/// <summary> /// Set ACL for control. /// </summary> /// <param name="acl">The ACL to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> /// <param name="is_container">True to indicate this object is a container.</param> /// <param name="sdk_names">Show the ACEs using SDK style names.</param> public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container, bool sdk_names) { _acl = acl; _access_type = access_type; _mapping = mapping; _valid_access = valid_access; _is_container = is_container; _sdk_names = sdk_names; showSDKNamesToolStripMenuItem.Checked = sdk_names; bool has_conditional_ace = false; bool has_inherited_object_ace = false; bool has_object_ace = false; List <string> flags = new List <string>(); if (acl.Defaulted) { flags.Add("Defaulted"); } if (acl.Protected) { flags.Add("Protected"); } if (acl.AutoInherited) { flags.Add("AutoInherited"); } if (acl.AutoInheritReq) { flags.Add("AutoInheritReq"); } if (flags.Count > 0) { lblFlags.Text = $"Flags: {string.Join(", ", flags)}"; } else { lblFlags.Text = "Flags: None"; } if (acl.NullAcl) { lblFlags.Text += Environment.NewLine + "NULL ACL"; listViewAcl.Visible = false; listViewAccess.Visible = false; groupBoxAclEntries.Visible = false; groupBoxAccess.Visible = false; return; } listViewAcl.Items.Clear(); listViewAcl.Visible = true; listViewAccess.Visible = true; listViewAccess.Items.Clear(); _current_access_type = null; groupBoxAclEntries.Visible = true; groupBoxAccess.Visible = true; foreach (var ace in acl) { if (ace.IsConditionalAce) { has_conditional_ace = true; } if (ace.IsObjectAce) { if (ace.ObjectType.HasValue) { has_object_ace = true; } if (ace.InheritedObjectType.HasValue) { has_inherited_object_ace = true; } } } if (!has_conditional_ace) { listViewAcl.Columns.Remove(columnHeaderCondition); copyConditionToolStripMenuItem.Visible = false; } if (!has_object_ace) { listViewAcl.Columns.Remove(columnHeaderObject); } if (!has_inherited_object_ace) { listViewAcl.Columns.Remove(columnHeaderInheritedObject); } foreach (var ace in acl) { var item = listViewAcl.Items.Add(sdk_names ? NtSecurity.AceTypeToSDKName(ace.Type) : ace.Type.ToString()); item.SubItems.Add(ace.Sid.Name); string access; if (ace.Type == AceType.MandatoryLabel) { access = NtSecurity.AccessMaskToString(ace.Mask.ToMandatoryLabelPolicy(), sdk_names); } else if (ace.Flags.HasFlag(AceFlags.InheritOnly)) { access = NtSecurity.AccessMaskToString(ace.Mask.ToSpecificAccess(access_type), sdk_names); } else { AccessMask mapped_mask = mapping.MapMask(ace.Mask); mapped_mask = mapping.UnmapMask(mapped_mask); access = NtSecurity.AccessMaskToString(mapped_mask.ToSpecificAccess(access_type), sdk_names); } item.SubItems.Add(access); item.SubItems.Add(sdk_names ? NtSecurity.AceFlagsToSDKName(ace.Flags) : ace.Flags.ToString()); if (has_conditional_ace) { item.SubItems.Add(ace.Condition); } if (has_object_ace) { item.SubItems.Add(ace.ObjectType?.ToString() ?? string.Empty); } if (has_inherited_object_ace) { item.SubItems.Add(ace.InheritedObjectType?.ToString() ?? string.Empty); } item.Tag = ace; switch (ace.Type) { case AceType.Allowed: case AceType.AllowedCallback: case AceType.AllowedCallbackObject: case AceType.AllowedObject: item.BackColor = Color.LightGreen; break; case AceType.Denied: case AceType.DeniedCallback: case AceType.DeniedCallbackObject: case AceType.DeniedObject: item.BackColor = Color.LightSalmon; break; case AceType.ProcessTrustLabel: item.BackColor = Color.LightSkyBlue; break; case AceType.MandatoryLabel: item.BackColor = Color.LightGoldenrodYellow; break; case AceType.Audit: case AceType.AuditCallback: case AceType.AuditCallbackObject: case AceType.AuditObject: item.BackColor = Color.LightCoral; break; } } listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent); listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize); }