Esempio n. 1
0
        public static void SetAccessControlExtracted([NotNull] this FileSystemSecurity security, [NotNull] String name)
        {
            if (security == null)
            {
                throw new ArgumentNullException(paramName: nameof(security));
            }

            name = name.ThrowIfBlank();

            var includeSections = AccessControlSections.Owner | AccessControlSections.Group;

            if (security.GetAccessRules(true, false, typeof(SecurityIdentifier)).Count > 0)
            {
                includeSections |= AccessControlSections.Access;
            }

            if (security.GetAuditRules(true, false, typeof(SecurityIdentifier)).Count > 0)
            {
                includeSections |= AccessControlSections.Audit;
            }

            UInt32             securityInfo = 0;
            SecurityIdentifier owner        = null;
            SecurityIdentifier group        = null;
            SystemAcl          sacl         = null;
            DiscretionaryAcl   dacl         = null;

            if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None)
            {
                owner = security.GetOwner(typeof(SecurityIdentifier)) as SecurityIdentifier;

                if (owner != null)
                {
                    securityInfo |= ( UInt32 )SecurityInfos.Owner;
                }
            }

            if ((includeSections & AccessControlSections.Group) != AccessControlSections.None)
            {
                group = security.GetGroup(typeof(SecurityIdentifier)) as SecurityIdentifier;

                if (group != null)
                {
                    securityInfo |= ( UInt32 )SecurityInfos.Group;
                }
            }

            var securityDescriptorBinaryForm = security.GetSecurityDescriptorBinaryForm();

            var rawSecurityDescriptor     = new RawSecurityDescriptor(securityDescriptorBinaryForm, 0);
            var isDiscretionaryAclPresent = (rawSecurityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclPresent) != ControlFlags.None;

            if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None)
            {
                securityInfo |= ( UInt32 )SecurityInfos.SystemAcl;

                var isSystemAclPresent = (rawSecurityDescriptor.ControlFlags & ControlFlags.SystemAclPresent) != ControlFlags.None;

                if (isSystemAclPresent && rawSecurityDescriptor.SystemAcl != null && rawSecurityDescriptor.SystemAcl.Count > 0)
                {
                    // are all system acls on a file not a container?
                    const Boolean notAContainer          = false;
                    const Boolean notADirectoryObjectACL = false;

                    sacl = new SystemAcl(notAContainer, notADirectoryObjectACL, rawSecurityDescriptor.SystemAcl);
                }

                if ((rawSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == ControlFlags.None)
                {
                    securityInfo |= UnprotectedSystemAcl;
                }
                else
                {
                    securityInfo |= ProtectedSystemAcl;
                }
            }

            if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && isDiscretionaryAclPresent)
            {
                securityInfo |= ( UInt32 )SecurityInfos.DiscretionaryAcl;

                dacl = new DiscretionaryAcl(false, false, rawSecurityDescriptor.DiscretionaryAcl);

                securityInfo = (rawSecurityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) == ControlFlags.None ?
                               securityInfo | UnprotectedDiscretionaryAcl :
                               securityInfo | ProtectedDiscretionaryAcl;
            }

            if (securityInfo == 0)
            {
                return;
            }

            var errorNum = SetSecurityInfo(ResourceType.FileObject, name, ( SecurityInfos )securityInfo, owner, group, sacl, dacl);   //eh?

            if (errorNum != 0)
            {
                var exception = GetExceptionFromWin32Error(errorNum, name);

                throw exception;
            }
        }
Esempio n. 2
0
        internal static void SetAccessControlExtracted(FileSystemSecurity security, string name)
        {
            //security.WriteLock();
            AccessControlSections includeSections = AccessControlSections.Owner | AccessControlSections.Group;

            if (security.GetAccessRules(true, false, typeof(SecurityIdentifier)).Count > 0)
            {
                includeSections |= AccessControlSections.Access;
            }
            if (security.GetAuditRules(true, false, typeof(SecurityIdentifier)).Count > 0)
            {
                includeSections |= AccessControlSections.Audit;
            }

            SecurityInfos      securityInfo = (SecurityInfos)0;
            SecurityIdentifier owner        = null;
            SecurityIdentifier group        = null;
            SystemAcl          sacl         = null;
            DiscretionaryAcl   dacl         = null;

            if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None)
            {
                owner = (SecurityIdentifier)security.GetOwner(typeof(SecurityIdentifier));
                if (owner != null)
                {
                    securityInfo = securityInfo | SecurityInfos.Owner;
                }
            }

            if ((includeSections & AccessControlSections.Group) != AccessControlSections.None)
            {
                @group = (SecurityIdentifier)security.GetGroup(typeof(SecurityIdentifier));
                if (@group != null)
                {
                    securityInfo = securityInfo | SecurityInfos.Group;
                }
            }
            var securityDescriptorBinaryForm            = security.GetSecurityDescriptorBinaryForm();
            RawSecurityDescriptor rawSecurityDescriptor = null;
            bool isDiscretionaryAclPresent = false;

            if (securityDescriptorBinaryForm != null)
            {
                rawSecurityDescriptor     = new RawSecurityDescriptor(securityDescriptorBinaryForm, 0);
                isDiscretionaryAclPresent = (rawSecurityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclPresent) != ControlFlags.None;
            }

            if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None)
            {
                securityInfo = securityInfo | SecurityInfos.SystemAcl;
                sacl         = null;
                if (rawSecurityDescriptor != null)
                {
                    var isSystemAclPresent = (rawSecurityDescriptor.ControlFlags & ControlFlags.SystemAclPresent) != ControlFlags.None;
                    if (isSystemAclPresent && rawSecurityDescriptor.SystemAcl != null && rawSecurityDescriptor.SystemAcl.Count > 0)
                    {
                        // are all system acls on a file not a container?
                        const bool notAContainer          = false;
                        const bool notADirectoryObjectACL = false;

                        sacl = new SystemAcl(notAContainer, notADirectoryObjectACL,
                                             rawSecurityDescriptor.SystemAcl);
                    }
                    securityInfo = (SecurityInfos)(((rawSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == ControlFlags.None ?
                                                    (uint)securityInfo | UnprotectedSystemAcl : (uint)securityInfo | ProtectedSystemAcl));
                }
            }
            if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && isDiscretionaryAclPresent)
            {
                securityInfo = securityInfo | SecurityInfos.DiscretionaryAcl;
                dacl         = null;
                if (rawSecurityDescriptor != null)
                {
                    //if (!this._securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl)
                    {
                        dacl = new DiscretionaryAcl(false, false, rawSecurityDescriptor.DiscretionaryAcl);
                    }
                    securityInfo = (SecurityInfos)(((rawSecurityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) == ControlFlags.None ?
                                                    (uint)securityInfo | UnprotectedDiscretionaryAcl : (uint)securityInfo | ProtectedDiscretionaryAcl));
                }
            }
            if (securityInfo == 0)
            {
                return;
            }

            int errorNum = SetSecurityInfo(ResourceType.FileObject, name, null, securityInfo, owner, @group, sacl, dacl);

            if (errorNum != 0)
            {
                Exception exception = GetExceptionFromWin32Error(errorNum, name);
                if (exception == null)
                {
                    if (errorNum == NativeMethods.ERROR_ACCESS_DENIED)
                    {
                        exception = new UnauthorizedAccessException();
                    }
                    else if (errorNum == NativeMethods.ERROR_INVALID_OWNER)
                    {
                        exception = new InvalidOperationException("Invalid owner");
                    }
                    else if (errorNum == NativeMethods.ERROR_INVALID_PRIMARY_GROUP)
                    {
                        exception = new InvalidOperationException("Invalid group");
                    }
                    else if (errorNum == NativeMethods.ERROR_INVALID_NAME)
                    {
                        exception = new ArgumentException("Invalid name", "name");
                    }
                    else if (errorNum == NativeMethods.ERROR_INVALID_HANDLE)
                    {
                        exception = new NotSupportedException("Invalid Handle");
                    }
                    else if (errorNum == NativeMethods.ERROR_FILE_NOT_FOUND)
                    {
                        exception = new FileNotFoundException();
                    }
                    else if (errorNum != NativeMethods.ERROR_NO_SECURITY_ON_OBJECT)
                    {
                        exception = new InvalidOperationException("Unexpected error");
                    }
                    else
                    {
                        exception = new NotSupportedException("No associated security");
                    }
                }
                throw exception;
            }
            //finally
            //{
            //security.WriteLUnlck();
            //}
        }
 public virtual byte[] GetSecurityDescriptorBinaryForm()
 {
     return(_fileSystemSecurity.GetSecurityDescriptorBinaryForm());
 }