internal CommonAccessCheckResult(string name, string type_name, AccessMask granted_access,
GenericMapping generic_mapping, SecurityDescriptor sd,
Type enum_type, bool is_directory, TokenInformation token_info)
{
Name = name;
TypeName = type_name;
GrantedAccess = granted_access;
GenericMapping = generic_mapping;
TokenInfo = token_info;
SecurityDescriptor = sd?.ToSddl(SecurityInformation.All, false).GetResultOrDefault() ?? string.Empty;
SecurityDescriptorBase64 = sd?.ToBase64() ?? string.Empty;
Owner = sd?.Owner?.Sid.ToString() ?? string.Empty;
IsRead = generic_mapping.HasRead(granted_access);
IsWrite = generic_mapping.HasWrite(granted_access) ||
granted_access.IsAccessGranted(GenericAccessRights.WriteDac) ||
granted_access.IsAccessGranted(GenericAccessRights.WriteOwner) ||
granted_access.IsAccessGranted(GenericAccessRights.Delete);
IsExecute = generic_mapping.HasExecute(granted_access);
IsAll = generic_mapping.HasAll(granted_access);
GrantedAccessString = NtSecurity.AccessMaskToString(granted_access, enum_type, generic_mapping, false);
GrantedGenericAccessString = NtSecurity.AccessMaskToString(granted_access, enum_type, generic_mapping, true);
TokenId = token_info.TokenId.ToInt64();
IsDirectory = is_directory;
if (sd != null)
{
HasMandatoryLabel = sd.GetMandatoryLabel() != null;
HasProcessTrustLabel = sd.ProcessTrustLabel != null;
}
}
static bool HasWriteAccess(AccessMask granted_access)
{
GenericMapping generic_mapping = GetServiceGenericMapping();
if ((granted_access & (GenericAccessRights.WriteDac | GenericAccessRights.WriteOwner | GenericAccessRights.Delete)).HasAccess)
{
return(true);
}
return(generic_mapping.HasWrite(granted_access));
}
internal AccessCheckResult(string name, string type_name, AccessMask granted_access,
GenericMapping generic_mapping, string sddl, Type enum_type, TokenInformation token_info)
{
Name = name;
TypeName = type_name;
GrantedAccess = granted_access;
GenericMapping = generic_mapping;
TokenInfo = token_info;
SecurityDescriptor = sddl;
IsRead = generic_mapping.HasRead(granted_access);
IsWrite = generic_mapping.HasWrite(granted_access);
IsExecute = generic_mapping.HasExecute(granted_access);
IsAll = generic_mapping.HasAll(granted_access);
GrantedAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, false);
GrantedGenericAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, true);
TokenId = token_info.TokenId.ToInt64();
}
internal AccessCheckResult(string name, string type_name, AccessMask granted_access,
GenericMapping generic_mapping, SecurityDescriptor sd,
Type enum_type, bool is_directory, TokenInformation token_info)
{
Name = name;
TypeName = type_name;
GrantedAccess = granted_access;
GenericMapping = generic_mapping;
TokenInfo = token_info;
SecurityDescriptor = sd?.ToSddl() ?? string.Empty;
Owner = sd?.Owner?.Sid.ToString() ?? string.Empty;
IsRead = generic_mapping.HasRead(granted_access);
IsWrite = generic_mapping.HasWrite(granted_access) ||
granted_access.IsAccessGranted(GenericAccessRights.WriteDac) ||
granted_access.IsAccessGranted(GenericAccessRights.WriteOwner) ||
granted_access.IsAccessGranted(GenericAccessRights.Delete);
IsExecute = generic_mapping.HasExecute(granted_access);
IsAll = generic_mapping.HasAll(granted_access);
GrantedAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, false);
GrantedGenericAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, true);
TokenId = token_info.TokenId.ToInt64();
IsDirectory = is_directory;
}