78 lines
2.8 KiB
C
78 lines
2.8 KiB
C
//*********************************************************
|
|
//
|
|
// Copyright (c) Microsoft. All rights reserved.
|
|
// THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
|
|
// ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
|
|
// IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
|
|
// PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
|
|
//
|
|
//*********************************************************
|
|
#ifndef _UTILITY_H_
|
|
#define _UTILITY_H_
|
|
#include <aclui.h>
|
|
#include <aclapi.h>
|
|
#include <windows.h>
|
|
#include "resource.h"
|
|
|
|
// INHERIT_ONLY_ACE and NO_PROPAGATE_INHERIT_ACE are inheritable ACEs,
|
|
// but if they don't have OBJECT or CONTAINER inheritance set, then
|
|
// they aren't considered.
|
|
#define IsInheritableAce(aceFlags) \
|
|
(IS_FLAG_SET((aceFlags), OBJECT_INHERIT_ACE) || \
|
|
IS_FLAG_SET((aceFlags), CONTAINER_INHERIT_ACE))
|
|
|
|
#define IsAccessAllowedAce(aceType) \
|
|
((aceType) == ACCESS_ALLOWED_CALLBACK_ACE_TYPE ||\
|
|
(aceType) == ACCESS_ALLOWED_ACE_TYPE)
|
|
|
|
#define FailGracefully(hr, text) \
|
|
{ if ( FAILED(hr) ) { wprintf(text); goto exit_gracefully; } }
|
|
|
|
#define FailGracefullyGLE(bResult, text) \
|
|
{ if ( (bResult) == FALSE ) { errorCode = GetLastError(); \
|
|
hr = HRESULT_FROM_WIN32(errorCode); \
|
|
if ( FAILED(HRESULT_FROM_WIN32(hr)) ) { wprintf(text); \
|
|
goto exit_gracefully; } } }
|
|
|
|
#define ARGUMENT_PRESENT(ArgumentPointer) (\
|
|
(CHAR *)((ULONG_PTR)(ArgumentPointer)) != (CHAR *)(NULL) )
|
|
|
|
// Allocates space for 'dest' and copies 'source' into it
|
|
HRESULT AllocAndCopyString(_In_ PCWSTR source, _Outptr_ PWSTR *dest);
|
|
|
|
// Removes all ACEs with the "ID" flag set from ppAcl.
|
|
HRESULT RemoveAllInheritedAces(PACL *acl);
|
|
|
|
HRESULT AddAllAcesFromAcl(PACL sourceAcl, PACL *destAcl, bool onlyAddUnique);
|
|
|
|
HRESULT RemoveExplicitUniqueAces(PACL acl, PACL *destAcl);
|
|
|
|
// Determine if an ACE is in an ACL.
|
|
// acl - the ACL
|
|
// ace - the ACE to check for
|
|
// lpbAcePresent - this will be set to true if the ACE exists in the ACL
|
|
// forInheritancePurposes - if true, this will ignore the "ID" flag on the ACE
|
|
// and other inheritance flags on ACEs in the ACL
|
|
HRESULT ACEAlreadyInACL(
|
|
_In_ PACL acl,
|
|
_In_ LPVOID ace,
|
|
_Out_ LPBOOL lpbAcePresent,
|
|
_In_ bool forInheritancePurposes);
|
|
|
|
HRESULT AddAceToAcl(LPVOID pNewAce, PACL *acl, bool bAddToEndOfList);
|
|
|
|
LPVOID GetSidStart(BYTE aceType, LPVOID ace);
|
|
|
|
HRESULT AddInheritableAcesFromAcl(PACL sourceAcl, PACL *destAcl);
|
|
|
|
HRESULT GetSizeOfAllInheritableAces(PACL acl, DWORD &dwSizeNeeded);
|
|
|
|
// Converts a self-relative security descriptor to absolute.
|
|
// Note: GetSecurityDescriptor* APIs work either with self-relative OR absolute,
|
|
// but SetSecurityDescriptorDacl will only work with absolute.
|
|
HRESULT ConvertSecurityDescriptor(
|
|
PSECURITY_DESCRIPTOR pSelfRelSD,
|
|
PSECURITY_DESCRIPTOR *absoluteSD);
|
|
|
|
#endif // _UTILITY_H_
|