private void lvGroupOrUserNames_SelectedIndexChanged(object sender, EventArgs e) { ListView listview = sender as ListView; if (listview != null) { if (listview.SelectedItems.Count != 0) { ListViewItem lvItem = listview.SelectedItems[0]; if (lvItem.Tag != null) { lblPermissions.Text = string.Format("Permissions for {0}", lvItem.Text); List <LwAccessControlEntry> daclInfo = lvItem.Tag as List <LwAccessControlEntry>; List <string> AllowedPermissions = new List <string>(); List <string> DeniedPermissions = new List <string>(); if (daclInfo != null) { foreach (LwAccessControlEntry ace in daclInfo) { if (ace.AceType == 0 && ace.AceFlags == 16) { AllowedPermissions = _securityDescriptor.GetUserOrGroupPermissions(ace.AccessMask); } else if (ace.AceType == 1) { DeniedPermissions = _securityDescriptor.GetUserOrGroupPermissions(ace.AccessMask); } } DataGridViewRowCollection dgRows = DgPermissions.Rows; foreach (DataGridViewRow dgRow in dgRows) { if (AllowedPermissions.Count == 0 && dgRow.Cells[0].Value.ToString().Equals("Special Permissions")) { dgRow.Cells[1].Value = true; continue; } if (AllowedPermissions.Contains(dgRow.Cells[0].Value.ToString())) { dgRow.Cells[1].Value = true; } else { dgRow.Cells[1].Value = false; } if (DeniedPermissions.Contains(dgRow.Cells[0].Value.ToString())) { dgRow.Cells[2].Value = true; } else { dgRow.Cells[2].Value = false; } } } } } } }
private void FillRowPermissions() { string[] possiblePermissions = null; //Read all possibel permissions based on type of object switch (SecurityDescriptor.objectType) { case SecurityDescriptorApi.SE_OBJECT_TYPE.SE_FILE_OBJECT: possiblePermissions = AdvancedPermissions.DirectoryPermissionSet; break; case SecurityDescriptorApi.SE_OBJECT_TYPE.SE_REGISTRY_KEY: case SecurityDescriptorApi.SE_OBJECT_TYPE.SE_REGISTRY_WOW64_32KEY: possiblePermissions = AdvancedPermissions.RegistryPermissionSet; break; case SecurityDescriptorApi.SE_OBJECT_TYPE.SE_DS_OBJECT: case SecurityDescriptorApi.SE_OBJECT_TYPE.SE_DS_OBJECT_ALL: possiblePermissions = AdvancedPermissions.AdsPermissionSet; break; default: break; } //Read all allowed/Denied permissions from the dacl list List <string> AllowedPermissions = new List <string>(); List <string> DeniedPermissions = new List <string>(); if (_daclInfo != null && _daclInfo.Count != 0) { foreach (LwAccessControlEntry ace in _daclInfo) { if (ace.AceType == 0) { AllowedPermissions = _securityDescriptor.GetUserOrGroupPermissions(ace.AccessMask); } else if (ace.AceType == 1) { DeniedPermissions = _securityDescriptor.GetUserOrGroupPermissions(ace.AccessMask); } } } //Check for the acetype for each permission in a set foreach (string permission in possiblePermissions) { bool IsAllowed = false; bool IsDenied = false; if (AllowedPermissions.Contains(permission)) { IsAllowed = true; } if (DeniedPermissions.Contains(permission)) { IsDenied = true; } //Need to set the the values depends on the data from the security descriptor dgPermissions.Rows.Add(new object[] { permission, IsAllowed, IsDenied }); } }