//********************************************************************* //* Microsoft Internet Explorer ** //* Copyright (c) Microsoft Corporation. All rights reserved. ** //********************************************************************* #ifndef _MSLUAPI_H_ #define _MSLUAPI_H_ #ifdef USER_SETTINGS_IMPLEMENTED /************************************************************************ IUserSettings interface This interface is used to manipulate the settings for a particular component, corresponding to a local user account. An IUserSettings interface may be obtained by CLSID or name, or through enumeration; in both cases, this is relative to a particular user. Member functions, other than IUnknown: GetCLSID(CLSID *pclsidOut) Returns the CLSID identifying the component. May be GUID_NULL if no CLSID is defined for the component. GetName(LPSTR pbBuffer, UINT cbBuffer) Returns a unique name identifying the component. This may be used instead of a CLSID if the component provider does not wish to provide a COM server to help administer the settings. GetDisplayName(LPSTR pbBuffer, UINT cbBuffer) Returns a user-friendly name for the component, suitable for presentation to the user. QueryKey(HKEY *phkeyOut) Returns a registry key where the component stores settings for the specified user. The key is owned by the interface and must not be closed by the application using RegCloseKey, otherwise changes will not be propagated correctly. (((( OpenKey(HKEY *phkeyOut, DWORD fdwAccess) Returns a registry key where the component stores settings for the specified user. The key MUST be closed using IUserSettings::CloseKey so that changes will be propagated correctly. fdwAccess indicates the type of access desired; valid values include GENERIC_READ and GENERIC_WRITE. CloseKey(HKEY hKey) Closes a registry key obtained via IUserSettings::OpenKey. Lock(BOOL fLock) Locks or unlocks the settings for updates. Attempting to lock the settings will fail if they are already locked. Locking the settings does not, however, affect any of the other member functions )))) ************************************************************************/ DECLARE_INTERFACE_(IUserSettings, IUnknown) { // *** IUnknown methods *** STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID * ppvObj) PURE; STDMETHOD_(ULONG,AddRef) (THIS) PURE; STDMETHOD_(ULONG,Release) (THIS) PURE; STDMETHOD(GetCLSID) (THIS_ CLSID *pclsidOut) PURE; STDMETHOD(GetName) (THIS_ LPSTR pbBuffer, LPDWORD pcbBuffer) PURE; STDMETHOD(GetDisplayName) (THIS_ LPSTR pbBuffer, LPDWORD pcbBuffer) PURE; STDMETHOD(QueryKey) (THIS_ HKEY *phkeyOut) PURE; }; #endif /* USER_SETTINGS_IMPLEMENTED */ /************************************************************************ IUser interface This interface is used to manipulate a local user account. It allows various operations to be performed on a particular user. To obtain one of these interfaces, the companion interface IUserDatabase must be used -- its AddUser, GetUser, and GetCurrentUser member functions all return IUser objects, as does IEnumUsers::Next. In all descriptions here, "the user" refers to the user which this ILocalUser object describes. "The current user" means the user who is currently logged on at the workstation. If the current user is a supervisor, all functions are allowed. Otherwise, a more limited set of member functions is available if the IUser object corresponds to the current user. If the current user is not a supervisor and the IUser object refers to a different user, a still more limited set of functions is allowed. Member functions, other than IUnknown: GetName(LPSTR pbBuffer, UINT cbBuffer) Returns the user's logon name. GetProfileDirectory(LPSTR pbBuffer, UINT cbBuffer) Returns the user's local profile directory (e.g., C:\WINDOWS\PROFILES\gregj). May fail if the user is the default user (doesn't really have a profile directory as such). IsSupervisor() Returns whether the user is a supervisor or not. This is not a generic property because it's actually based on the presence of security info in the user's PWL (at least on win95). SetSupervisorPrivilege(BOOL fMakeSupervisor, LPCSTR pszSupervisorPassword) Grants or revokes supervisor privilege for the user. Only supervisors can grant or revoke that privilege, of course. If pszSupervisorPassword is not NULL, it is used to determine whether the current user is a supervisor. If it is NULL, then the current user's password cache is used instead. This allows making any user into a supervisor without the current user being one. MakeTempSupervisor(BOOL fMakeSupervisor, LPCSTR pszSupervisorPassword) Grants or revokes supervisor privilege for the user, but only for the lifetime of this IUser object. As soon as the object is destroyed, the user is no longer considered a supervisor, and in fact other IUser objects currently in existence which refer to the same user will not indicate him as a supervisor. Note that MakeTempSupervisor(FALSE) only revokes temporary-supervisor privilege granted by MakeTempSupervisor(TRUE). If the user still has the supervisor password in his PWL, he will still be considered a supervisor. AppearsSupervisor() Returns whether or not the user should appear as a supervisor in a list of users. This allows querying this property on each user for display purposes without taking the large performance hit to locate each user's PWL, open it up, get the supervisor key out, and validate it. Instead, a registry value under the user's key is used to maintain this value. It should NOT be used to determine whether the user has permission to do something, because the simple registry value is not as secure. Authenticate(LPCSTR pszPassword) Attempts to authenticate the user using the given password. Returns S_OK if the password is correct for the user, or an error otherwise. No user interface is displayed by this function. ChangePassword(LPCSTR pszOldPassword, LPCSTR pszNewPassword) Attempts to change the user's password from the given old password to the given new password. Returns an error code indicating success or failure. If the current user is a supervisor, the old password may be NULL, in which case the supervisor's credentials are used to get the password via other means. GetPasswordCache(LPCSTR pszPassword, LPHPWL phOut) Returns a handle to the user's password cache, suitable for use with the MSPWL32.DLL APIs. May fail, of course, if password caching is disabled. LoadProfile(LPHKEY phkeyUser) Loads the user's profile into the registry and returns a handle to the root key. The current user can always load his own profile (just returns HKEY_CURRENT_USER); to load other users' profiles, the current user must be a supervisor. IUser::UnloadProfile() should always be called when the caller is done playing with the user's profile. UnloadProfile(HKEY hkeyUser) Unloads the user's profile from the registry if possible, and closes the key handle returned by IUser::LoadProfile. If the specified user is the current user, this function does nothing. GetComponentSettings(REFCLSID clsidComponent, LPCSTR pszName, IUnknown **ppOut, DWORD fdwAccess) CURRENTLY NOT IMPLEMENTED Returns an IUserSettings interface which can be used to access the user's settings for a particular component. Either clsidComponent or pszName may be used to refer to the component whose settings are to be accessed. If pszName is not NULL, it takes precedence over clsidComponent. fdwAccess specifies whether the caller wants read or write access to the settings. If the component's settings are restricted and the current user is not a supervisor, only GENERIC_READ access will be allowed; GENERIC_WRITE will fail. EnumerateComponentSettings(IEnumUnknown **ppOut, DWORD fdwAccess) CURRENTLY NOT IMPLEMENTED Returns an IEnumUnknown interface which can be used to enumerate all components which have settings recorded for the user. fdwAccess specifies the desired access, read or write. If the current user is not a supervisor and the caller requests write access, the enumerator will not return any components which do not permit such access. ************************************************************************/ DECLARE_INTERFACE_(IUser, IUnknown) { // *** IUnknown methods *** STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID * ppvObj) PURE; STDMETHOD_(ULONG,AddRef) (THIS) PURE; STDMETHOD_(ULONG,Release) (THIS) PURE; STDMETHOD(GetName) (THIS_ LPSTR pbBuffer, LPDWORD pcbBuffer) PURE; STDMETHOD(GetProfileDirectory) (THIS_ LPSTR pbBuffer, LPDWORD pcbBuffer) PURE; STDMETHOD(IsSupervisor) (THIS) PURE; STDMETHOD(SetSupervisorPrivilege) (THIS_ BOOL fMakeSupervisor, LPCSTR pszSupervisorPassword) PURE; STDMETHOD(MakeTempSupervisor) (THIS_ BOOL fMakeSupervisor, LPCSTR pszSupervisorPassword) PURE; STDMETHOD(AppearsSupervisor) (THIS) PURE; STDMETHOD(Authenticate) (THIS_ LPCSTR pszPassword) PURE; STDMETHOD(ChangePassword) (THIS_ LPCSTR pszOldPassword, LPCSTR pszNewPassword) PURE; STDMETHOD(GetPasswordCache) (THIS_ LPCSTR pszPassword, LPHANDLE phOut) PURE; STDMETHOD(LoadProfile) (THIS_ HKEY *phkeyUser) PURE; STDMETHOD(UnloadProfile) (THIS_ HKEY hkeyUser) PURE; STDMETHOD(GetComponentSettings) (THIS_ REFCLSID clsidComponent, LPCSTR pszName, IUnknown **ppOut, DWORD fdwAccess) PURE; STDMETHOD(EnumerateComponentSettings) (THIS_ IEnumUnknown **ppOut, DWORD fdwAccess) PURE; }; /************************************************************************ IUserProfileInit interface This interface is a helper for IUserDatabase::Install and IUserDatabase::Create. It allows the client of those functions to perform initialization of a new user's profile before and after the new user's per-user folders are set up. Member functions, other than IUnknown: PreInitProfile(HKEY hkeyUser, LPCSTR pszProfileDir) Called when the user's profile has been created, but no per-user folders have been created or initialized yet. Here the implementer can add keys to the user's profile which will affect the initialization of those per-user folders. hkeyUser is the root of the user's profile, which would be HKEY_CURRENT_USER if the user were currently logged on. PostInitProfile(HKEY hkeyUser, LPCSTR pszProfileDir) Called after the user's per-user folders have been created and initialized. Here the implementer can add keys to the user's profile which will control roaming of per-user folders, without causing the IUserDatabase profile cloning code to want to initialize those folders from their default locations. ************************************************************************/ DECLARE_INTERFACE_(IUserProfileInit, IUnknown) { // *** IUnknown methods *** STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID * ppvObj) PURE; STDMETHOD_(ULONG,AddRef) (THIS) PURE; STDMETHOD_(ULONG,Release) (THIS) PURE; STDMETHOD(PreInitProfile) (THIS_ HKEY hkeyUser, LPCSTR pszProfileDir) PURE; STDMETHOD(PostInitProfile) (THIS_ HKEY hkeyUser, LPCSTR pszProfileDir) PURE; }; /************************************************************************ IUserDatabase interface This interface is used to manage the local user database as a whole. Any activities which deal with the list of users in any way are done through this interface; operations which deal with the properties (other than the name) of an existing user are done through IUser. Member functions, other than IUnknown: Install(LPCSTR pszSupervisorName, LPCSTR pszSupervisorPassword, LPCSTR pszRatingsPassword, IUserProfileInit *pInit) Installs the user settings subsystem. This includes creating an account for the supervisor. A separate member function is necessary for doing this because all the others would insist that the current user already be a supervisor. The pInit object (optional, may be NULL) is called back to allow the installer to do initialization of the profile being created, before and after its per-user files are copied. AddUser(LPCSTR pszName, IUser *pSourceUser, IUserProfileInit *pInit, IUser **ppOut) Creates a new user on the system. This includes creating a profile for the user. It does not, however, include creating a password list file. IUser::ChangePassword can be used to configure the password for the user. An IUser object is returned to the caller so that the caller can configure the properties of the user. This function will fail if the current user is not a supervisor. The caller can optionally specify a user account to be cloned. The pInit object (optional, may be NULL) is called back to allow the installer to do initialization of the profile being created, before and after its per-user files are copied. GetUser(LPCSTR pszName, IUser **ppOut) Gets an IUser object corresponding to the specified user. The current user need not be a supervisor to call this function, and any user's name may be specified. The IUser interface will control what a non- supervisor can and cannot do to the user object. GetSpecialUser(DWORD nSpecialUserCode, IUser **ppOut) Gets an IUser object corresponding to a special particular user. Current values for nSpecialUserCode include GSU_CURRENT, meaning the currently logged on user, and GSU_DEFAULT, meaning the default user identity (i.e., the identity used when nobody is logged on, also used as a template when creating new identities). GetCurrentUser(IUser **ppOut) Gets an IUser object corresponding to the currently logged on user. Shorthand for GetSpecialUser(GSU_CURRENT, ppOut). SetCurrentUser(IUser *pUser) Sets this IUserDatabase object's idea of who the current user is. The user must have previously been authenticated. This user object is used for all checks which, for example, determine whether the "current user" is a supervisor, or whether a user can access his or her own settings, etc. SetCurrentUser does not AddRef the IUser object passed. DeleteUser(LPCSTR pszName) Deletes the profile and password cache for the specified user, effectively destroying that user's identity. This function may only be called if the current user is a supervisor. Any existing IUser objects which refer to the user are no longer useful, but still must be destroyed in the ordinary way (Release()). RenameUser(LPCSTR pszOldName, LPCSTR pszNewName) Changes the username of a user. This function may only be called if the current user is a supervisor. EnumUsers(IEnumUnknown **ppOut) Returns an IEnumUnknown object which the caller can use to enumerate the local users on the system. Authenticate(HWND hwndOwner, DWORD dwFlags, LPCSTR pszName, LPCSTR pszPassword, IUser **ppOut) Attempts to authenticate a user. dwFlags specifies whether or not to prompt for credentials, and whether or not non-supervisors are acceptable. If no dialog is to be displayed by the API, then the pszName and pszPassword parameters are used instead. If the credentials are authenticated succcessfully, S_OK is returned. The ppOut parameter, if not NULL, is filled with a pointer to an IUser object describing the user who was authenticated, in case the caller cares to find out about who typed in their name and password. The dwFlags parameter specifies whether UI will be displayed by the function, and whether or not the credentials will be cached in memory for use at the next logon. InstallComponent(REFCLSID clsidComponent, LPCSTR pszName, DWORD dwFlags) CURRENTLY NOT IMPLEMENTED Installs a component into the settings database, so that it will appear in the settings UI. clsidComponent or pszName can be used to refer to the component being installed; use of a CLSID is preferable because then the component can provide server code which renders the settings UI for that component, and knows how to initialize the settings for a new user. The only bit currently defined for dwFlags is: SETTINGS_NS_CAN_WRITE: Non-supervisors can change their own settings for this component. A component's settings for the current user can always be read, at least programmatically -- there is no point in storing settings which can only be accessed if the current user is a supervisor. If non-supervisors should not be shown the UI for restricted settings (even a read-only UI), that decision can be made at the UI level. InstallComponent fails if the current user is not a supervisor. RemoveComponent(REFCLSID clsidComponent, LPCSTR pszName) CURRENTLY NOT IMPLEMENTED Removes a component from the settings database, so that it will no longer appear in the settings UI. This also removes this component's settings from all user identities. RemoveComponent fails if the current user is not a supervisor. InstallWizard(HWND hwndParent) Runs the wizard that switches to multiuser mode. AddUserWizard(HWND hwndParent) Runs the wizard that adds a new user, invoking the go-multiuser wizard if necessary. UserCPL(HWND hwndParent) Invokes the general user management UI as seen in Control panel, invoking the go-multiuser wizard if necessary. ************************************************************************/ DECLARE_INTERFACE_(IUserDatabase, IUnknown) { // *** IUnknown methods *** STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID * ppvObj) PURE; STDMETHOD_(ULONG,AddRef) (THIS) PURE; STDMETHOD_(ULONG,Release) (THIS) PURE; STDMETHOD(Install) (THIS_ LPCSTR pszSupervisorName, LPCSTR pszSupervisorPassword, LPCSTR pszRatingsPassword, IUserProfileInit *pInit) PURE; STDMETHOD(AddUser) (THIS_ LPCSTR pszName, IUser *pSourceUser, IUserProfileInit *pInit, IUser **ppOut) PURE; STDMETHOD(GetUser) (THIS_ LPCSTR pszName, IUser **ppOut) PURE; STDMETHOD(GetSpecialUser) (THIS_ DWORD nSpecialUserCode, IUser **ppOut) PURE; STDMETHOD(GetCurrentUser) (THIS_ IUser **ppOut) PURE; STDMETHOD(SetCurrentUser) (THIS_ IUser *pUser) PURE; STDMETHOD(DeleteUser) (THIS_ LPCSTR pszName) PURE; STDMETHOD(RenameUser) (THIS_ LPCSTR pszOldName, LPCSTR pszNewName) PURE; STDMETHOD(EnumUsers) (THIS_ IEnumUnknown **ppOut) PURE; STDMETHOD(Authenticate) (THIS_ HWND hwndOwner, DWORD dwFlags, LPCSTR pszName, LPCSTR pszPassword, IUser **ppOut) PURE; STDMETHOD(InstallComponent) (THIS_ REFCLSID clsidComponent, LPCSTR pszName, DWORD dwFlags) PURE; STDMETHOD(RemoveComponent) (THIS_ REFCLSID clsidComponent, LPCSTR pszName) PURE; STDMETHOD(InstallWizard) (THIS_ HWND hwndParent) PURE; STDMETHOD(AddUserWizard) (THIS_ HWND hwndParent) PURE; STDMETHOD(UserCPL) (THIS_ HWND hwndParent) PURE; }; // codes for IUserDatabase::GetSpecialUser const DWORD GSU_CURRENT = 0; // current user const DWORD GSU_DEFAULT = 1; // default user profile // flags for IUserDatabase::Authenticate const DWORD LUA_DIALOG = 0x00000001; // display dialog to get credentials // otherwise use pszName, pszPassword const DWORD LUA_SUPERVISORONLY = 0x00000002; // authenticate supervisors only const DWORD LUA_FORNEXTLOGON = 0x00000004; // cache credentials for next logon // flags for IUserDatabase::InstallComponent const DWORD SETTINGS_NS_CAN_WRITE = 0x01; // non-supervisors can change their own settings #endif // _MSLUAPI_H_