188 lines
5.8 KiB
C++
188 lines
5.8 KiB
C++
/**********************************************************************/
|
|
/** Microsoft LAN Manager **/
|
|
/** Copyright(c) Microsoft Corp., 1990, 1991 **/
|
|
/**********************************************************************/
|
|
|
|
/*
|
|
accperm.hxx
|
|
Header file for the ACCPERM class
|
|
|
|
|
|
FILE HISTORY:
|
|
Johnl 01-Aug-1991 Created (class name stolen from RustanL)
|
|
|
|
*/
|
|
|
|
|
|
#ifndef _ACCPERM_HXX_
|
|
#define _ACCPERM_HXX_
|
|
|
|
#include <bitfield.hxx>
|
|
#include <slist.hxx>
|
|
#include "perm.hxx"
|
|
#include "aclconv.hxx"
|
|
|
|
/* There are two different types of permissions, the SPECIAL permission
|
|
* only shows up in the SPECIAL dialog. The GENERAL type of permissions
|
|
* are (possibly) a conglomeration of the special permissions that allow
|
|
* a high level name/grouping to be used.
|
|
*/
|
|
#define PERMTYPE_SPECIAL 3
|
|
#define PERMTYPE_GENERAL 4
|
|
|
|
DECLARE_SLIST_OF(ACCESS_PERMISSION)
|
|
DECLARE_SLIST_OF(AUDIT_PERMISSION)
|
|
|
|
/*************************************************************************
|
|
|
|
NAME: ACCPERM
|
|
|
|
SYNOPSIS: This class manipulates lists of PERMISSION objects
|
|
|
|
INTERFACE:
|
|
|
|
PARENT:
|
|
|
|
USES:
|
|
|
|
CAVEATS:
|
|
|
|
NOTES:
|
|
|
|
HISTORY:
|
|
Johnl 01-Aug-1991 Created
|
|
|
|
**************************************************************************/
|
|
|
|
class ACCPERM : public BASE
|
|
{
|
|
friend class LM_ACL_TO_PERM_CONVERTER ;
|
|
friend class NT_ACL_TO_PERM_CONVERTER ;
|
|
|
|
private:
|
|
|
|
SLIST_OF(ACCESS_PERMISSION) _slAccessPerms ;
|
|
SLIST_OF(AUDIT_PERMISSION) _slAuditPerms ;
|
|
|
|
/* These iterators support the enumeration methods.
|
|
*/
|
|
ITER_SL_OF(ACCESS_PERMISSION) _iterslAccessPerms ;
|
|
ITER_SL_OF(AUDIT_PERMISSION) _iterslAuditPerms ;
|
|
|
|
//
|
|
// Due to the behaviour of remove with an iterator, after we delete
|
|
// an item, we shouldn't do a next because the remove bumped the
|
|
// iterator already.
|
|
//
|
|
BOOL _fDidDeleteAccessPerms ;
|
|
BOOL _fDidDeleteAuditPerms ;
|
|
|
|
ACL_TO_PERM_CONVERTER * _paclconverter ;
|
|
|
|
protected:
|
|
SLIST_OF(ACCESS_PERMISSION) * QueryAccessPermissionList( void )
|
|
{ return &_slAccessPerms ; }
|
|
|
|
SLIST_OF(AUDIT_PERMISSION) * QueryAuditPermissionList( void )
|
|
{ return &_slAuditPerms ; }
|
|
|
|
|
|
public:
|
|
/* Constructor:
|
|
* psubjectOwner is the owner of this object. Maybe NULL if the owner
|
|
* concept is not supported.
|
|
*/
|
|
ACCPERM( ACL_TO_PERM_CONVERTER * paclconverter ) ;
|
|
|
|
|
|
/* Get all of the ACCESS permissions or AUDIT permissions that are
|
|
* contained in the resources ACL.
|
|
*
|
|
* ppAccessPermission - Pointer to a pointer to an Access/Audit
|
|
* PERMISSION object. The client should not
|
|
* reallocate/delete this pointer. When there
|
|
* are no more permissions, *ppAccessPermission
|
|
* will be set to NULL and FALSE will be returned.
|
|
*
|
|
* pfFromBeginning - Restart the enumeration from the beginning of the
|
|
* list if *pfFromBeginning is TRUE, will be set
|
|
* to FALSE automatically.
|
|
*/
|
|
BOOL EnumAccessPermissions( ACCESS_PERMISSION * * ppAccessPermission,
|
|
BOOL * pfFromBeginning ) ;
|
|
BOOL EnumAuditPermissions( AUDIT_PERMISSION * * ppAuditPermission,
|
|
BOOL * pfFromBeginning ) ;
|
|
|
|
/* Permission manipulation routines:
|
|
*
|
|
* DeletePermission - Removes the Access/Audit permission from the
|
|
* permission list.
|
|
* ChangePermission - Lets the ACCPERM class know a permission has
|
|
* changed. Should be called after a permission
|
|
* has been modified (this is for future support
|
|
* when we may add "Advanced" permissions).
|
|
* AddPermission - Adds a permission to the permission list that
|
|
* was created by ACL_TO_PERM_CONVERTR::CreatePermission
|
|
*/
|
|
BOOL DeletePermission( ACCESS_PERMISSION * paccessperm ) ;
|
|
BOOL ChangePermission( ACCESS_PERMISSION * paccessperm ) ;
|
|
APIERR AddPermission ( ACCESS_PERMISSION * paccessperm ) ;
|
|
|
|
BOOL DeletePermission( AUDIT_PERMISSION * pauditperm ) ;
|
|
BOOL ChangePermission( AUDIT_PERMISSION * pauditperm ) ;
|
|
APIERR AddPermission ( AUDIT_PERMISSION * pauditperm ) ;
|
|
|
|
/* These correspond exactly with the same named methods in the
|
|
* ACL_TO_PERM_CONVERTER class in functionality and return codes and
|
|
* are provided merely for convenience.
|
|
*/
|
|
APIERR GetPermissions( BOOL fAccessPerms )
|
|
{ return QueryAclConverter()->GetPermissions( this, fAccessPerms ) ; }
|
|
|
|
APIERR GetBlankPermissions( void )
|
|
{ return QueryAclConverter()->GetBlankPermissions( this ) ; }
|
|
|
|
APIERR WritePermissions( BOOL fApplyToSubContainers,
|
|
BOOL fApplyToSubObjects,
|
|
TREE_APPLY_FLAGS applyflags,
|
|
BOOL *pfReportError )
|
|
{ return QueryAclConverter()->WritePermissions( *this,
|
|
fApplyToSubContainers,
|
|
fApplyToSubObjects,
|
|
applyflags,
|
|
pfReportError ) ; }
|
|
|
|
APIERR QueryFailingSubject( NLS_STR * pnlsSubjUniqueName )
|
|
{ return QueryAclConverter()->QueryFailingSubject( pnlsSubjUniqueName ) ; }
|
|
|
|
ACL_TO_PERM_CONVERTER * QueryAclConverter( void ) const
|
|
{ return _paclconverter ; }
|
|
|
|
/* This method finds the subject who's name corresponds to the
|
|
* passed name, and expunges this subject from both the
|
|
* Access permission list and the Audit permission list.
|
|
*/
|
|
APIERR DeleteSubject( NLS_STR * pnlsSubjUniqueName ) ;
|
|
|
|
/* Looks at the access permission list and determines if there are
|
|
* any "Everyone (None)" permissions.
|
|
*/
|
|
APIERR AnyDenyAllsToEveryone( BOOL *pfDenyAll ) ;
|
|
|
|
/* Returns TRUE if the object is a container object
|
|
*/
|
|
BOOL IsContainer( void )
|
|
{ return QueryAclConverter()->IsContainer() ; }
|
|
|
|
/* The following are not const because QueryNumElem is not const (can't
|
|
* be const).
|
|
*/
|
|
UINT QueryAccessPermCount( void )
|
|
{ return QueryAccessPermissionList()->QueryNumElem() ; }
|
|
|
|
UINT QueryAuditPermCount( void )
|
|
{ return QueryAuditPermissionList()->QueryNumElem() ; }
|
|
} ;
|
|
|
|
#endif // _ACCPERM_HXX_
|