/*++

Copyright (c) 1996  Microsoft Corporation

Module Name:

    dsacls.h

Abstract:

    The main header file for the dsacls tool

Author:

    Mac McLain  (MacM)    10-02-96

Environment:

    User Mode

Revision History:


--*/

#ifndef _DSACLS_H
#define _DSACLS_H

#include <caclsmsg.h>
#include "accctrl.h"

#define FLAG_ON(flags,bit)        ((flags) & (bit))
//Some Error Checking Macros
#define CHECK_NULL( ptr, jump_loc )  \
if( ptr == NULL ) \
{  \
   dwErr = ERROR_NOT_ENOUGH_MEMORY; \
   goto jump_loc; \
}  


#define CHECK_HR( hr, jump_loc ) \
if( hr != S_OK )  \
{  \
   dwErr = HRESULT_CODE( hr );   \
   goto jump_loc; \
}  \

//
// Local prototypes
//
#if DSACL_DBG
ULONG gfDebug;
#endif

//
// Type of operation to perform
//
typedef enum _DSACLS_OP
{
    REVOKE = 0,
    GRANT,
    DENY
} DSACLS_OP;

#define DSACLS_EXTRA_INFO_NONE      0
#define DSACLS_EXTRA_INFO_REQUIRED  1
#define DSACLS_EXTRA_INFO_OPTIONAL  2

typedef struct _DSACLS_ARG {
    ULONG ResourceId;
    PWSTR String;
    ULONG Length;
    ULONG StartIndex;
    ULONG Flag;
    ULONG SkipCount;
    BOOLEAN SkipNonFlag;
    WORD ExtraInfo;
} DSACLS_ARG, *PDSACLS_ARG;

typedef struct _DSACLS_INHERIT {
    ULONG ResourceId;
    PWSTR String;
    ULONG Length;
    BOOLEAN ValidForInput;
    ULONG InheritFlag;

} DSACLS_INHERIT, *PDSACLS_INHERIT;

typedef struct _DSACLS_RIGHTS {
    ULONG ResourceId;
    PWSTR String;
    ULONG ResourceIdEx;
    PWSTR StringEx;
    ULONG Length;
    ULONG Right;

} DSACLS_RIGHTS, *PDSACLS_RIGHTS;

typedef struct _DSACLS_PROTECT {
   ULONG ResourceId;
   PWSTR String;
   ULONG Length;
   ULONG Right;
} DSACLS_PROTECT, *PDSACLS_PROTECT;

extern LPWSTR g_szSchemaNamingContext;
extern LPWSTR g_szConfigurationNamingContext;
extern HMODULE g_hInstance;
extern LPWSTR g_szServerName;
extern CCache *g_Cache;

//
// Prototypes from dsacls.c
//


DWORD 
InitializeGlobalArrays();

DWORD
ConvertArgvToUnicode( LPWSTR * wargv, 
                      char ** argv, 
                      int argc ) ;

DWORD
WriteObjectSecurity( IN LPWSTR pszObject,
                     IN SECURITY_INFORMATION si,
                     IN PSECURITY_DESCRIPTOR pSD );





//
// prototypes from refresh.c
//
DWORD
SetDefaultSecurityOnObjectTree(
    IN PWSTR ObjectPath,
    IN BOOLEAN Propagate,
	IN SECURITY_INFORMATION Protection
    );


void MapGeneric( ACCESS_MASK * pMask );
void DisplayAccessRights( UINT nSpace, ACCESS_MASK m_Mask );

void ConvertAccessMaskToGenericString( ACCESS_MASK m_Mask, LPWSTR szLoadBuffer, UINT nBuffer );
DWORD BuildExplicitAccess( IN PSID pSid,
                           IN GUID* pGuidObject,
                           IN GUID* pGuidInherit,
                           IN ACCESS_MODE AccessMode,
                           IN ULONG Access,
                           IN ULONG Inheritance,
                           OUT PEXPLICIT_ACCESS pExplicitAccess );


DWORD ParseUserAndPermissons( IN LPWSTR pszArgument,
                              IN DSACLS_OP Op,
                              IN ULONG RightsListCount,
                              IN PDSACLS_RIGHTS RightsList,
                              OUT LPWSTR * ppszTrusteeName,
                              OUT PULONG  pAccess,
                              OUT LPWSTR * ppszObjectId,
                              OUT LPWSTR * ppszInheritId );

//
// Define the rights used in the DS
//

#define RIGHT_DS_CREATE_CHILD     ACTRL_DS_CREATE_CHILD
#define RIGHT_DS_DELETE_CHILD     ACTRL_DS_DELETE_CHILD
#define RIGHT_DS_DELETE_SELF      DELETE
#define RIGHT_DS_LIST_CONTENTS    ACTRL_DS_LIST
#define RIGHT_DS_WRITE_PROPERTY_EXTENDED  ACTRL_DS_SELF
#define RIGHT_DS_READ_PROPERTY    ACTRL_DS_READ_PROP
#define RIGHT_DS_WRITE_PROPERTY   ACTRL_DS_WRITE_PROP
#define RIGHT_DS_DELETE_TREE      ACTRL_DS_DELETE_TREE
#define RIGHT_DS_LIST_OBJECT      ACTRL_DS_LIST_OBJECT
#ifndef ACTRL_DS_CONTROL_ACCESS
#define ACTRL_DS_CONTROL_ACCESS   ACTRL_PERM_9
#endif
#define RIGHT_DS_CONTROL_ACCESS   ACTRL_DS_CONTROL_ACCESS
//
// Define the generic rights
//

// generic read
#define GENERIC_READ_MAPPING     ((STANDARD_RIGHTS_READ)     | \
                                  (RIGHT_DS_LIST_CONTENTS)   | \
                                  (RIGHT_DS_READ_PROPERTY)   | \
                                  (RIGHT_DS_LIST_OBJECT))

// generic execute
#define GENERIC_EXECUTE_MAPPING  ((STANDARD_RIGHTS_EXECUTE)  | \
                                  (RIGHT_DS_LIST_CONTENTS))
// generic right
#define GENERIC_WRITE_MAPPING    ((STANDARD_RIGHTS_WRITE)    | \
                                  (RIGHT_DS_WRITE_PROPERTY_EXTENDED)  | \
                  (RIGHT_DS_WRITE_PROPERTY))
// generic all

#define GENERIC_ALL_MAPPING      ((STANDARD_RIGHTS_REQUIRED) | \
                                  (RIGHT_DS_CREATE_CHILD)    | \
                                  (RIGHT_DS_DELETE_CHILD)    | \
                                  (RIGHT_DS_DELETE_TREE)     | \
                                  (RIGHT_DS_READ_PROPERTY)   | \
                                  (RIGHT_DS_WRITE_PROPERTY)  | \
                                  (RIGHT_DS_LIST_CONTENTS)   | \
                                  (RIGHT_DS_LIST_OBJECT)     | \
                                  (RIGHT_DS_CONTROL_ACCESS)  | \
                                  (RIGHT_DS_WRITE_PROPERTY_EXTENDED))

//
// Standard DS generic access rights mapping
//

#define DS_GENERIC_MAPPING {GENERIC_READ_MAPPING,    \
                GENERIC_WRITE_MAPPING,   \
                GENERIC_EXECUTE_MAPPING, \
                GENERIC_ALL_MAPPING}



#endif