public PermissionsControl(SecurityDescriptor securityDescriptor, string _objectPath) : this() { this._securityDescriptor = securityDescriptor; this._ObjectPath = _objectPath; }
public PermissionsControlDlg(SecurityDescriptor securityDescriptor, string ObjectPath) : this() { this.Text = String.Format("Permissions for {0}", ObjectPath); permissionsControl.securityDescriptor = securityDescriptor; permissionsControl._ObjectPath = ObjectPath; }
/// <summary> /// Initialize the DACL info to null in add mode and to object in edit mode /// </summary> /// <param name="daclInfo"></param> /// <param name="securityDescriptor"></param> public void InitializeData(List<LwAccessControlEntry> daclInfo, SecurityDescriptor securityDescriptor) { this._daclInfo = daclInfo; this._securityDescriptor = securityDescriptor; FillRowPermissions(); }
public AdvancedPermissionsControlDlg(SecurityDescriptor securityDescriptor, string ObjectPath) : this() { _securityDescriptor = securityDescriptor; _objectPath = ObjectPath; }
public static uint ReadSecurityDescriptor( IntPtr pSECURITY_DESCRIPTOR, ref SecurityDescriptor ObjSecurityDescriptor) { Logger.Log(string.Format("SecurityDescriptorWrapper.ReadSecurityDescriptor()"), Logger.SecurityDescriptorLogLevel); Dictionary<string, List<LwAccessControlEntry>> SdDacls = null; IntPtr ptrSid; uint errorReturn = 0; bool bRet = false; ObjSecurityDescriptor = new SecurityDescriptor(); ObjSecurityDescriptor.InitailizeToNull(); SecurityDescriptorApi.SECURITY_DESCRIPTOR sSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR(); try { if (pSECURITY_DESCRIPTOR != IntPtr.Zero) { SdDacls = new Dictionary<string, List<LwAccessControlEntry>>(); IntPtr pDaclOffset; bool lpbDaclPresent = false; bool lpbDaclDefaulted = false; bRet = SecurityDescriptorApi.GetSecurityDescriptorDacl(pSECURITY_DESCRIPTOR, out lpbDaclPresent, out pDaclOffset, out lpbDaclDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorDacl iRet value", Logger.SecurityDescriptorLogLevel); SecurityDescriptorApi.ACL_SIZE_INFORMATION AclSize = new SecurityDescriptorApi.ACL_SIZE_INFORMATION(); SecurityDescriptorApi.GetAclInformation(pDaclOffset, AclSize, ((uint)Marshal.SizeOf(typeof(SecurityDescriptorApi.ACL_SIZE_INFORMATION))), SecurityDescriptorApi.ACL_INFORMATION_CLASS.AclSizeInformation); if (pDaclOffset != IntPtr.Zero) { SdDacls = new Dictionary<string, List<LwAccessControlEntry>>(); List<LwAccessControlEntry> daclInfo = new List<LwAccessControlEntry>(); for (int idx = 0; idx < AclSize.AceCount; idx++) { IntPtr pAce; string sUsername, sDomain; int err = SecurityDescriptorApi.GetAce(pDaclOffset, idx, out pAce); SecurityDescriptorApi.ACCESS_ALLOWED_ACE ace = (SecurityDescriptorApi.ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE)); IntPtr iter = (IntPtr)((int)pAce + (int)Marshal.OffsetOf(typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE), "SidStart")); string strSID = GetObjectStringSid(iter); //Commented this, to use it in feature //IntPtr pTrustee = IntPtr.Zero; //SecurityDescriptorApi.BuildTrusteeWithSid(out pTrustee, ptrSid); //SecurityDescriptorApi.TRUSTEE trustee = new SecurityDescriptorApi.TRUSTEE(); //Marshal.PtrToStructure(pTrustee, trustee); GetObjectLookUpName(iter, out sUsername, out sDomain); if (String.IsNullOrEmpty(sUsername)) sUsername = strSID; Logger.Log("Trustee = " + sUsername, Logger.SecurityDescriptorLogLevel); Logger.Log(string.Format("SID={0} : AceType={1}/ AceMask={2}/ AceFlags={3}", strSID, ace.Header.AceType.ToString(), ace.Mask.ToString(), ace.Header.AceFlags.ToString()), Logger.SecurityDescriptorLogLevel); LwAccessControlEntry Ace = new LwAccessControlEntry(); Ace.Username = sUsername + "(" + sUsername + "@" + sDomain + ")"; Ace.SID = strSID; Ace.AceType = Convert.ToInt32(ace.Header.AceType); Ace.AccessMask = ace.Mask.ToString(); Ace.AceFlags = Convert.ToInt32(ace.Header.AceFlags.ToString()); Ace.AceSize = Convert.ToInt32(ace.Header.AceSize.ToString()); daclInfo.Add(Ace); } if (daclInfo != null && daclInfo.Count != 0) { List<LwAccessControlEntry> objectDacl = new List<LwAccessControlEntry>(); foreach (LwAccessControlEntry Ace in daclInfo) { if (!SdDacls.ContainsKey(Ace.Username)) { objectDacl = new List<LwAccessControlEntry>(); objectDacl.Add(Ace); SdDacls.Add(Ace.Username, objectDacl); } else { objectDacl = SdDacls[Ace.Username]; objectDacl.Add(Ace); SdDacls[Ace.Username] = objectDacl; } } } ObjSecurityDescriptor.Descretionary_Access_Control_List = SdDacls; } else { ObjSecurityDescriptor.Descretionary_Access_Control_List = null; ObjSecurityDescriptor.IsAccessDenied = true; } sSECURITY_DESCRIPTOR = (SecurityDescriptorApi.SECURITY_DESCRIPTOR)Marshal.PtrToStructure(pSECURITY_DESCRIPTOR, typeof(SecurityDescriptorApi.SECURITY_DESCRIPTOR)); //Get Security Descriptor Control uint dwRevision; SecurityDescriptorApi.SECURITY_DESCRIPTOR_CONTROL pControl; SecurityDescriptorApi.GetSecurityDescriptorControl(pSECURITY_DESCRIPTOR, out pControl, out dwRevision); ObjSecurityDescriptor.Control = (uint)pControl; ObjSecurityDescriptor.Revision = dwRevision; //Get Security Descriptor Owner bool lpbOwnerDefaulted = false; ptrSid = IntPtr.Zero; bRet = SecurityDescriptorApi.GetSecurityDescriptorOwner(pSECURITY_DESCRIPTOR, out ptrSid, out lpbOwnerDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorOwner iRet value: " + Marshal.GetLastWin32Error()); ObjSecurityDescriptor.Owner = GetObjectStringSid(ptrSid); SecurityDescriptorApi.FreeSid(ptrSid); //Get Security Descriptor Group bool lpbGroupDefaulted = false; ptrSid = IntPtr.Zero; bRet = SecurityDescriptorApi.GetSecurityDescriptorGroup(pSECURITY_DESCRIPTOR, out ptrSid, out lpbGroupDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorGroup iRet value: " + Marshal.GetLastWin32Error()); ObjSecurityDescriptor.PrimaryGroupID = GetObjectStringSid(ptrSid); SecurityDescriptorApi.FreeSid(ptrSid); ObjSecurityDescriptor.Size = SecurityDescriptorApi.GetSecurityDescriptorLength(pSECURITY_DESCRIPTOR); ObjSecurityDescriptor.pSecurityDescriptor = pSECURITY_DESCRIPTOR; } } catch (Exception ex) { Logger.LogException("SecurityDescriptorWrapper.ReadSecurityDescriptor()", ex); } return errorReturn; }
public static uint ReadSecurityDescriptor( IntPtr pSECURITY_DESCRIPTOR, ref SecurityDescriptor ObjSecurityDescriptor) { Logger.Log(string.Format("SecurityDescriptorWrapper.ReadSecurityDescriptor()"), Logger.SecurityDescriptorLogLevel); Dictionary <string, List <LwAccessControlEntry> > SdDacls = null; IntPtr ptrSid; uint errorReturn = 0; bool bRet = false; ObjSecurityDescriptor = new SecurityDescriptor(); ObjSecurityDescriptor.InitailizeToNull(); SecurityDescriptorApi.SECURITY_DESCRIPTOR sSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR(); try { if (pSECURITY_DESCRIPTOR != IntPtr.Zero) { SdDacls = new Dictionary <string, List <LwAccessControlEntry> >(); IntPtr pDaclOffset; bool lpbDaclPresent = false; bool lpbDaclDefaulted = false; bRet = SecurityDescriptorApi.GetSecurityDescriptorDacl(pSECURITY_DESCRIPTOR, out lpbDaclPresent, out pDaclOffset, out lpbDaclDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorDacl iRet value", Logger.SecurityDescriptorLogLevel); SecurityDescriptorApi.ACL_SIZE_INFORMATION AclSize = new SecurityDescriptorApi.ACL_SIZE_INFORMATION(); SecurityDescriptorApi.GetAclInformation(pDaclOffset, AclSize, ((uint)Marshal.SizeOf(typeof(SecurityDescriptorApi.ACL_SIZE_INFORMATION))), SecurityDescriptorApi.ACL_INFORMATION_CLASS.AclSizeInformation); if (pDaclOffset != IntPtr.Zero) { SdDacls = new Dictionary <string, List <LwAccessControlEntry> >(); List <LwAccessControlEntry> daclInfo = new List <LwAccessControlEntry>(); for (int idx = 0; idx < AclSize.AceCount; idx++) { IntPtr pAce; string sUsername, sDomain; int err = SecurityDescriptorApi.GetAce(pDaclOffset, idx, out pAce); SecurityDescriptorApi.ACCESS_ALLOWED_ACE ace = (SecurityDescriptorApi.ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE)); IntPtr iter = (IntPtr)((int)pAce + (int)Marshal.OffsetOf(typeof(SecurityDescriptorApi.ACCESS_ALLOWED_ACE), "SidStart")); string strSID = GetObjectStringSid(iter); //Commented this, to use it in feature //IntPtr pTrustee = IntPtr.Zero; //SecurityDescriptorApi.BuildTrusteeWithSid(out pTrustee, ptrSid); //SecurityDescriptorApi.TRUSTEE trustee = new SecurityDescriptorApi.TRUSTEE(); //Marshal.PtrToStructure(pTrustee, trustee); GetObjectLookUpName(iter, out sUsername, out sDomain); if (String.IsNullOrEmpty(sUsername)) { sUsername = strSID; } Logger.Log("Trustee = " + sUsername, Logger.SecurityDescriptorLogLevel); Logger.Log(string.Format("SID={0} : AceType={1}/ AceMask={2}/ AceFlags={3}", strSID, ace.Header.AceType.ToString(), ace.Mask.ToString(), ace.Header.AceFlags.ToString()), Logger.SecurityDescriptorLogLevel); LwAccessControlEntry Ace = new LwAccessControlEntry(); Ace.Username = sUsername + "(" + sUsername + "@" + sDomain + ")"; Ace.SID = strSID; Ace.AceType = Convert.ToInt32(ace.Header.AceType); Ace.AccessMask = ace.Mask.ToString(); Ace.AceFlags = Convert.ToInt32(ace.Header.AceFlags.ToString()); Ace.AceSize = Convert.ToInt32(ace.Header.AceSize.ToString()); daclInfo.Add(Ace); } if (daclInfo != null && daclInfo.Count != 0) { List <LwAccessControlEntry> objectDacl = new List <LwAccessControlEntry>(); foreach (LwAccessControlEntry Ace in daclInfo) { if (!SdDacls.ContainsKey(Ace.Username)) { objectDacl = new List <LwAccessControlEntry>(); objectDacl.Add(Ace); SdDacls.Add(Ace.Username, objectDacl); } else { objectDacl = SdDacls[Ace.Username]; objectDacl.Add(Ace); SdDacls[Ace.Username] = objectDacl; } } } ObjSecurityDescriptor.Descretionary_Access_Control_List = SdDacls; } else { ObjSecurityDescriptor.Descretionary_Access_Control_List = null; ObjSecurityDescriptor.IsAccessDenied = true; } sSECURITY_DESCRIPTOR = (SecurityDescriptorApi.SECURITY_DESCRIPTOR)Marshal.PtrToStructure(pSECURITY_DESCRIPTOR, typeof(SecurityDescriptorApi.SECURITY_DESCRIPTOR)); //Get Security Descriptor Control uint dwRevision; SecurityDescriptorApi.SECURITY_DESCRIPTOR_CONTROL pControl; SecurityDescriptorApi.GetSecurityDescriptorControl(pSECURITY_DESCRIPTOR, out pControl, out dwRevision); ObjSecurityDescriptor.Control = (uint)pControl; ObjSecurityDescriptor.Revision = dwRevision; //Get Security Descriptor Owner bool lpbOwnerDefaulted = false; ptrSid = IntPtr.Zero; bRet = SecurityDescriptorApi.GetSecurityDescriptorOwner(pSECURITY_DESCRIPTOR, out ptrSid, out lpbOwnerDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorOwner iRet value: " + Marshal.GetLastWin32Error()); ObjSecurityDescriptor.Owner = GetObjectStringSid(ptrSid); SecurityDescriptorApi.FreeSid(ptrSid); //Get Security Descriptor Group bool lpbGroupDefaulted = false; ptrSid = IntPtr.Zero; bRet = SecurityDescriptorApi.GetSecurityDescriptorGroup(pSECURITY_DESCRIPTOR, out ptrSid, out lpbGroupDefaulted); Logger.Log("SecurityDescriptorApi.GetSecurityDescriptorGroup iRet value: " + Marshal.GetLastWin32Error()); ObjSecurityDescriptor.PrimaryGroupID = GetObjectStringSid(ptrSid); SecurityDescriptorApi.FreeSid(ptrSid); ObjSecurityDescriptor.Size = SecurityDescriptorApi.GetSecurityDescriptorLength(pSECURITY_DESCRIPTOR); ObjSecurityDescriptor.pSecurityDescriptor = pSECURITY_DESCRIPTOR; } } catch (Exception ex) { Logger.LogException("SecurityDescriptorWrapper.ReadSecurityDescriptor()", ex); } return(errorReturn); }
public SecuritySettingsControl(SecurityDescriptor securityDescriptor, string objectPath) : this() { this._securityDescriptor = securityDescriptor; this._objectPath = objectPath; }