/// <summary>
/// Overridden process record method.
/// </summary>
protected override void ProcessRecord()
{
using (NtToken token = GetToken())
{
NtType type = GetNtType();
if (type == null)
{
throw new ArgumentException("Must specify a type.");
}
var result = NtSecurity.AccessCheck(GetSecurityDescriptor(),
token, AccessMask, Principal, type.GenericMapping, ObjectType).ToSpecificAccess(type.AccessRightsType);
if (PassResult)
{
WriteObject(result);
return;
}
var mask = result.SpecificGrantedAccess;
if (MapToGeneric)
{
mask = result.SpecificGenericGrantedAccess;
}
if (ConvertToString)
{
string access_string = NtObjectUtils.GrantedAccessAsString(mask, type.GenericMapping, type.AccessRightsType, false);
WriteObject(access_string);
}
else
{
WriteObject(mask);
}
}
}
private bool CheckForAccess <T>(SecurityDescriptor sd, NtToken token, T desired_access, GenericMapping generic_mapping) where T : Enum
{
var result = NtSecurity.AccessCheck(sd, token,
desired_access, null, generic_mapping, false);
if (!result.IsSuccess || !result.Result.Status.IsSuccess())
{
return(false);
}
return(result.Result.GrantedAccess.HasAccess);
}
private IEnumerable <AccessCheckResult> RunCheck(NtToken token, NtType type, ObjectTypeEntry[] object_types)
{
var results = new List <AccessCheckResult>();
if (ResultList)
{
results.AddRange(NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
token, GetDesiredAccess(), Principal, type.GenericMapping, object_types));
}
else
{
results.Add(NtSecurity.AccessCheck(GetSecurityDescriptor(),
token, GetDesiredAccess(), Principal, type.GenericMapping, object_types));
}
return(results);
}
/// <summary>
/// Overridden process record method.
/// </summary>
protected override void ProcessRecord()
{
using (NtToken token = GetToken())
{
NtType type = GetNtType();
if (type == null)
{
throw new ArgumentException("Must specify a type.");
}
var object_types = ObjectType?.ToArray();
// If we have multiple object types and pass result is true then
// we don't support any another output format.
if (object_types?.Length > 1 && PassResult)
{
var result_list = NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
token, AccessMask, Principal, type.GenericMapping, object_types);
WriteObject(result_list.Select(r => r.ToSpecificAccess(type.AccessRightsType)), true);
return;
}
var result = NtSecurity.AccessCheck(GetSecurityDescriptor(),
token, AccessMask, Principal, type.GenericMapping, object_types)
.ToSpecificAccess(type.AccessRightsType);
if (PassResult)
{
WriteObject(result);
return;
}
var mask = result.SpecificGrantedAccess;
if (MapToGeneric)
{
mask = result.SpecificGenericGrantedAccess;
}
if (ConvertToString)
{
string access_string = NtSecurity.AccessMaskToString(mask, type.AccessRightsType, type.GenericMapping, false);
WriteObject(access_string);
}
else
{
WriteObject(mask);
}
}
}
/// <summary>
/// Overridden process record method.
/// </summary>
protected override void ProcessRecord()
{
using (NtToken token = GetToken())
{
NtType type = GetNtType();
if (type == null)
{
throw new ArgumentException("Must specify a Type.");
}
var object_types = ObjectType?.ToArray();
var results = new List <AccessCheckResultGeneric>();
if (ResultList)
{
results.AddRange(NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
token, GetDesiredAccess(), Principal, type.GenericMapping, object_types).Select(r => r.ToSpecificAccess(type.AccessRightsType)));
}
else
{
results.Add(NtSecurity.AccessCheck(GetSecurityDescriptor(),
token, GetDesiredAccess(), Principal, type.GenericMapping, object_types).ToSpecificAccess(type.AccessRightsType));
}
if (PassResult)
{
WriteObject(results, true);
return;
}
var masks = results.Select(r => MapToGeneric ? r.SpecificGenericGrantedAccess : r.SpecificGrantedAccess);
if (ConvertToString)
{
WriteObject(masks.Select(m => NtSecurity.AccessMaskToString(m, type.AccessRightsType, type.GenericMapping, false)), true);
}
else
{
WriteObject(masks, true);
}
}
}