public static void Main(string[] args)
{
var queuePath = new QueuePath(".", "queue");
try
{
var aceMask = MSMQSecurity.GetAccessMask(queuePath, @"username");
Console.WriteLine(aceMask);
if ((aceMask & MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE) == MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE)
{
Console.WriteLine("Has receive access");
}
else
{
Console.WriteLine("Doesn't have receive access");
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadKey();
}
public static void Main(string[] args)
{
var queuePath = new QueuePath(".", "queue");
try
{
var aceMask = MSMQSecurity.GetAccessMask(queuePath, @"username");
Console.WriteLine(aceMask);
if ((aceMask & MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE) == MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE)
{
Console.WriteLine("Has receive access");
}
else
{
Console.WriteLine("Doesn't have receive access");
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadKey();
}
/// <summary>
/// Returns the access control entry flags for the given user on the given queue. Throws if
/// user, queue, or ACE are not found.
/// </summary>
public static MQQUEUEACCESSMASK GetAccessMask(QueuePath queuePath, string username)
{
var sid = GetSidForUser(username);
var gcHandleSecurityDescriptor = GetSecurityDescriptorHandle(queuePath);
var ace = GetAce(gcHandleSecurityDescriptor.AddrOfPinnedObject(), sid);
var aceMask = ace.Mask;
gcHandleSecurityDescriptor.Free();
return aceMask;
}
/// <summary>
/// Returns the access control entry flags for the given user on the given queue. Throws if
/// user, queue, or ACE are not found.
/// </summary>
public static MQQUEUEACCESSMASK GetAccessMask(QueuePath queuePath, string username)
{
var sid = GetSidForUser(username);
var gcHandleSecurityDescriptor = GetSecurityDescriptorHandle(queuePath);
var ace = GetAce(gcHandleSecurityDescriptor.AddrOfPinnedObject(), sid);
var aceMask = ace.Mask;
gcHandleSecurityDescriptor.Free();
return(aceMask);
}
private static GCHandle GetSecurityDescriptorHandle(QueuePath queuePath)
{
byte[] securityDescriptorBytes;
int length;
int lengthNeeded;
uint result;
string formatName = queuePath.ToString();
//Call MQGetQueueSecurity two times. The first time, set the nLength
//parameter to 0. The function then informs you of the size that you need for the
//security descriptor in lpnLengthNeeded.
result = MSMQSecurity.MQGetQueueSecurity(
formatName
, (int)SecurityInformation.Dacl
, IntPtr.Zero
, 0
, out lengthNeeded);
if (result != MSMQSecurity.MQ_ERROR_SECURITY_DESCRIPTOR_TOO_SMALL)
{
//Something went wrong. Display error, and then exit.
string message = "There was an error calling MQGetQueueSecurity."
+ Environment.NewLine
+ "Error Number: " + result.ToString()
+ Environment.NewLine
+ "Error Message: " + MSMQSecurity.GetErrorMessage(result);
throw new Exception(message);
}
//Now we know how big to make the security descriptor.
length = lengthNeeded;
securityDescriptorBytes = new byte[length];
//Get a pointer to the SD
IntPtr pSecurityDescriptor = new IntPtr();
GCHandle gcHandleSecurityDescriptor = GCHandle.Alloc(securityDescriptorBytes, GCHandleType.Pinned);
pSecurityDescriptor = gcHandleSecurityDescriptor.AddrOfPinnedObject();
//Call MQGetQueueSecurity
result = MSMQSecurity.MQGetQueueSecurity(
formatName
, (int)SecurityInformation.Dacl
, pSecurityDescriptor
, length
, out lengthNeeded);
if (result != MSMQSecurity.MQ_OK)
{
gcHandleSecurityDescriptor.Free();
//Something else went wrong. Display error, and then exit.
string message = "There was an error calling MQGetQueueSecurity to read the SecurityDescriptor."
+ Environment.NewLine
+ "Error Number: " + result.ToString()
+ Environment.NewLine
+ "Error Message: " + MSMQSecurity.GetErrorMessage(result);
throw new Exception(message);
}
var securityDescriptor = new SECURITY_DESCRIPTOR();
Marshal.PtrToStructure(pSecurityDescriptor, securityDescriptor);
return gcHandleSecurityDescriptor;
}
private static GCHandle GetSecurityDescriptorHandle(QueuePath queuePath)
{
byte[] securityDescriptorBytes;
int length;
int lengthNeeded;
uint result;
string formatName = queuePath.ToString();
//Call MQGetQueueSecurity two times. The first time, set the nLength
//parameter to 0. The function then informs you of the size that you need for the
//security descriptor in lpnLengthNeeded.
result = MSMQSecurity.MQGetQueueSecurity(
formatName
, (int)SecurityInformation.Dacl
, IntPtr.Zero
, 0
, out lengthNeeded);
if (result != MSMQSecurity.MQ_ERROR_SECURITY_DESCRIPTOR_TOO_SMALL)
{
//Something went wrong. Display error, and then exit.
string message = "There was an error calling MQGetQueueSecurity."
+ Environment.NewLine
+ "Error Number: " + result.ToString()
+ Environment.NewLine
+ "Error Message: " + MSMQSecurity.GetErrorMessage(result);
throw new Exception(message);
}
//Now we know how big to make the security descriptor.
length = lengthNeeded;
securityDescriptorBytes = new byte[length];
//Get a pointer to the SD
IntPtr pSecurityDescriptor = new IntPtr();
GCHandle gcHandleSecurityDescriptor = GCHandle.Alloc(securityDescriptorBytes, GCHandleType.Pinned);
pSecurityDescriptor = gcHandleSecurityDescriptor.AddrOfPinnedObject();
//Call MQGetQueueSecurity
result = MSMQSecurity.MQGetQueueSecurity(
formatName
, (int)SecurityInformation.Dacl
, pSecurityDescriptor
, length
, out lengthNeeded);
if (result != MSMQSecurity.MQ_OK)
{
gcHandleSecurityDescriptor.Free();
//Something else went wrong. Display error, and then exit.
string message = "There was an error calling MQGetQueueSecurity to read the SecurityDescriptor."
+ Environment.NewLine
+ "Error Number: " + result.ToString()
+ Environment.NewLine
+ "Error Message: " + MSMQSecurity.GetErrorMessage(result);
throw new Exception(message);
}
var securityDescriptor = new SECURITY_DESCRIPTOR();
Marshal.PtrToStructure(pSecurityDescriptor, securityDescriptor);
return(gcHandleSecurityDescriptor);
}