Back
// PSLSecurity.cpp : Implementation of CPSLSecurity
#include "stdafx.h"
#include "PSLSecurity.h"
#include <Aclapi.h>
CPSLSecurity::CPSLSecurity()
{
}
HRESULT CPSLSecurity::FinalConstruct()
{
return S_OK;
}
void CPSLSecurity::FinalRelease()
{
}
////////////////////////////////////////////////////////////////////////
// Interface Implementation;
////////////////////////////////////////////////////////////////////////
STDMETHODIMP CPSLSecurity::get_User(IPSLUser ** ppValue)
{
PSL_BEGIN
*ppValue = m_User;
PSL_END
}
STDMETHODIMP CPSLSecurity::get_Accounts(IPSLAccounts ** ppValue)
{
PSL_BEGIN
SetException(EX_NOTIMPLEMENTED);
//*ppValue = m_Accounts;
PSL_END
}
STDMETHODIMP CPSLSecurity::get_Privileges(IPSLPrivileges ** ppValue)
{
PSL_BEGIN
*ppValue = m_Privileges;
PSL_END
}
STDMETHODIMP CPSLSecurity::GetNamedObjectAccess(PSLNamedType nt, BSTR sObjectName, long * pErrorCode, long * pValue)
{
PSL_BEGIN
*pValue = 0; // Mask Value;
PACL pDacl;
_bstr_t sObject = sObjectName;
DWORD dwError = ::GetNamedSecurityInfo((LPTSTR)sObject, (SE_OBJECT_TYPE)nt, DACL_SECURITY_INFORMATION, NULL, NULL, &pDacl, NULL, NULL);
if(dwError == ERROR_SUCCESS)
{
HANDLE hToken = NULL;
if(::OpenProcessToken(::GetCurrentProcess(), TOKEN_READ, &hToken))
{
DWORD dwLength = 0;
::GetTokenInformation(hToken, TokenUser, NULL, 0, &dwLength);
LPBYTE pBuffer = new BYTE[dwLength];
if(::GetTokenInformation(hToken, TokenUser, pBuffer, dwLength, &dwLength))
{
TOKEN_USER * pUser = (TOKEN_USER*)(LPVOID)pBuffer;
TRUSTEE trustee;
::BuildTrusteeWithSid(&trustee, pUser->User.Sid);
ACCESS_MASK mask;
dwError = ::GetEffectiveRightsFromAcl(pDacl, &trustee, &mask);
if(dwError == ERROR_SUCCESS)
*pValue = mask;
}
else
dwError = ::GetLastError();
delete []pBuffer;
::CloseHandle(hToken);
}
else
dwError = ::GetLastError();
}
if(pErrorCode)
*pErrorCode = dwError;
PSL_END
}
Top |