예제 #1
0
        private void CreateFromParts(bool isContainer, bool isDS, ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, SystemAcl systemAcl, DiscretionaryAcl discretionaryAcl)
        {
            if (systemAcl != null && systemAcl.IsContainer != isContainer)
            {
                throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "systemAcl");
            }
            if (discretionaryAcl != null && discretionaryAcl.IsContainer != isContainer)
            {
                throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "discretionaryAcl");
            }
            this._isContainer = isContainer;
            if (systemAcl != null && systemAcl.IsDS != isDS)
            {
                throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "systemAcl");
            }
            if (discretionaryAcl != null && discretionaryAcl.IsDS != isDS)
            {
                throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "discretionaryAcl");
            }
            this._isDS = isDS;
            this._sacl = systemAcl;
            if (discretionaryAcl == null)
            {
                discretionaryAcl = DiscretionaryAcl.CreateAllowEveryoneFullAccess(this._isDS, this._isContainer);
            }
            this._dacl = discretionaryAcl;
            ControlFlags controlFlags = flags | ControlFlags.DiscretionaryAclPresent;

            this._rawSd = new RawSecurityDescriptor(systemAcl != null ? controlFlags | ControlFlags.SystemAclPresent : controlFlags& ~ControlFlags.SystemAclPresent, owner, group, systemAcl == null ? (RawAcl)null : systemAcl.RawAcl, discretionaryAcl.RawAcl);
        }
예제 #2
0
        private void CreateFromParts(bool isContainer, bool isDS, ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, SystemAcl systemAcl, DiscretionaryAcl discretionaryAcl)
        {
            if (systemAcl != null &&
                systemAcl.IsContainer != isContainer)
            {
                throw new ArgumentException(
                          isContainer ?
                          SR.AccessControl_MustSpecifyContainerAcl :
                          SR.AccessControl_MustSpecifyLeafObjectAcl,
                          nameof(systemAcl));
            }

            if (discretionaryAcl != null &&
                discretionaryAcl.IsContainer != isContainer)
            {
                throw new ArgumentException(
                          isContainer ?
                          SR.AccessControl_MustSpecifyContainerAcl :
                          SR.AccessControl_MustSpecifyLeafObjectAcl,
                          nameof(discretionaryAcl));
            }

            _isContainer = isContainer;

            if (systemAcl != null &&
                systemAcl.IsDS != isDS)
            {
                throw new ArgumentException(
                          isDS ?
                          SR.AccessControl_MustSpecifyDirectoryObjectAcl :
                          SR.AccessControl_MustSpecifyNonDirectoryObjectAcl,
                          nameof(systemAcl));
            }

            if (discretionaryAcl != null &&
                discretionaryAcl.IsDS != isDS)
            {
                throw new ArgumentException(
                          isDS ?
                          SR.AccessControl_MustSpecifyDirectoryObjectAcl :
                          SR.AccessControl_MustSpecifyNonDirectoryObjectAcl,
                          nameof(discretionaryAcl));
            }

            _isDS = isDS;

            _sacl = systemAcl;

            //
            // Replace null DACL with an allow-all for everyone DACL
            //

            if (discretionaryAcl == null)
            {
                //
                // to conform to native behavior, we will add allow everyone ace for DACL
                //

                discretionaryAcl = DiscretionaryAcl.CreateAllowEveryoneFullAccess(_isDS, _isContainer);
            }

            _dacl = discretionaryAcl;

            //
            // DACL is never null. So always set the flag bit on
            //

            ControlFlags actualFlags = flags | ControlFlags.DiscretionaryAclPresent;

            //
            // Keep SACL and the flag bit in sync.
            //

            if (systemAcl == null)
            {
                unchecked { actualFlags &= ~(ControlFlags.SystemAclPresent); }
            }
            else
            {
                actualFlags |= (ControlFlags.SystemAclPresent);
            }

            _rawSd = new RawSecurityDescriptor(actualFlags, owner, group, systemAcl == null ? null : systemAcl.RawAcl, discretionaryAcl.RawAcl);
        }