home *** CD-ROM | disk | FTP | other *** search
/ Tricks of the Windows Gam…ming Gurus (2nd Edition) / Disc2.iso / msdn_vcb / samples / vc98 / sdk / sdktools / winnt / cacls / dumpsec.cxx < prev    next >
Encoding:
C/C++ Source or Header  |  1995-03-14  |  6.2 KB  |  211 lines
  1. //+------------------------------------------------------------------
  2. //
  3. // Copyright (C) 1995, Microsoft Corporation.
  4. //
  5. // File:        DumpSec.cxx
  6. //
  7. // Contents:    class to dump file security ACL
  8. //
  9. // Classes:     CDumpSecurity
  10. //
  11. // History:     Nov-93      DaveMont         Created.
  12. //
  13. //-------------------------------------------------------------------
  14.  
  15. #include <DumpSec.hxx>
  16.  
  17. //+---------------------------------------------------------------------------
  18. //
  19. //  Member:     CDumpSecurity::CDumpSecurity, public
  20. //
  21. //  Synopsis:   initialized data members, constructor will not throw
  22. //
  23. //  Arguments:  IN [pfilename] - name of file to dump security for
  24. //
  25. //----------------------------------------------------------------------------
  26. CDumpSecurity::CDumpSecurity(WCHAR *pfilename)
  27.     : _psd(NULL),
  28.       _pwfilename(pfilename),
  29.       _pdacl(NULL),
  30.       _pah(NULL),
  31.       _psid(NULL),
  32.       _cacethissid(0)
  33. {
  34. }
  35. //+---------------------------------------------------------------------------
  36. //
  37. //  Member:     CDumpSecurity::Init, public
  38. //
  39. //  Synopsis:   Init must be called before any other methods - this
  40. //              is not enforced.  Init gets the security descriptor and
  41. //              ACL for the file
  42. //
  43. //  Arguments:  none
  44. //
  45. //----------------------------------------------------------------------------
  46. ULONG CDumpSecurity::Init()
  47. {
  48.     ULONG ret;
  49.     ULONG cpsd;
  50.  
  51.     // get the size of the security buffer
  52.  
  53.     if (!GetFileSecurity(_pwfilename,
  54.                          DACL_SECURITY_INFORMATION |
  55.                          GROUP_SECURITY_INFORMATION |
  56.                          OWNER_SECURITY_INFORMATION,
  57.                          NULL,
  58.                          0,
  59.                          &cpsd) )
  60.     {
  61.         if (ERROR_INSUFFICIENT_BUFFER == (ret = GetLastError()))
  62.         {
  63.             if ( NULL == ( _psd = (BYTE *)LocalAlloc(LMEM_FIXED, cpsd)))
  64.             {
  65.                  return(ERROR_NOT_ENOUGH_MEMORY);
  66.             }
  67.  
  68.             // actually get the buffer this time
  69.  
  70.             if ( GetFileSecurity(_pwfilename,
  71.                                  DACL_SECURITY_INFORMATION |
  72.                                  GROUP_SECURITY_INFORMATION |
  73.                                  OWNER_SECURITY_INFORMATION,
  74.                                  _psd,
  75.                                  cpsd,
  76.                                  &cpsd) )
  77.             {
  78.                 BOOL fdaclpresent;
  79.                 BOOL cod;
  80.  
  81.                 // get the ACL
  82.  
  83.                 if ( GetSecurityDescriptorDacl(_psd,
  84.                                            &fdaclpresent,
  85.                                            &_pdacl,
  86.                                            &cod) )
  87.  
  88.                 {
  89.                     if (!fdaclpresent)
  90.                     {
  91.                         _pdacl = NULL;
  92.                         return(ERROR_NO_SECURITY_ON_OBJECT);
  93.                     }
  94.                     // save the ACL location
  95.  
  96.                     _pah = (ACE_HEADER *)Add2Ptr(_pdacl, sizeof(ACL));
  97.                     return(ERROR_SUCCESS);
  98.  
  99.                 } else
  100.                    return(GetLastError());
  101.             } else
  102.                return(GetLastError());
  103.         }
  104.     } else
  105.         return(ERROR_NO_SECURITY_ON_OBJECT);
  106.  
  107.     return(ret);
  108. }
  109. //+---------------------------------------------------------------------------
  110. //
  111. //  Member:     Dtor, public
  112. //
  113. //  Synopsis:   frees the security descriptor
  114. //
  115. //  Arguments:  none
  116. //
  117. //----------------------------------------------------------------------------
  118. CDumpSecurity::~CDumpSecurity()
  119. {
  120.     if (_psd)
  121.     {
  122.         LocalFree(_psd);
  123.     }
  124. }
  125. //+---------------------------------------------------------------------------
  126. //
  127. //  Member:     CDumpSecurity::GetSDOwner, public
  128. //
  129. //  Synopsis:   returns the owner of the file
  130. //
  131. //  Arguments:  OUT [psid] - address of the returned sid
  132. //
  133. //----------------------------------------------------------------------------
  134. ULONG CDumpSecurity::GetSDOwner(SID **psid)
  135. {
  136.     BOOL cod;
  137.     if ( GetSecurityDescriptorOwner(_psd, (void **)psid, &cod) )
  138.         return(0);
  139.     else
  140.         return(GetLastError());
  141. }
  142.  
  143. //+---------------------------------------------------------------------------
  144. //
  145. //  Member:     CDumpSecurity::GetSDGroup, public
  146. //
  147. //  Synopsis:   returns the group from the file
  148. //
  149. //  Arguments:  OUT [pgsid] - address of the returned group sid
  150. //
  151. //----------------------------------------------------------------------------
  152. ULONG CDumpSecurity::GetSDGroup(SID **pgsid)
  153. {
  154.     BOOL cod;
  155.     if ( GetSecurityDescriptorGroup(_psd, (void **)pgsid, &cod) )
  156.         return(0);
  157.     else
  158.         return(GetLastError());
  159. }
  160.  
  161. //+---------------------------------------------------------------------------
  162. //
  163. //  Member:     CDumpSecurity::ResetAce, public
  164. //
  165. //  Synopsis:   sets the 'ace' index to the start of the DACL
  166. //
  167. //  Arguments:  IN - [psid] - the SID to find aces for
  168. //
  169. //----------------------------------------------------------------------------
  170. VOID CDumpSecurity::ResetAce(SID *psid)
  171. {
  172.  
  173.     _psid = psid;
  174.     _cacethissid = 0;
  175.     if (_pdacl)
  176.         _pah = (ACE_HEADER *)Add2Ptr(_pdacl, sizeof(ACL));
  177. }
  178. //+---------------------------------------------------------------------------
  179. //
  180. //  Member:     CDumpSecurity::GetNextAce, public
  181. //
  182. //  Synopsis:   gets the next ACE from the DACL for the specified SID
  183. //
  184. //  Arguments:  OUT  [pace] - pointer to the next ace for the SID passed
  185. //                            in at the last reset.
  186. //
  187. //  Returns:    the number of the ACE
  188. //
  189. //----------------------------------------------------------------------------
  190. LONG CDumpSecurity::GetNextAce(ACE_HEADER **paceh)
  191. {
  192.     LONG ret = -1;
  193.  
  194.     if (_pdacl)
  195.     {
  196.         for (;_cacethissid < _pdacl->AceCount;
  197.             _cacethissid++, _pah = (ACE_HEADER *)Add2Ptr(_pah, _pah->AceSize))
  198.         {
  199.             if (!_psid || EqualSid(_psid,(SID *)&((ACCESS_ALLOWED_ACE *)_pah)->SidStart) )
  200.             {
  201.                *paceh = _pah;
  202.                 ret = _cacethissid++;
  203.                 _pah = (ACE_HEADER *)Add2Ptr(_pah, _pah->AceSize);
  204.                 break;
  205.             }
  206.         }
  207.     }
  208.     return(ret);
  209. }
  210.  
  211.