public PermissionsControl(SecurityDescriptor securityDescriptor,
string _objectPath)
: this()
{
this._securityDescriptor = securityDescriptor;
this._ObjectPath = _objectPath;
}
public PermissionsControlDlg(SecurityDescriptor securityDescriptor, string ObjectPath)
: this()
{
this.Text = String.Format("Permissions for {0}", ObjectPath);
permissionsControl.securityDescriptor = securityDescriptor;
permissionsControl._ObjectPath = ObjectPath;
}
/// <summary>
/// Initialize the DACL info to null in add mode and to object in edit mode
/// </summary>
/// <param name="daclInfo"></param>
/// <param name="securityDescriptor"></param>
public void InitializeData(List<LwAccessControlEntry> daclInfo, SecurityDescriptor securityDescriptor)
{
this._daclInfo = daclInfo;
this._securityDescriptor = securityDescriptor;
FillRowPermissions();
}
public AdvancedPermissionsControlDlg(SecurityDescriptor securityDescriptor, string ObjectPath)
: this()
{
_securityDescriptor = securityDescriptor;
_objectPath = ObjectPath;
}
public static uint ReadSecurityDescriptor(
IntPtr pSECURITY_DESCRIPTOR,
ref SecurityDescriptor ObjSecurityDescriptor)
{
Logger.Log(string.Format("SecurityDescriptorWrapper.ReadSecurityDescriptor()"), Logger.SecurityDescriptorLogLevel);
Dictionary<string, List<LwAccessControlEntry>> SdDacls = null;
IntPtr ptrSid;
uint errorReturn = 0;
bool bRet = false;
ObjSecurityDescriptor = new SecurityDescriptor();
ObjSecurityDescriptor.InitailizeToNull();
SecurityDescriptorApi.SECURITY_DESCRIPTOR sSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR();
try
{
if (pSECURITY_DESCRIPTOR != IntPtr.Zero)
{
SdDacls = new Dictionary<string, List<LwAccessControlEntry>>();
IntPtr pDaclOffset;
bool lpbDaclPresent = false;
bool lpbDaclDefaulted = false;
bRet = SecurityDescriptorApi.GetSecurityDescriptorDacl(pSECURITY_DESCRIPTOR, out lpbDaclPresent, out pDaclOffset, out lpbDaclDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorDacl iRet value", Logger.SecurityDescriptorLogLevel);
SecurityDescriptorApi.ACL_SIZE_INFORMATION AclSize = new SecurityDescriptorApi.ACL_SIZE_INFORMATION();
SecurityDescriptorApi.GetAclInformation(pDaclOffset, AclSize,
((uint)Marshal.SizeOf(typeof(SecurityDescriptorApi.ACL_SIZE_INFORMATION))),
SecurityDescriptorApi.ACL_INFORMATION_CLASS.AclSizeInformation);
if (pDaclOffset != IntPtr.Zero)
{
SdDacls = new Dictionary<string, List<LwAccessControlEntry>>();
List<LwAccessControlEntry> daclInfo = new List<LwAccessControlEntry>();
for (int idx = 0; idx < AclSize.AceCount; idx++)
{
IntPtr pAce;
string sUsername, sDomain;
int err = SecurityDescriptorApi.GetAce(pDaclOffset, idx, out pAce);
SecurityDescriptorApi.ACCESS_ALLOWED_ACE ace = (SecurityDescriptorApi.ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE));
IntPtr iter = (IntPtr)((int)pAce + (int)Marshal.OffsetOf(typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE), "SidStart"));
string strSID = GetObjectStringSid(iter);
//Commented this, to use it in feature
//IntPtr pTrustee = IntPtr.Zero;
//SecurityDescriptorApi.BuildTrusteeWithSid(out pTrustee, ptrSid);
//SecurityDescriptorApi.TRUSTEE trustee = new SecurityDescriptorApi.TRUSTEE();
//Marshal.PtrToStructure(pTrustee, trustee);
GetObjectLookUpName(iter, out sUsername, out sDomain);
if (String.IsNullOrEmpty(sUsername))
sUsername = strSID;
Logger.Log("Trustee = " + sUsername, Logger.SecurityDescriptorLogLevel);
Logger.Log(string.Format("SID={0} : AceType={1}/ AceMask={2}/ AceFlags={3}",
strSID,
ace.Header.AceType.ToString(),
ace.Mask.ToString(),
ace.Header.AceFlags.ToString()), Logger.SecurityDescriptorLogLevel);
LwAccessControlEntry Ace = new LwAccessControlEntry();
Ace.Username = sUsername + "(" + sUsername + "@" + sDomain + ")";
Ace.SID = strSID;
Ace.AceType = Convert.ToInt32(ace.Header.AceType);
Ace.AccessMask = ace.Mask.ToString();
Ace.AceFlags = Convert.ToInt32(ace.Header.AceFlags.ToString());
Ace.AceSize = Convert.ToInt32(ace.Header.AceSize.ToString());
daclInfo.Add(Ace);
}
if (daclInfo != null && daclInfo.Count != 0)
{
List<LwAccessControlEntry> objectDacl = new List<LwAccessControlEntry>();
foreach (LwAccessControlEntry Ace in daclInfo)
{
if (!SdDacls.ContainsKey(Ace.Username))
{
objectDacl = new List<LwAccessControlEntry>();
objectDacl.Add(Ace);
SdDacls.Add(Ace.Username, objectDacl);
}
else
{
objectDacl = SdDacls[Ace.Username];
objectDacl.Add(Ace);
SdDacls[Ace.Username] = objectDacl;
}
}
}
ObjSecurityDescriptor.Descretionary_Access_Control_List = SdDacls;
}
else
{
ObjSecurityDescriptor.Descretionary_Access_Control_List = null;
ObjSecurityDescriptor.IsAccessDenied = true;
}
sSECURITY_DESCRIPTOR = (SecurityDescriptorApi.SECURITY_DESCRIPTOR)Marshal.PtrToStructure(pSECURITY_DESCRIPTOR, typeof(SecurityDescriptorApi.SECURITY_DESCRIPTOR));
//Get Security Descriptor Control
uint dwRevision;
SecurityDescriptorApi.SECURITY_DESCRIPTOR_CONTROL pControl;
SecurityDescriptorApi.GetSecurityDescriptorControl(pSECURITY_DESCRIPTOR, out pControl, out dwRevision);
ObjSecurityDescriptor.Control = (uint)pControl;
ObjSecurityDescriptor.Revision = dwRevision;
//Get Security Descriptor Owner
bool lpbOwnerDefaulted = false;
ptrSid = IntPtr.Zero;
bRet = SecurityDescriptorApi.GetSecurityDescriptorOwner(pSECURITY_DESCRIPTOR, out ptrSid, out lpbOwnerDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorOwner iRet value: " + Marshal.GetLastWin32Error());
ObjSecurityDescriptor.Owner = GetObjectStringSid(ptrSid);
SecurityDescriptorApi.FreeSid(ptrSid);
//Get Security Descriptor Group
bool lpbGroupDefaulted = false;
ptrSid = IntPtr.Zero;
bRet = SecurityDescriptorApi.GetSecurityDescriptorGroup(pSECURITY_DESCRIPTOR, out ptrSid, out lpbGroupDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorGroup iRet value: " + Marshal.GetLastWin32Error());
ObjSecurityDescriptor.PrimaryGroupID = GetObjectStringSid(ptrSid);
SecurityDescriptorApi.FreeSid(ptrSid);
ObjSecurityDescriptor.Size = SecurityDescriptorApi.GetSecurityDescriptorLength(pSECURITY_DESCRIPTOR);
ObjSecurityDescriptor.pSecurityDescriptor = pSECURITY_DESCRIPTOR;
}
}
catch (Exception ex)
{
Logger.LogException("SecurityDescriptorWrapper.ReadSecurityDescriptor()", ex);
}
return errorReturn;
}
public static uint ReadSecurityDescriptor(
IntPtr pSECURITY_DESCRIPTOR,
ref SecurityDescriptor ObjSecurityDescriptor)
{
Logger.Log(string.Format("SecurityDescriptorWrapper.ReadSecurityDescriptor()"), Logger.SecurityDescriptorLogLevel);
Dictionary <string, List <LwAccessControlEntry> > SdDacls = null;
IntPtr ptrSid;
uint errorReturn = 0;
bool bRet = false;
ObjSecurityDescriptor = new SecurityDescriptor();
ObjSecurityDescriptor.InitailizeToNull();
SecurityDescriptorApi.SECURITY_DESCRIPTOR sSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR();
try
{
if (pSECURITY_DESCRIPTOR != IntPtr.Zero)
{
SdDacls = new Dictionary <string, List <LwAccessControlEntry> >();
IntPtr pDaclOffset;
bool lpbDaclPresent = false;
bool lpbDaclDefaulted = false;
bRet = SecurityDescriptorApi.GetSecurityDescriptorDacl(pSECURITY_DESCRIPTOR, out lpbDaclPresent, out pDaclOffset, out lpbDaclDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorDacl iRet value", Logger.SecurityDescriptorLogLevel);
SecurityDescriptorApi.ACL_SIZE_INFORMATION AclSize = new SecurityDescriptorApi.ACL_SIZE_INFORMATION();
SecurityDescriptorApi.GetAclInformation(pDaclOffset, AclSize,
((uint)Marshal.SizeOf(typeof(SecurityDescriptorApi.ACL_SIZE_INFORMATION))),
SecurityDescriptorApi.ACL_INFORMATION_CLASS.AclSizeInformation);
if (pDaclOffset != IntPtr.Zero)
{
SdDacls = new Dictionary <string, List <LwAccessControlEntry> >();
List <LwAccessControlEntry> daclInfo = new List <LwAccessControlEntry>();
for (int idx = 0; idx < AclSize.AceCount; idx++)
{
IntPtr pAce;
string sUsername, sDomain;
int err = SecurityDescriptorApi.GetAce(pDaclOffset, idx, out pAce);
SecurityDescriptorApi.ACCESS_ALLOWED_ACE ace = (SecurityDescriptorApi.ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE));
IntPtr iter = (IntPtr)((int)pAce + (int)Marshal.OffsetOf(typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE), "SidStart"));
string strSID = GetObjectStringSid(iter);
//Commented this, to use it in feature
//IntPtr pTrustee = IntPtr.Zero;
//SecurityDescriptorApi.BuildTrusteeWithSid(out pTrustee, ptrSid);
//SecurityDescriptorApi.TRUSTEE trustee = new SecurityDescriptorApi.TRUSTEE();
//Marshal.PtrToStructure(pTrustee, trustee);
GetObjectLookUpName(iter, out sUsername, out sDomain);
if (String.IsNullOrEmpty(sUsername))
{
sUsername = strSID;
}
Logger.Log("Trustee = " + sUsername, Logger.SecurityDescriptorLogLevel);
Logger.Log(string.Format("SID={0} : AceType={1}/ AceMask={2}/ AceFlags={3}",
strSID,
ace.Header.AceType.ToString(),
ace.Mask.ToString(),
ace.Header.AceFlags.ToString()), Logger.SecurityDescriptorLogLevel);
LwAccessControlEntry Ace = new LwAccessControlEntry();
Ace.Username = sUsername + "(" + sUsername + "@" + sDomain + ")";
Ace.SID = strSID;
Ace.AceType = Convert.ToInt32(ace.Header.AceType);
Ace.AccessMask = ace.Mask.ToString();
Ace.AceFlags = Convert.ToInt32(ace.Header.AceFlags.ToString());
Ace.AceSize = Convert.ToInt32(ace.Header.AceSize.ToString());
daclInfo.Add(Ace);
}
if (daclInfo != null && daclInfo.Count != 0)
{
List <LwAccessControlEntry> objectDacl = new List <LwAccessControlEntry>();
foreach (LwAccessControlEntry Ace in daclInfo)
{
if (!SdDacls.ContainsKey(Ace.Username))
{
objectDacl = new List <LwAccessControlEntry>();
objectDacl.Add(Ace);
SdDacls.Add(Ace.Username, objectDacl);
}
else
{
objectDacl = SdDacls[Ace.Username];
objectDacl.Add(Ace);
SdDacls[Ace.Username] = objectDacl;
}
}
}
ObjSecurityDescriptor.Descretionary_Access_Control_List = SdDacls;
}
else
{
ObjSecurityDescriptor.Descretionary_Access_Control_List = null;
ObjSecurityDescriptor.IsAccessDenied = true;
}
sSECURITY_DESCRIPTOR = (SecurityDescriptorApi.SECURITY_DESCRIPTOR)Marshal.PtrToStructure(pSECURITY_DESCRIPTOR, typeof(SecurityDescriptorApi.SECURITY_DESCRIPTOR));
//Get Security Descriptor Control
uint dwRevision;
SecurityDescriptorApi.SECURITY_DESCRIPTOR_CONTROL pControl;
SecurityDescriptorApi.GetSecurityDescriptorControl(pSECURITY_DESCRIPTOR, out pControl, out dwRevision);
ObjSecurityDescriptor.Control = (uint)pControl;
ObjSecurityDescriptor.Revision = dwRevision;
//Get Security Descriptor Owner
bool lpbOwnerDefaulted = false;
ptrSid = IntPtr.Zero;
bRet = SecurityDescriptorApi.GetSecurityDescriptorOwner(pSECURITY_DESCRIPTOR, out ptrSid, out lpbOwnerDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorOwner iRet value: " + Marshal.GetLastWin32Error());
ObjSecurityDescriptor.Owner = GetObjectStringSid(ptrSid);
SecurityDescriptorApi.FreeSid(ptrSid);
//Get Security Descriptor Group
bool lpbGroupDefaulted = false;
ptrSid = IntPtr.Zero;
bRet = SecurityDescriptorApi.GetSecurityDescriptorGroup(pSECURITY_DESCRIPTOR, out ptrSid, out lpbGroupDefaulted);
Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorGroup iRet value: " + Marshal.GetLastWin32Error());
ObjSecurityDescriptor.PrimaryGroupID = GetObjectStringSid(ptrSid);
SecurityDescriptorApi.FreeSid(ptrSid);
ObjSecurityDescriptor.Size = SecurityDescriptorApi.GetSecurityDescriptorLength(pSECURITY_DESCRIPTOR);
ObjSecurityDescriptor.pSecurityDescriptor = pSECURITY_DESCRIPTOR;
}
}
catch (Exception ex)
{
Logger.LogException("SecurityDescriptorWrapper.ReadSecurityDescriptor()", ex);
}
return(errorReturn);
}
public SecuritySettingsControl(SecurityDescriptor securityDescriptor, string objectPath)
: this()
{
this._securityDescriptor = securityDescriptor;
this._objectPath = objectPath;
}
