public virtual AuditRule AuditRuleFactory (IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags, Guid objectType, Guid inheritedObjectType) { throw GetNotImplementedException (); }
public EventWaitHandleAuditRule (IdentityReference identity, EventWaitHandleRights eventRights, AuditFlags flags) : base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags) { if (eventRights < EventWaitHandleRights.Modify || eventRights > EventWaitHandleRights.FullControl) { throw new ArgumentOutOfRangeException ("eventRights"); } if (flags < AuditFlags.None || flags > AuditFlags.Failure) { throw new ArgumentOutOfRangeException ("flags"); } if (identity == null) { throw new ArgumentNullException ("identity"); } if (eventRights == 0) { throw new ArgumentNullException ("eventRights"); } if (flags == AuditFlags.None) { throw new ArgumentException ("flags"); } if (!(identity is SecurityIdentifier)) { throw new ArgumentException ("identity"); } this.rights = eventRights; }
public RegistryAuditRule (String identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags auditFlags) : base(IdentityReference.IdentityFromName(identity), (int)registryRights, false, inheritanceFlags, propagationFlags, auditFlags) {}
public MutexAuditRule (IdentityReference identity, MutexRights eventRights, AuditFlags flags) : base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags) { this.rights = eventRights; }
public FileSystemAuditRule (String identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags auditFlags) : base(IdentityReference.IdentityFromName(identity), (int)fileSystemRights, false, inheritanceFlags, propagationFlags, auditFlags) {}
public override sealed AuditRule AuditRuleFactory (IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return new PipeAuditRule (identityReference, (PipeAccessRights)accessMask, flags); }
public CryptoKeyAuditRule (IdentityReference identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags) : base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags) { this.rights = cryptoKeyRights; }
private static bool TestRemoveAudit(SystemAcl systemAcl, RawAcl rawAcl, AuditFlags auditFlag, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removePossible) { bool result = true; bool isRemoved = false; byte[] sAclBinaryForm = null; byte[] rAclBinaryForm = null; isRemoved = systemAcl.RemoveAudit(auditFlag, sid, accessMask, inheritanceFlags, propagationFlags); if ((isRemoved == removePossible) && (systemAcl.Count == rawAcl.Count) && (systemAcl.BinaryLength == rawAcl.BinaryLength)) { sAclBinaryForm = new byte[systemAcl.BinaryLength]; rAclBinaryForm = new byte[rawAcl.BinaryLength]; systemAcl.GetBinaryForm(sAclBinaryForm, 0); rawAcl.GetBinaryForm(rAclBinaryForm, 0); if (!Utils.IsBinaryFormEqual(sAclBinaryForm, rAclBinaryForm)) result = false; //redundant index check for (int i = 0; i < systemAcl.Count; i++) { if (!Utils.IsAceEqual(systemAcl[i], rawAcl[i])) { result = false; break; } } } else result = false; return result; }
public WaitableTimerAuditRule( IdentityReference identity, WaitableTimerRights timerRights, AuditFlags flags) : this(identity, (int)timerRights, false, InheritanceFlags.None, PropagationFlags.None, flags) { }
public SemaphoreAuditRule (IdentityReference identity, SemaphoreRights semaphoreRights, AuditFlags flags) : base (identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags) { this.semaphoreRights = semaphoreRights; }
public bool RemoveAudit (AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { throw new NotImplementedException (); }
public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType) { if (!base.IsDS) { throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_OnlyValidForDS")); } base.RemoveQualifiedAcesSpecific(sid, AceQualifier.SystemAudit, accessMask, (AceFlags) ((byte) (GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags))), objectFlags, objectType, inheritedObjectType); }
public void AddAudit (AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { // CommonAce? throw new NotImplementedException (); }
public RegistryAuditRule (IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this (identity, registryRights, false, inheritanceFlags, propagationFlags, flags) { }
public RegistryAuditRule (string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this (new NTAccount (identity), registryRights, inheritanceFlags, propagationFlags, flags) { }
public void AddAudit (AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { AddAce (AceQualifier.SystemAudit, sid, accessMask, inheritanceFlags, propagationFlags, auditFlags); }
public FileSystemAuditRule (IdentityReference identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this (identity, fileSystemRights, false, inheritanceFlags, propagationFlags, flags) { }
public FileSystemAuditRule (string identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this (new SecurityIdentifier (identity), fileSystemRights, inheritanceFlags, propagationFlags, flags) { }
public void AddAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType) { // TODO }
internal RegistryAuditRule (IdentityReference identity, RegistryRights registryRights, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : base (identity, (int)registryRights, isInherited, inheritanceFlags, propagationFlags, flags) { }
internal FileSystemAuditRule (IdentityReference identity, FileSystemRights fileSystemRights, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : base (identity, (int)fileSystemRights, isInherited, inheritanceFlags, propagationFlags, flags) { }
public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType) { // TODO return false; }
public EventWaitHandleAuditRule (IdentityReference identity, EventWaitHandleRights eventRights, AuditFlags flags) : base (identity, (int)eventRights, false, InheritanceFlags.None, PropagationFlags.None, flags) { if (eventRights < EventWaitHandleRights.Modify || eventRights > EventWaitHandleRights.FullControl) { throw new ArgumentOutOfRangeException ("eventRights"); } }
// Constructor. protected AuditRule (IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags) { this.auditFlags = auditFlags; }
// Constructor. protected ObjectAuditRule (IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, auditFlags) { this.objectType = objectType; this.inheritedObjectType = inheritedObjectType; }
public bool RemoveAudit (AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType) { throw new NotImplementedException (); }
public PipeAuditRule( IdentityReference identity, PipeAccessRights rights, AuditFlags flags) : this( identity, AccessMaskFromRights(rights), false, flags) { }
public PipeAuditRule( String identity, PipeAccessRights rights, AuditFlags flags) : this( new NTAccount(identity), AccessMaskFromRights(rights), false, flags) { }
public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { if (inheritanceFlags != InheritanceFlags.None) { throw new ArgumentException(System.SR.GetString("Argument_NonContainerInvalidAnyFlag"), "inheritanceFlags"); } if (propagationFlags != PropagationFlags.None) { throw new ArgumentException(System.SR.GetString("Argument_NonContainerInvalidAnyFlag"), "propagationFlags"); } return new PipeAuditRule(identityReference, accessMask, isInherited, flags); }
public void AddAudit (AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType) { AddAce (AceQualifier.SystemAudit, sid, accessMask, inheritanceFlags, propagationFlags, auditFlags, objectFlags, objectType, inheritedObjectType); }
/// <summary>新建审核规则,指定此规则应用到的用户、要审核的访问权限、规则的继承和传播以及触发此规则的结果。</summary> /// <returns>一个 <see cref="T:System.Security.AccessControl.RegistryAuditRule" /> 对象,表示指定用户的指定审核规则,带有指定标志。该方法的返回类型是基类 <see cref="T:System.Security.AccessControl.AuditRule" />,但可以安全地将返回值强制转换为派生类。</returns> /// <param name="identityReference">一个 <see cref="T:System.Security.Principal.IdentityReference" />,用于标识此规则应用到的用户或组。</param> /// <param name="accessMask"> /// <see cref="T:System.Security.AccessControl.RegistryRights" /> 值的按位组合,用于指定要审核的访问权限,将被强制转换为整数。</param> /// <param name="isInherited">一个布尔值,指定规则是否为继承的规则。</param> /// <param name="inheritanceFlags"> /// <see cref="T:System.Security.AccessControl.InheritanceFlags" /> 值的按位组合,指定子项如何继承规则。</param> /// <param name="propagationFlags"> /// <see cref="T:System.Security.AccessControl.PropagationFlags" /> 值的按位组合,用于修改子项继承规则的方式。如果 <paramref name="inheritanceFlags" /> 的值为 <see cref="F:System.Security.AccessControl.InheritanceFlags.None" />,则它没有意义。</param> /// <param name="flags"> /// <see cref="T:System.Security.AccessControl.AuditFlags" /> 值的按位组合,它指定是审核成功的访问、失败的访问还是对这两种情况都进行审核。</param> /// <exception cref="T:System.ArgumentOutOfRangeException"> /// <paramref name="accessMask" />、<paramref name="inheritanceFlags" />、<paramref name="propagationFlags" /> 或 <paramref name="flags" /> 指定了一个无效值。</exception> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="identityReference" /> 为 null。- 或 -<paramref name="accessMask" /> 是零。</exception> /// <exception cref="T:System.ArgumentException"> /// <paramref name="identityReference" /> 既不属于类型 <see cref="T:System.Security.Principal.SecurityIdentifier" />,也不属于可以转换为 <see cref="T:System.Security.Principal.SecurityIdentifier" /> 类型的类型(如 <see cref="T:System.Security.Principal.NTAccount" />)。</exception> public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return((AuditRule) new RegistryAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags)); }
public override AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return(new ShareAuditRule(identityReference, (ShareRights)accessMask, flags)); }
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags, Guid objectType, Guid inheritedObjectType) { return(new CustomAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, objectType, inheritedObjectType, flags)); }
public CustomAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, objectType, inheritedObjectType, auditFlags) { }
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary> /// <param name="identity">审核规则应用到的标识。</param> /// <param name="rights">审核规则的权限。</param> /// <param name="inheritanceFlags">审核规则的继承属性。</param> /// <param name="propagationFlags">继承的审核规则是否自动传播。</param> /// <param name="flags">审核规则的条件。</param> public AuditRule(string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this((IdentityReference) new NTAccount(identity), (int)(ValueType)rights, false, inheritanceFlags, propagationFlags, flags) { }
public void AddAuditRule(IdentityReference identityReference, ThreadAccessRights accessMask, AuditFlags flags) { AddAuditRule(new ThreadAuditRule(identityReference, accessMask, flags)); }
// Constructors public CryptoKeyAuditRule(System.Security.Principal.IdentityReference identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags) { }
internal AuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, flags) { }
// // Summary: // Initializes a new instance of the System.Security.AccessControl.CryptoKeyAuditRule // class using the specified values. // // Parameters: // identity: // The identity to which the audit rule applies. // // cryptoKeyRights: // The cryptographic key operation for which this audit rule generates audits. // // flags: // The conditions that generate audits. extern public CryptoKeyAuditRule(string identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags);
/// <summary>Initializes a new instance of the <see cref="T:System.Security.AccessControl.FileSystemAuditRule" /> class representing the specified audit rule for the specified user.</summary> /// <param name="identityReference">An <see cref="T:System.Security.Principal.IdentityReference" /> object that represents a user account.</param> /// <param name="accessMask">An integer that specifies an access type.</param> /// <param name="isInherited"> /// <see langword="true" /> if the access rule is inherited; otherwise, <see langword="false" />. </param> /// <param name="inheritanceFlags">One of the <see cref="T:System.Security.AccessControl.InheritanceFlags" /> values that specifies how to propagate access masks to child objects.</param> /// <param name="propagationFlags">One of the <see cref="T:System.Security.AccessControl.PropagationFlags" /> values that specifies how to propagate Access Control Entries (ACEs) to child objects.</param> /// <param name="flags">One of the <see cref="T:System.Security.AccessControl.AuditFlags" /> values that specifies the type of auditing to perform.</param> /// <returns>A new <see cref="T:System.Security.AccessControl.FileSystemAuditRule" /> object representing the specified audit rule for the specified user.</returns> /// <exception cref="T:System.ArgumentOutOfRangeException">The <paramref name="accessMask" />, <paramref name="inheritanceFlags" />, <paramref name="propagationFlags" />, or <paramref name="flags" /> properties specify an invalid value.</exception> /// <exception cref="T:System.ArgumentNullException">The <paramref name="identityReference" /> property is <see langword="null" />. -or-The <paramref name="accessMask" /> property is zero.</exception> /// <exception cref="T:System.ArgumentException">The <paramref name="identityReference" /> property is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" />, nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception> // Token: 0x06001F49 RID: 8009 RVA: 0x0006D79B File Offset: 0x0006B99B public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return(new FileSystemAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags)); }
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary> /// <param name="identity">审核规则应用到的标识。</param> /// <param name="rights">审核规则的权限。</param> /// <param name="flags">审核规则的条件。</param> public AuditRule(IdentityReference identity, T rights, AuditFlags flags) : this(identity, rights, InheritanceFlags.None, PropagationFlags.None, flags) { }
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary> /// <param name="identity">审核规则应用到的标识。</param> /// <param name="rights">审核规则的权限。</param> /// <param name="inheritanceFlags">审核规则的继承属性。</param> /// <param name="propagationFlags">继承的审核规则是否自动传播。</param> /// <param name="flags">审核规则的条件。</param> public AuditRule(IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(identity, (int)(ValueType)rights, false, inheritanceFlags, propagationFlags, flags) { }
/// <summary>Removes the specified audit rule from the current <see cref="T:System.Security.AccessControl.SystemAcl" /> object.</summary> /// <param name="auditFlags">The type of audit rule to remove.</param> /// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to remove an audit rule.</param> /// <param name="accessMask">The access mask for the rule to be removed.</param> /// <param name="inheritanceFlags">Flags that specify the inheritance properties of the rule to be removed.</param> /// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the rule to be removed.</param> /// <returns> /// <see langword="true" /> if this method successfully removes the specified audit rule; otherwise, <see langword="false" />.</returns> // Token: 0x06001EDA RID: 7898 RVA: 0x0006CA2C File Offset: 0x0006AC2C public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { return(base.RemoveQualifiedAces(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), true, ObjectAceFlags.None, Guid.Empty, Guid.Empty)); }
/// <summary>Initializes a new instance of the <see cref="T:System.Security.AccessControl.SemaphoreAuditRule" /> class, specifying the user or group to audit, the rights to audit, and whether to audit success, failure, or both.</summary> /// <param name="identity">The user or group the rule applies to. Must be of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> or a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</param> /// <param name="eventRights">A bitwise combination of <see cref="T:System.Security.AccessControl.SemaphoreRights" /> values specifying the kinds of access to audit.</param> /// <param name="flags">A bitwise combination of <see cref="T:System.Security.AccessControl.AuditFlags" /> values specifying whether to audit success, failure, or both.</param> /// <exception cref="T:System.ArgumentOutOfRangeException"> /// <paramref name="eventRights" /> specifies an invalid value.-or-<paramref name="flags" /> specifies an invalid value.</exception> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="identity" /> is null. -or-<paramref name="eventRights" /> is zero.</exception> /// <exception cref="T:System.ArgumentException"> /// <paramref name="identity" /> is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception> public SemaphoreAuditRule(IdentityReference identity, SemaphoreRights semaphoreRights, AuditFlags flags) : base(identity, 0, false, InheritanceFlags.None, PropagationFlags.None, flags) { this.semaphoreRights = semaphoreRights; }
public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(new NTAccount(identity), (int)registryRights, false, inheritanceFlags, propagationFlags, flags) { }
// Constructors public MutexAuditRule(System.Security.Principal.IdentityReference identity, MutexRights eventRights, AuditFlags flags) { }
public ThreadAuditRule(IdentityReference identity, ThreadAccessRights accessRights, AuditFlags type) : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type) { }
public virtual AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { }
/// <summary>Removes the specified audit rule from the current <see cref="T:System.Security.AccessControl.DiscretionaryAcl" /> object.</summary> /// <param name="auditFlags">The type of audit rule to remove.</param> /// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to remove an audit rule.</param> /// <param name="accessMask">The access mask for the rule to be removed.</param> /// <param name="inheritanceFlags">Flags that specify the inheritance properties of the rule to be removed.</param> /// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the rule to be removed.</param> // Token: 0x06001EDB RID: 7899 RVA: 0x0006CA5E File Offset: 0x0006AC5E public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { base.RemoveQualifiedAcesSpecific(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), ObjectAceFlags.None, Guid.Empty, Guid.Empty); }
// Summary: // Initializes a new instance of the System.Security.AccessControl.CryptoKeyAuditRule // class using the specified values. // // Parameters: // identity: // The identity to which the audit rule applies. This parameter must be an object // that can be cast as a System.Security.Principal.SecurityIdentifier. // // cryptoKeyRights: // The cryptographic key operation for which this audit rule generates audits. // // flags: // The conditions that generate audits. extern public CryptoKeyAuditRule(IdentityReference identity, CryptoKeyRights cryptoKeyRights, AuditFlags flags);
public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(identity, (int)registryRights, false, inheritanceFlags, propagationFlags, flags) { }
public CustomAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags , PropagationFlags propagationFlags, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, Guid.NewGuid(), Guid.NewGuid(), auditFlags) { }
/// <summary>Sets the specified audit rule for the specified <see cref="T:System.Security.Principal.SecurityIdentifier" /> object.</summary> /// <param name="auditFlags">The audit condition to set.</param> /// <param name="sid">The <see cref="T:System.Security.Principal.SecurityIdentifier" /> for which to set an audit rule.</param> /// <param name="accessMask">The access mask for the new audit rule.</param> /// <param name="inheritanceFlags">Flags that specify the inheritance properties of the new audit rule.</param> /// <param name="propagationFlags">Flags that specify the inheritance propagation properties for the new audit rule.</param> // Token: 0x06001ED9 RID: 7897 RVA: 0x0006C9F9 File Offset: 0x0006ABF9 public void SetAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { base.CheckFlags(inheritanceFlags, propagationFlags); base.SetQualifiedAce(sid, AceQualifier.SystemAudit, accessMask, GenericAce.AceFlagsFromAuditFlags(auditFlags) | GenericAce.AceFlagsFromInheritanceFlags(inheritanceFlags, propagationFlags), ObjectAceFlags.None, Guid.Empty, Guid.Empty); }
/// <summary>使用指定的值初始化 AuditRule’1 类的一个新实例。</summary> /// <param name="identity">审核规则应用到的标识。</param> /// <param name="rights">审核规则的权限。</param> /// <param name="flags">审核规则的属性。</param> public AuditRule(string identity, T rights, AuditFlags flags) : this((IdentityReference) new NTAccount(identity), rights, InheritanceFlags.None, PropagationFlags.None, flags) { }
public override AuditRule AuditRuleFactory(System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { throw new NotImplementedException(); }
protected ObjectAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, auditFlags) { if (!objectType.Equals(Guid.Empty) && ((accessMask & ObjectAce.AccessMaskWithObjectType) != 0)) { this._objectType = objectType; this._objectFlags |= ObjectAceFlags.ObjectAceTypePresent; } else { this._objectType = Guid.Empty; } if (!inheritedObjectType.Equals(Guid.Empty) && ((inheritanceFlags & InheritanceFlags.ContainerInherit) != InheritanceFlags.None)) { this._inheritedObjectType = inheritedObjectType; this._objectFlags |= ObjectAceFlags.InheritedObjectAceTypePresent; } else { this._inheritedObjectType = Guid.Empty; } }
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { throw new NotImplementedException(AuditingNotSupportedMessage); }
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return(new MutexAuditRule(identityReference, (MutexRights)accessMask, flags)); }
public abstract AuditRule Constructor(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags AuditFlags);
private static bool TestRemoveAuditSpecific(SystemAcl systemAcl, RawAcl rawAcl, AuditFlags auditFlag, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { bool result = true; byte[] sAclBinaryForm = null; byte[] rAclBinaryForm = null; systemAcl.RemoveAuditSpecific(auditFlag, sid, accessMask, inheritanceFlags, propagationFlags); if (systemAcl.Count == rawAcl.Count && systemAcl.BinaryLength == rawAcl.BinaryLength) { sAclBinaryForm = new byte[systemAcl.BinaryLength]; rAclBinaryForm = new byte[rawAcl.BinaryLength]; systemAcl.GetBinaryForm(sAclBinaryForm, 0); rawAcl.GetBinaryForm(rAclBinaryForm, 0); if (!Utils.IsBinaryFormEqual(sAclBinaryForm, rAclBinaryForm)) { result = false; } //redundant index check for (int i = 0; i < systemAcl.Count; i++) { if (!Utils.IsAceEqual(systemAcl[i], rawAcl[i])) { result = false; break; } } } else { result = false; } return(result); }