2 // System.Security.AccessControl.CommonAce implementation
5 // Dick Porter <dick@ximian.com>
6 // Atsushi Enomoto <atsushi@ximian.com>
9 // Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 using System.Globalization;
32 using System.Security.Principal;
34 namespace System.Security.AccessControl {
35 public sealed class CommonAce : QualifiedAce {
36 public CommonAce (AceFlags flags, AceQualifier qualifier,
37 int accessMask, SecurityIdentifier sid,
38 bool isCallback, byte[] opaque)
39 : base(ConvertType (qualifier, isCallback),
43 AccessMask = accessMask;
44 SecurityIdentifier = sid;
47 internal CommonAce (AceType type, AceFlags flags, int accessMask,
48 SecurityIdentifier sid, byte[] opaque)
49 : base(type, flags, opaque)
51 AccessMask = accessMask;
52 SecurityIdentifier = sid;
55 internal CommonAce(byte[] binaryForm, int offset)
56 : base(binaryForm, offset)
58 int len = ReadUShort(binaryForm, offset + 2);
59 if (offset > binaryForm.Length - len)
60 throw new ArgumentException("Invalid ACE - truncated", "binaryForm");
61 if (len < 8 + SecurityIdentifier.MinBinaryLength)
62 throw new ArgumentException("Invalid ACE", "binaryForm");
64 AccessMask = ReadInt(binaryForm, offset + 4);
65 SecurityIdentifier = new SecurityIdentifier(binaryForm,
68 int opaqueLen = len - (8 + SecurityIdentifier.BinaryLength);
70 byte[] opaque = new byte[opaqueLen];
71 Array.Copy(binaryForm,
72 offset + 8 + SecurityIdentifier.BinaryLength,
73 opaque, 0, opaqueLen);
78 public override int BinaryLength {
80 return 8 + SecurityIdentifier.BinaryLength
85 public override void GetBinaryForm (byte[] binaryForm,
88 int len = BinaryLength;
89 binaryForm[offset] = (byte)this.AceType;
90 binaryForm[offset + 1] = (byte)this.AceFlags;
91 WriteUShort ((ushort)len, binaryForm, offset + 2);
92 WriteInt (AccessMask, binaryForm, offset + 4);
94 SecurityIdentifier.GetBinaryForm (binaryForm,
97 byte[] opaque = GetOpaque ();
99 Array.Copy (opaque, 0, binaryForm,
100 offset + 8 + SecurityIdentifier.BinaryLength,
104 public static int MaxOpaqueLength (bool isCallback)
106 // Varies by platform?
110 internal override string GetSddlForm ()
112 if (OpaqueLength != 0)
113 throw new NotImplementedException (
114 "Unable to convert conditional ACEs to SDDL");
116 return string.Format (CultureInfo.InvariantCulture,
117 "({0};{1};{2};;;{3})",
118 GetSddlAceType (AceType),
119 GetSddlAceFlags (AceFlags),
120 GetSddlAccessRights (AccessMask),
121 SecurityIdentifier.GetSddlForm ());
124 private static AceType ConvertType (AceQualifier qualifier,
128 case AceQualifier.AccessAllowed:
130 return AceType.AccessAllowedCallback;
132 return AceType.AccessAllowed;
134 case AceQualifier.AccessDenied:
136 return AceType.AccessDeniedCallback;
138 return AceType.AccessDenied;
140 case AceQualifier.SystemAlarm:
142 return AceType.SystemAlarmCallback;
144 return AceType.SystemAlarm;
146 case AceQualifier.SystemAudit:
148 return AceType.SystemAuditCallback;
150 return AceType.SystemAudit;
153 throw new ArgumentException ("Unrecognized ACE qualifier: " + qualifier, "qualifier");