/// <summary> /// Creates a Security Descriptor from an SDDL string /// </summary> /// <param name="sddlString">The SDDL string that represents the Security Descriptor</param> /// <exception cref="System.FormatException">Invalid SDDL String Format</exception> public SecurityDescriptor(SddlString sddlString) { Match m = CommonRegex.SddlStringRegex.Match(sddlString.ToString()); if (!m.Success) { throw new FormatException("Invalid SDDL String Format"); } this.sddlString = sddlString; if (m.Groups["owner"] != null && m.Groups["owner"].Success && !String.IsNullOrEmpty(m.Groups["owner"].Value)) { this.Owner = SecurityIdentity.SecurityIdentityFromSIDorAbbreviation(m.Groups["owner"].Value); } if (m.Groups["group"] != null && m.Groups["group"].Success && !String.IsNullOrEmpty(m.Groups["group"].Value)) { this.Group = SecurityIdentity.SecurityIdentityFromSIDorAbbreviation(m.Groups["group"].Value); } if (m.Groups["dacl"] != null && m.Groups["dacl"].Success && !String.IsNullOrEmpty(m.Groups["dacl"].Value)) { this.DACL = new AccessControlListEx(m.Groups["dacl"].Value); } if (m.Groups["sacl"] != null && m.Groups["sacl"].Success && !String.IsNullOrEmpty(m.Groups["sacl"].Value)) { this.SACL = new AccessControlListEx(m.Groups["sacl"].Value); } }
/// <summary> /// Creates a deep copy of an existing Access Control Entry /// </summary> /// <param name="original">Original AccessControlEntry</param> public AccessControlEntryEx(AccessControlEntryEx original) { this.accountSID = original.accountSID; this.aceType = original.aceType; this.flags = original.flags; this.inheritObjectGuid = original.inheritObjectGuid; this.objectGuid = original.objectGuid; this.rights = original.rights; }
public override Boolean Equals(object obj) { if (obj == null) { return(false); } if (obj is SecurityIdentity) { SecurityIdentity sd = ( SecurityIdentity )obj; return(String.Compare(this.sid, sd.sid, true) == 0); } else { return(false); } }
/// <summary> /// Creates a Security Identity from a SID string /// </summary> /// <param name="sid"> /// A SID string (Format: S-1-1-...) or well known SID abbreviation (e.g. DA) /// </param> /// <returns>A populated Security Identity</returns> public static SecurityIdentity SecurityIdentityFromSIDorAbbreviation(string value) { if (value == null) { throw new ArgumentNullException(nameof(sid)); } if (value.Length == 0) { throw new ArgumentException("Argument 'value' cannot be the empty string.", "value"); } if (!value.StartsWith("S-")) { // If the string is not a SID string (S-1-n-...) assume it is a SDDL abbreviation return(new SecurityIdentity(SecurityIdentity.GetWellKnownSidTypeFromSddlAbbreviation(value))); } return(new SecurityIdentity(value)); }
/// <summary> /// Creates a Access Control Entry of type AccessAllowed with account SID, Type and Rights /// </summary> /// <param name="account">Account SID</param> /// <param name="aceType">Type of Access Control</param> /// <param name="rights">Rights</param> public AccessControlEntryEx(SecurityIdentity account, AceType aceType, AceRights rights) { this.accountSID = account; this.aceType = aceType; this.rights = rights; }
/// <summary> /// Creates a Access Control Entry with account SID /// </summary> /// <param name="account">Account SID</param> public AccessControlEntryEx(SecurityIdentity account) { this.accountSID = account; }
/// <summary> /// Creates a Access Control Entry from a ACE string /// </summary> /// <param name="aceString">ACE string</param> public AccessControlEntryEx(string aceString) { Regex aceRegex = new Regex(cAceExpr, RegexOptions.IgnoreCase); Match aceMatch = aceRegex.Match(aceString); if (!aceMatch.Success) { throw new FormatException("Invalid ACE String Format"); } if (aceMatch.Groups["ace_type"] != null && aceMatch.Groups["ace_type"].Success && !String.IsNullOrEmpty(aceMatch.Groups["ace_type"].Value)) { Int32 aceTypeValue = Array.IndexOf <string>(AccessControlEntryEx.aceTypeStrings, aceMatch.Groups["ace_type"].Value.ToUpper()); if (aceTypeValue == -1) { throw new FormatException("Invalid ACE String Format"); } this.aceType = ( AceType )aceTypeValue; } else { throw new FormatException("Invalid ACE String Format"); } if (aceMatch.Groups["ace_flags"] != null && aceMatch.Groups["ace_flags"].Success && !String.IsNullOrEmpty(aceMatch.Groups["ace_flags"].Value)) { string aceFlagsValue = aceMatch.Groups["ace_flags"].Value.ToUpper(); for (Int32 i = 0; i < aceFlagsValue.Length - 1; i += 2) { Int32 flagValue = Array.IndexOf <string>(AccessControlEntryEx.aceFlagStrings, aceFlagsValue.Substring(i, 2)); if (flagValue == -1) { throw new FormatException("Invalid ACE String Format"); } this.flags = this.flags | (( AceFlags )( Int32 )Math.Pow(2.0d, flagValue)); } } if (aceMatch.Groups["rights"] != null && aceMatch.Groups["rights"].Success && !String.IsNullOrEmpty(aceMatch.Groups["rights"].Value)) { string rightsValue = aceMatch.Groups["rights"].Value.ToUpper(); for (Int32 i = 0; i < rightsValue.Length - 1; i += 2) { Int32 rightValue = Array.IndexOf <string>(AccessControlEntryEx.rightsStrings, rightsValue.Substring(i, 2)); if (rightValue == -1) { throw new FormatException("Invalid ACE String Format"); } this.rights = this.rights | ( AceRights )( Int32 )Math.Pow(2.0d, rightValue); } } if (aceMatch.Groups["object_guid"] != null && aceMatch.Groups["object_guid"].Success && !String.IsNullOrEmpty(aceMatch.Groups["object_guid"].Value)) { this.objectGuid = new Guid(aceMatch.Groups["object_guid"].Value); } if (aceMatch.Groups["inherit_object_guid"] != null && aceMatch.Groups["inherit_object_guid"].Success && !String.IsNullOrEmpty(aceMatch.Groups["inherit_object_guid"].Value)) { this.inheritObjectGuid = new Guid(aceMatch.Groups["inherit_object_guid"].Value); } if (aceMatch.Groups["account_sid"] != null && aceMatch.Groups["account_sid"].Success && !String.IsNullOrEmpty(aceMatch.Groups["account_sid"].Value)) { this.accountSID = SecurityIdentity.SecurityIdentityFromSIDorAbbreviation(aceMatch.Groups["account_sid"].Value.ToUpper()); } else { throw new FormatException("Invalid ACE String Format"); } }