protected AuditProvider(AuditPolicy auditPolicy, string sourceName, LogLocation location)
{
if (auditPolicy == null)
{
throw new ArgumentNullException(nameof(auditPolicy));
}
if (sourceName == null)
{
throw new ArgumentNullException(nameof(sourceName));
}
if (!SourceNameValidator.IsSourceNameValid(sourceName))
{
throw new ArgumentException("Invalid event source name", nameof(sourceName));
}
if (location != LogLocation.ApplicationLog &&
location != LogLocation.SecurityLog)
{
throw new ArgumentOutOfRangeException(nameof(location), "Invalid enum");
}
this.auditPolicy = auditPolicy;
if (location == LogLocation.SecurityLog)
{
Privilege privilege = new Privilege(Privilege.Audit);
try
{
privilege.Enable();
if (false == Win32Native.AuthzRegisterSecurityEventSource(0, sourceName, ref this.securityLogHandle))
{
int error = Marshal.GetLastWin32Error();
if (error == Win32Native.ERROR_NOT_ENOUGH_MEMORY)
{
throw new OutOfMemoryException();
}
else if (error == Win32Native.ERROR_INVALID_PARAMETER)
{
// Marshaling failed!
throw new Win32Exception(error);
}
else if (error == Win32Native.ERROR_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
else if (error == Win32Native.ERROR_PRIVILEGE_NOT_HELD)
{
// Privilege should be enabled by now!
throw new PrivilegeNotHeldException(Privilege.Audit);
}
else
{
throw new Win32Exception(error);
}
}
}
catch (EntryPointNotFoundException)
{
throw new NotSupportedException("Platform not supported");
}
finally
{
privilege.Revert();
}
}
else // application log
{
this.applicationLogHandle = Win32Native.RegisterEventSource(null, sourceName);
if (this.applicationLogHandle.Equals(IntPtr.Zero))
{
int error = Marshal.GetLastWin32Error();
if (error == Win32Native.ERROR_NOT_ENOUGH_MEMORY)
{
throw new OutOfMemoryException();
}
else if (error == Win32Native.ERROR_INVALID_PARAMETER)
{
// Marshaling failed!
throw new Win32Exception(error);
}
else if (error == Win32Native.ERROR_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
else
{
throw new Win32Exception(error);
}
}
}
}
