArgumentOutOfRangeException">
/// <paramref name="eventRights" /> specifies an invalid value.-or-<paramref name="flags" /> specifies an invalid value.</exception>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="identity" /> is null. -or-<paramref name="eventRights" /> is zero.</exception>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="identity" /> is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception>
public SemaphoreAuditRule(IdentityReference identity, SemaphoreRights semaphoreRights, AuditFlags flags) : base(identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags)
{
this.semaphoreRights = semaphoreRights;
}
public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this(new NTAccount(identity), (int)registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
// Constructors
public MutexAuditRule(System.Security.Principal.IdentityReference identity, MutexRights eventRights, AuditFlags flags)
{
}
public ThreadAuditRule(IdentityReference identity, ThreadAccessRights accessRights, AuditFlags type)
: base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public virtual AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
}
/// <summary>Removes the specified audit rule from the current <see cref="T:System.Security.AccessControl.DiscretionaryAcl" /> object.</summary>
/// <param name="auditFlags">The type of audit rule to remove.</param>
/// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to remove an audit rule.</param>
/// <param name="accessMask">The access mask for the rule to be removed.</param>
/// <param name="inheritanceFlags">Flags that specify the inheritance properties of the rule to be removed.</param>
/// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the rule to be removed.</param>
// Token: 0x06001EDB RID: 7899 RVA: 0x0006CA5E File Offset: 0x0006AC5E
public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
base.RemoveQualifiedAcesSpecific(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), ObjectAceFlags.None, Guid.Empty, Guid.Empty);
}
// Summary: // Initializes a new instance of the System.Security.AccessControl.CryptoKeyAuditRule // class using the specified values. // // Parameters: // identity: // The identity to which the audit rule applies. This parameter must be an object // that can be cast as a System.Security.Principal.SecurityIdentifier. // // cryptoKeyRights: // The cryptographic key operation for which this audit rule generates audits. // // flags: // The conditions that generate audits. extern public CryptoKeyAuditRule(IdentityReference identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags);
public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this(identity, (int)registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
public CustomAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags
, PropagationFlags propagationFlags, AuditFlags auditFlags)
: base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, Guid.NewGuid(), Guid.NewGuid(), auditFlags)
{
}
/// <summary>Sets the specified audit rule for the specified <see cref="T:System.Security.Principal.SecurityIdentifier" /> object.</summary>
/// <param name="auditFlags">The audit condition to set.</param>
/// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to set an audit rule.</param>
/// <param name="accessMask">The access mask for the new audit rule.</param>
/// <param name="inheritanceFlags">Flags that specify the inheritance properties of the new audit rule.</param>
/// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the new audit rule.</param>
// Token: 0x06001ED9 RID: 7897 RVA: 0x0006C9F9 File Offset: 0x0006ABF9
public void SetAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
base.CheckFlags(inheritanceFlags, propagationFlags);
base.SetQualifiedAce(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), ObjectAceFlags.None, Guid.Empty, Guid.Empty);
}
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary>
/// <param name="identity">审核规则应用到的标识。</param>
/// <param name="rights">审核规则的权限。</param>
/// <param name="flags">审核规则的属性。</param>
public AuditRule(string identity, T rights, AuditFlags flags)
: this((IdentityReference) new NTAccount(identity), rights, InheritanceFlags.None, PropagationFlags.None, flags)
{
}
public override AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
throw new NotImplementedException();
}
protected ObjectAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, auditFlags)
{
if (!objectType.Equals(Guid.Empty) && ((accessMask & ObjectAce.AccessMaskWithObjectType) != 0))
{
this._objectType = objectType;
this._objectFlags |= ObjectAceFlags.ObjectAceTypePresent;
}
else
{
this._objectType = Guid.Empty;
}
if (!inheritedObjectType.Equals(Guid.Empty) && ((inheritanceFlags & InheritanceFlags.ContainerInherit) != InheritanceFlags.None))
{
this._inheritedObjectType = inheritedObjectType;
this._objectFlags |= ObjectAceFlags.InheritedObjectAceTypePresent;
}
else
{
this._inheritedObjectType = Guid.Empty;
}
}
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited,
InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
throw new NotImplementedException(AuditingNotSupportedMessage);
}
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags, AuditFlags flags)
{
return(new MutexAuditRule(identityReference, (MutexRights)accessMask, flags));
}
public abstract AuditRule Constructor(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags AuditFlags);
private static bool TestRemoveAuditSpecific(SystemAcl systemAcl, RawAcl rawAcl, AuditFlags auditFlag, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
bool result = true;
byte[] sAclBinaryForm = null;
byte[] rAclBinaryForm = null;
systemAcl.RemoveAuditSpecific(auditFlag, sid, accessMask, inheritanceFlags, propagationFlags);
if (systemAcl.Count == rawAcl.Count &&
systemAcl.BinaryLength == rawAcl.BinaryLength)
{
sAclBinaryForm = new byte[systemAcl.BinaryLength];
rAclBinaryForm = new byte[rawAcl.BinaryLength];
systemAcl.GetBinaryForm(sAclBinaryForm, 0);
rawAcl.GetBinaryForm(rAclBinaryForm, 0);
if (!Utils.IsBinaryFormEqual(sAclBinaryForm, rAclBinaryForm))
{
result = false;
}
//redundant index check
for (int i = 0; i < systemAcl.Count; i++)
{
if (!Utils.IsAceEqual(systemAcl[i], rawAcl[i]))
{
result = false;
break;
}
}
}
else
{
result = false;
}
return(result);
}