示例#1
0
        private void btnOK_Click(object sender, EventArgs e)
        {
            //Need to check with the existing AceMask and then add a
            //new entry to the Advanced permissions dialog if it varies

            //Check for the edit mode or add mode. Since in the add mode user should send the null for daclInfo object
            if (_daclInfo == null)
            {
                _daclInfo = new List <LwAccessControlEntry>();

                LwAccessControlEntry ace = new LwAccessControlEntry();
                ace.AccessMask = "-1";
                ace.AceType    = 0;
                _daclInfo.Add(ace);

                ace            = new LwAccessControlEntry();
                ace.AccessMask = "-1";
                ace.AceType    = 1;
                _daclInfo.Add(ace);
            }
            //Need to calculate the access mask for the Allow and deny permission sets.
            foreach (LwAccessControlEntry ace in _daclInfo)
            {
                long iAceMask = Convert.ToInt64(ace.AccessMask);
                //Validation for the AceType = Allow
                //Update the the AceType object with modified access modes
                if (ace.AceType == 0)
                {
                    foreach (DataGridViewRow dgRow in dgPermissions.Rows)
                    {
                        if (dgRow.Cells[1].Value.ToString().Equals("True"))
                        {
                            _securityDescriptor.GetIntAccessMaskFromStringAceMask(dgRow.Cells[0].Value.ToString(), ref iAceMask);
                        }
                    }
                }

                //Validation for the AceType = Deny
                if (ace.AceType == 1)
                {
                    foreach (DataGridViewRow dgRow in dgPermissions.Rows)
                    {
                        if (dgRow.Cells[2].Value.ToString().Equals("True"))
                        {
                            _securityDescriptor.GetIntAccessMaskFromStringAceMask(dgRow.Cells[0].Value.ToString(), ref iAceMask);
                        }
                    }
                }
                //Check for the edit values
                if (Convert.ToInt32(ace.AccessMask) != Convert.ToInt32(iAceMask))
                {
                    ace.AccessMask = iAceMask.ToString();
                    IsCommit       = true;
                }
            }

            this.DialogResult = DialogResult.OK;
            Close();
        }
示例#2
0
        private void btnAdd_Click(object sender, EventArgs e)
        {
            //AdvancedPermissionsControlDlg advancedPermissionsControlDlg = new AdvancedPermissionsControlDlg(_securityDescriptor, _ObjectPath);
            //advancedPermissionsControlDlg.ShowDialog(this);
            //return;

            string distinguishedName = string.Empty;
            string domainName        = _securityDescriptor.GetDCInfo(null);

            distinguishedName = System.DirectoryServices.SDSUtils.DomainNameToDN(domainName);

            // show picker
            string sLdapPath = string.Format("LDAP://{0}/{1}", domainName, distinguishedName);
            string sProtocol;
            string sServer;
            string sCNs;
            string sDCs;

            System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
            System.DirectoryServices.Misc.DsPicker dsPickerDlg = new System.DirectoryServices.Misc.DsPicker();
            dsPickerDlg.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_USERS_OR_GROUPS,
                                sProtocol,
                                sServer,
                                sDCs,
                                true);
            if (dsPickerDlg.waitForm != null && dsPickerDlg.waitForm.bIsInterrupted)
            {
                return;
            }

            if (dsPickerDlg.ShowDialog(this) == DialogResult.OK)
            {
                if (dsPickerDlg.ADobjectsArray != null && dsPickerDlg.ADobjectsArray.Length != 0)
                {
                    foreach (System.DirectoryServices.Misc.ADObject ado in dsPickerDlg.ADobjectsArray)
                    {
                        byte[] sObjectSid     = ado.de.Properties["objectSid"].Value as byte[];
                        string sAMAccountName = ado.de.Properties["sAMAccountName"].Value as string;

                        string sSID = _securityDescriptor.ConvetByteSidToStringSid(sObjectSid);

                        //Need to set the permission check list in the permission set
                        LwAccessControlEntry Ace = new LwAccessControlEntry();
                        Ace.SID        = sSID;
                        Ace.Username   = sAMAccountName;
                        Ace.AceType    = 0;
                        Ace.AceFlags   = 0;
                        Ace.AccessMask = Convert.ToInt64(LwAccessMask.ACCESS_MASK.Special_Permissions).ToString();

                        bool bIsEntryFound = false;
                        List <LwAccessControlEntry> acelist = null;

                        foreach (ListViewItem item in lvGroupOrUserNames.Items)
                        {
                            if (item.Text.Contains(sAMAccountName))
                            {
                                acelist = item.Tag as List <LwAccessControlEntry>;
                                foreach (LwAccessControlEntry aceEntry in acelist)
                                {
                                    if (aceEntry.AceType == 0)
                                    {
                                        aceEntry.AccessMask = Ace.AccessMask;
                                        item.Tag            = acelist;
                                        item.Selected       = true;
                                    }
                                }
                            }
                        }
                        if (!bIsEntryFound)
                        {
                            ListViewItem lvItem = new ListViewItem(sAMAccountName);
                            acelist = new List <LwAccessControlEntry>();
                            acelist.Add(Ace);
                            lvItem.Tag = acelist; //Need to initialize the DaclInfo for the object
                            lvGroupOrUserNames.Items.Add(lvItem);

                            lvGroupOrUserNames.Items[lvGroupOrUserNames.Items.Count - 1].Selected = true;
                        }
                        _addedObjects.Add(sAMAccountName, acelist);
                    }
                }
            }
        }