windows-nt/Source/XPSP1/NT/ds/security/tools/dsacls/dsacls.h

/*++

Copyright (c) 1996  Microsoft Corporation

Module Name:

    dsacls.h

Abstract:

    The main header file for the dsacls tool

Author:

    Mac McLain  (MacM)    10-02-96

Environment:

    User Mode

Revision History:


--*/

#ifndef _DSACLS_H
#define _DSACLS_H

#include <caclsmsg.h>
#include "accctrl.h"

#define FLAG_ON(flags,bit)        ((flags) & (bit))
//Some Error Checking Macros
#define CHECK_NULL( ptr, jump_loc )  \
if( ptr == NULL ) \
{  \
   dwErr = ERROR_NOT_ENOUGH_MEMORY; \
   goto jump_loc; \
}  


#define CHECK_HR( hr, jump_loc ) \
if( hr != S_OK )  \
{  \
   dwErr = HRESULT_CODE( hr );   \
   goto jump_loc; \
}  \

//
// Local prototypes
//
#if DSACL_DBG
ULONG gfDebug;
#endif

//
// Type of operation to perform
//
typedef enum _DSACLS_OP
{
    REVOKE = 0,
    GRANT,
    DENY
} DSACLS_OP;

#define DSACLS_EXTRA_INFO_NONE      0
#define DSACLS_EXTRA_INFO_REQUIRED  1
#define DSACLS_EXTRA_INFO_OPTIONAL  2

typedef struct _DSACLS_ARG {
    ULONG ResourceId;
    PWSTR String;
    ULONG Length;
    ULONG StartIndex;
    ULONG Flag;
    ULONG SkipCount;
    BOOLEAN SkipNonFlag;
    WORD ExtraInfo;
} DSACLS_ARG, *PDSACLS_ARG;

typedef struct _DSACLS_INHERIT {
    ULONG ResourceId;
    PWSTR String;
    ULONG Length;
    BOOLEAN ValidForInput;
    ULONG InheritFlag;

} DSACLS_INHERIT, *PDSACLS_INHERIT;

typedef struct _DSACLS_RIGHTS {
    ULONG ResourceId;
    PWSTR String;
    ULONG ResourceIdEx;
    PWSTR StringEx;
    ULONG Length;
    ULONG Right;

} DSACLS_RIGHTS, *PDSACLS_RIGHTS;

typedef struct _DSACLS_PROTECT {
   ULONG ResourceId;
   PWSTR String;
   ULONG Length;
   ULONG Right;
} DSACLS_PROTECT, *PDSACLS_PROTECT;

extern LPWSTR g_szSchemaNamingContext;
extern LPWSTR g_szConfigurationNamingContext;
extern HMODULE g_hInstance;
extern LPWSTR g_szServerName;
extern CCache *g_Cache;

//
// Prototypes from dsacls.c
//


DWORD 
InitializeGlobalArrays();

DWORD
ConvertArgvToUnicode( LPWSTR * wargv, 
                      char ** argv, 
                      int argc ) ;

DWORD
WriteObjectSecurity( IN LPWSTR pszObject,
                     IN SECURITY_INFORMATION si,
                     IN PSECURITY_DESCRIPTOR pSD );


//
// prototypes from refresh.c
//
DWORD
SetDefaultSecurityOnObjectTree(
    IN PWSTR ObjectPath,
    IN BOOLEAN Propagate,
	IN SECURITY_INFORMATION Protection
    );


void MapGeneric( ACCESS_MASK * pMask );
void DisplayAccessRights( UINT nSpace, ACCESS_MASK m_Mask );

void ConvertAccessMaskToGenericString( ACCESS_MASK m_Mask, LPWSTR szLoadBuffer, UINT nBuffer );
DWORD BuildExplicitAccess( IN PSID pSid,
                           IN GUID* pGuidObject,
                           IN GUID* pGuidInherit,
                           IN ACCESS_MODE AccessMode,
                           IN ULONG Access,
                           IN ULONG Inheritance,
                           OUT PEXPLICIT_ACCESS pExplicitAccess );


DWORD ParseUserAndPermissons( IN LPWSTR pszArgument,
                              IN DSACLS_OP Op,
                              IN ULONG RightsListCount,
                              IN PDSACLS_RIGHTS RightsList,
                              OUT LPWSTR * ppszTrusteeName,
                              OUT PULONG  pAccess,
                              OUT LPWSTR * ppszObjectId,
                              OUT LPWSTR * ppszInheritId );

//
// Define the rights used in the DS
//

#define RIGHT_DS_CREATE_CHILD     ACTRL_DS_CREATE_CHILD
#define RIGHT_DS_DELETE_CHILD     ACTRL_DS_DELETE_CHILD
#define RIGHT_DS_DELETE_SELF      DELETE
#define RIGHT_DS_LIST_CONTENTS    ACTRL_DS_LIST
#define RIGHT_DS_WRITE_PROPERTY_EXTENDED  ACTRL_DS_SELF
#define RIGHT_DS_READ_PROPERTY    ACTRL_DS_READ_PROP
#define RIGHT_DS_WRITE_PROPERTY   ACTRL_DS_WRITE_PROP
#define RIGHT_DS_DELETE_TREE      ACTRL_DS_DELETE_TREE
#define RIGHT_DS_LIST_OBJECT      ACTRL_DS_LIST_OBJECT
#ifndef ACTRL_DS_CONTROL_ACCESS
#define ACTRL_DS_CONTROL_ACCESS   ACTRL_PERM_9
#endif
#define RIGHT_DS_CONTROL_ACCESS   ACTRL_DS_CONTROL_ACCESS
//
// Define the generic rights
//

// generic read
#define GENERIC_READ_MAPPING     ((STANDARD_RIGHTS_READ)     | \
                                  (RIGHT_DS_LIST_CONTENTS)   | \
                                  (RIGHT_DS_READ_PROPERTY)   | \
                                  (RIGHT_DS_LIST_OBJECT))

// generic execute
#define GENERIC_EXECUTE_MAPPING  ((STANDARD_RIGHTS_EXECUTE)  | \
                                  (RIGHT_DS_LIST_CONTENTS))
// generic right
#define GENERIC_WRITE_MAPPING    ((STANDARD_RIGHTS_WRITE)    | \
                                  (RIGHT_DS_WRITE_PROPERTY_EXTENDED)  | \
                  (RIGHT_DS_WRITE_PROPERTY))
// generic all

#define GENERIC_ALL_MAPPING      ((STANDARD_RIGHTS_REQUIRED) | \
                                  (RIGHT_DS_CREATE_CHILD)    | \
                                  (RIGHT_DS_DELETE_CHILD)    | \
                                  (RIGHT_DS_DELETE_TREE)     | \
                                  (RIGHT_DS_READ_PROPERTY)   | \
                                  (RIGHT_DS_WRITE_PROPERTY)  | \
                                  (RIGHT_DS_LIST_CONTENTS)   | \
                                  (RIGHT_DS_LIST_OBJECT)     | \
                                  (RIGHT_DS_CONTROL_ACCESS)  | \
                                  (RIGHT_DS_WRITE_PROPERTY_EXTENDED))

//
// Standard DS generic access rights mapping
//

#define DS_GENERIC_MAPPING {GENERIC_READ_MAPPING,    \
                GENERIC_WRITE_MAPPING,   \
                GENERIC_EXECUTE_MAPPING, \
                GENERIC_ALL_MAPPING}


#endif
Add source files 2020-09-26 03:20:57 -05:00			`/*++`

			`Copyright (c) 1996 Microsoft Corporation`

			`Module Name:`

			`dsacls.h`

			`Abstract:`

			`The main header file for the dsacls tool`

			`Author:`

			`Mac McLain (MacM) 10-02-96`

			`Environment:`

			`User Mode`

			`Revision History:`


			`--*/`

			`#ifndef _DSACLS_H`
			`#define _DSACLS_H`

			`#include <caclsmsg.h>`
			`#include "accctrl.h"`

			`#define FLAG_ON(flags,bit) ((flags) & (bit))`
			`//Some Error Checking Macros`
			`#define CHECK_NULL( ptr, jump_loc ) \`
			`if( ptr == NULL ) \`
			`{ \`
			`dwErr = ERROR_NOT_ENOUGH_MEMORY; \`
			`goto jump_loc; \`
			`}`


			`#define CHECK_HR( hr, jump_loc ) \`
			`if( hr != S_OK ) \`
			`{ \`
			`dwErr = HRESULT_CODE( hr ); \`
			`goto jump_loc; \`
			`} \`

			`//`
			`// Local prototypes`
			`//`
			`#if DSACL_DBG`
			`ULONG gfDebug;`
			`#endif`

			`//`
			`// Type of operation to perform`
			`//`
			`typedef enum _DSACLS_OP`
			`{`
			`REVOKE = 0,`
			`GRANT,`
			`DENY`
			`} DSACLS_OP;`

			`#define DSACLS_EXTRA_INFO_NONE 0`
			`#define DSACLS_EXTRA_INFO_REQUIRED 1`
			`#define DSACLS_EXTRA_INFO_OPTIONAL 2`

			`typedef struct _DSACLS_ARG {`
			`ULONG ResourceId;`
			`PWSTR String;`
			`ULONG Length;`
			`ULONG StartIndex;`
			`ULONG Flag;`
			`ULONG SkipCount;`
			`BOOLEAN SkipNonFlag;`
			`WORD ExtraInfo;`
			`} DSACLS_ARG, *PDSACLS_ARG;`

			`typedef struct _DSACLS_INHERIT {`
			`ULONG ResourceId;`
			`PWSTR String;`
			`ULONG Length;`
			`BOOLEAN ValidForInput;`
			`ULONG InheritFlag;`

			`} DSACLS_INHERIT, *PDSACLS_INHERIT;`

			`typedef struct _DSACLS_RIGHTS {`
			`ULONG ResourceId;`
			`PWSTR String;`
			`ULONG ResourceIdEx;`
			`PWSTR StringEx;`
			`ULONG Length;`
			`ULONG Right;`

			`} DSACLS_RIGHTS, *PDSACLS_RIGHTS;`

			`typedef struct _DSACLS_PROTECT {`
			`ULONG ResourceId;`
			`PWSTR String;`
			`ULONG Length;`
			`ULONG Right;`
			`} DSACLS_PROTECT, *PDSACLS_PROTECT;`

			`extern LPWSTR g_szSchemaNamingContext;`
			`extern LPWSTR g_szConfigurationNamingContext;`
			`extern HMODULE g_hInstance;`
			`extern LPWSTR g_szServerName;`
			`extern CCache *g_Cache;`

			`//`
			`// Prototypes from dsacls.c`
			`//`


			`DWORD`
			`InitializeGlobalArrays();`

			`DWORD`
			`ConvertArgvToUnicode( LPWSTR * wargv,`
			`char ** argv,`
			`int argc ) ;`

			`DWORD`
			`WriteObjectSecurity( IN LPWSTR pszObject,`
			`IN SECURITY_INFORMATION si,`
			`IN PSECURITY_DESCRIPTOR pSD );`





			`//`
			`// prototypes from refresh.c`
			`//`
			`DWORD`
			`SetDefaultSecurityOnObjectTree(`
			`IN PWSTR ObjectPath,`
			`IN BOOLEAN Propagate,`
			`IN SECURITY_INFORMATION Protection`
			`);`


			`void MapGeneric( ACCESS_MASK * pMask );`
			`void DisplayAccessRights( UINT nSpace, ACCESS_MASK m_Mask );`

			`void ConvertAccessMaskToGenericString( ACCESS_MASK m_Mask, LPWSTR szLoadBuffer, UINT nBuffer );`
			`DWORD BuildExplicitAccess( IN PSID pSid,`
			`IN GUID* pGuidObject,`
			`IN GUID* pGuidInherit,`
			`IN ACCESS_MODE AccessMode,`
			`IN ULONG Access,`
			`IN ULONG Inheritance,`
			`OUT PEXPLICIT_ACCESS pExplicitAccess );`


			`DWORD ParseUserAndPermissons( IN LPWSTR pszArgument,`
			`IN DSACLS_OP Op,`
			`IN ULONG RightsListCount,`
			`IN PDSACLS_RIGHTS RightsList,`
			`OUT LPWSTR * ppszTrusteeName,`
			`OUT PULONG pAccess,`
			`OUT LPWSTR * ppszObjectId,`
			`OUT LPWSTR * ppszInheritId );`

			`//`
			`// Define the rights used in the DS`
			`//`

			`#define RIGHT_DS_CREATE_CHILD ACTRL_DS_CREATE_CHILD`
			`#define RIGHT_DS_DELETE_CHILD ACTRL_DS_DELETE_CHILD`
			`#define RIGHT_DS_DELETE_SELF DELETE`
			`#define RIGHT_DS_LIST_CONTENTS ACTRL_DS_LIST`
			`#define RIGHT_DS_WRITE_PROPERTY_EXTENDED ACTRL_DS_SELF`
			`#define RIGHT_DS_READ_PROPERTY ACTRL_DS_READ_PROP`
			`#define RIGHT_DS_WRITE_PROPERTY ACTRL_DS_WRITE_PROP`
			`#define RIGHT_DS_DELETE_TREE ACTRL_DS_DELETE_TREE`
			`#define RIGHT_DS_LIST_OBJECT ACTRL_DS_LIST_OBJECT`
			`#ifndef ACTRL_DS_CONTROL_ACCESS`
			`#define ACTRL_DS_CONTROL_ACCESS ACTRL_PERM_9`
			`#endif`
			`#define RIGHT_DS_CONTROL_ACCESS ACTRL_DS_CONTROL_ACCESS`
			`//`
			`// Define the generic rights`
			`//`

			`// generic read`
			`#define GENERIC_READ_MAPPING ((STANDARD_RIGHTS_READ) \| \`
			`(RIGHT_DS_LIST_CONTENTS) \| \`
			`(RIGHT_DS_READ_PROPERTY) \| \`
			`(RIGHT_DS_LIST_OBJECT))`

			`// generic execute`
			`#define GENERIC_EXECUTE_MAPPING ((STANDARD_RIGHTS_EXECUTE) \| \`
			`(RIGHT_DS_LIST_CONTENTS))`
			`// generic right`
			`#define GENERIC_WRITE_MAPPING ((STANDARD_RIGHTS_WRITE) \| \`
			`(RIGHT_DS_WRITE_PROPERTY_EXTENDED) \| \`
			`(RIGHT_DS_WRITE_PROPERTY))`
			`// generic all`

			`#define GENERIC_ALL_MAPPING ((STANDARD_RIGHTS_REQUIRED) \| \`
			`(RIGHT_DS_CREATE_CHILD) \| \`
			`(RIGHT_DS_DELETE_CHILD) \| \`
			`(RIGHT_DS_DELETE_TREE) \| \`
			`(RIGHT_DS_READ_PROPERTY) \| \`
			`(RIGHT_DS_WRITE_PROPERTY) \| \`
			`(RIGHT_DS_LIST_CONTENTS) \| \`
			`(RIGHT_DS_LIST_OBJECT) \| \`
			`(RIGHT_DS_CONTROL_ACCESS) \| \`
			`(RIGHT_DS_WRITE_PROPERTY_EXTENDED))`

			`//`
			`// Standard DS generic access rights mapping`
			`//`

			`#define DS_GENERIC_MAPPING {GENERIC_READ_MAPPING, \`
			`GENERIC_WRITE_MAPPING, \`
			`GENERIC_EXECUTE_MAPPING, \`
			`GENERIC_ALL_MAPPING}`



			`#endif`