2 // System.Security.AccessControl.SystemAcl implementation
5 // Dick Porter <dick@ximian.com>
6 // Atsushi Enomoto <atsushi@ximian.com>
7 // James Bellinger <jfb@zer7.com>
9 // Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
10 // Copyright (C) 2012 James Bellinger
12 // Permission is hereby granted, free of charge, to any person obtaining
13 // a copy of this software and associated documentation files (the
14 // "Software"), to deal in the Software without restriction, including
15 // without limitation the rights to use, copy, modify, merge, publish,
16 // distribute, sublicense, and/or sell copies of the Software, and to
17 // permit persons to whom the Software is furnished to do so, subject to
18 // the following conditions:
20 // The above copyright notice and this permission notice shall be
21 // included in all copies or substantial portions of the Software.
23 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
27 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
28 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 using System.Security.Principal;
34 namespace System.Security.AccessControl
36 public sealed class SystemAcl : CommonAcl
38 public SystemAcl (bool isContainer, bool isDS, int capacity)
39 : base (isContainer, isDS, capacity)
43 public SystemAcl (bool isContainer, bool isDS, RawAcl rawAcl)
44 : base (isContainer, isDS, rawAcl)
48 public SystemAcl (bool isContainer, bool isDS, byte revision, int capacity)
49 : base (isContainer, isDS, revision, capacity)
53 public void AddAudit (AuditFlags auditFlags,
54 SecurityIdentifier sid, int accessMask,
55 InheritanceFlags inheritanceFlags,
56 PropagationFlags propagationFlags)
58 AddAce (AceQualifier.SystemAudit, sid, accessMask,
59 inheritanceFlags, propagationFlags, auditFlags);
62 public void AddAudit (AuditFlags auditFlags,
63 SecurityIdentifier sid, int accessMask,
64 InheritanceFlags inheritanceFlags,
65 PropagationFlags propagationFlags,
66 ObjectAceFlags objectFlags,
68 Guid inheritedObjectType)
70 AddAce (AceQualifier.SystemAudit, sid, accessMask,
71 inheritanceFlags, propagationFlags, auditFlags,
72 objectFlags, objectType, inheritedObjectType);
75 public void AddAudit (SecurityIdentifier sid, ObjectAuditRule rule)
77 AddAudit (rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags, rule.ObjectFlags, rule.ObjectType, rule.InheritedObjectType);
81 public bool RemoveAudit (AuditFlags auditFlags,
82 SecurityIdentifier sid,
84 InheritanceFlags inheritanceFlags,
85 PropagationFlags propagationFlags)
87 throw new NotImplementedException ();
91 public bool RemoveAudit (AuditFlags auditFlags,
92 SecurityIdentifier sid,
94 InheritanceFlags inheritanceFlags,
95 PropagationFlags propagationFlags,
96 ObjectAceFlags objectFlags,
98 Guid inheritedObjectType)
100 throw new NotImplementedException ();
103 public bool RemoveAudit (SecurityIdentifier sid, ObjectAuditRule rule)
105 return RemoveAudit (rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags, rule.ObjectFlags, rule.ObjectType, rule.InheritedObjectType);
108 public void RemoveAuditSpecific (AuditFlags auditFlags,
109 SecurityIdentifier sid,
111 InheritanceFlags inheritanceFlags,
112 PropagationFlags propagationFlags)
114 RemoveAceSpecific (AceQualifier.SystemAudit, sid, accessMask,
115 inheritanceFlags, propagationFlags, auditFlags);
119 public void RemoveAuditSpecific (AuditFlags auditFlags,
120 SecurityIdentifier sid,
122 InheritanceFlags inheritanceFlags,
123 PropagationFlags propagationFlags,
124 ObjectAceFlags objectFlags,
126 Guid inheritedObjectType)
128 RemoveAceSpecific (AceQualifier.SystemAudit, sid, accessMask,
129 inheritanceFlags, propagationFlags, auditFlags,
130 objectFlags, objectType, inheritedObjectType);
134 public void RemoveAuditSpecific (SecurityIdentifier sid, ObjectAuditRule rule)
136 RemoveAuditSpecific (rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags, rule.ObjectFlags, rule.ObjectType, rule.InheritedObjectType);
139 public void SetAudit (AuditFlags auditFlags,
140 SecurityIdentifier sid,
142 InheritanceFlags inheritanceFlags,
143 PropagationFlags propagationFlags)
145 SetAce (AceQualifier.SystemAudit, sid, accessMask,
146 inheritanceFlags, propagationFlags, auditFlags);
149 public void SetAudit (AuditFlags auditFlags,
150 SecurityIdentifier sid,
152 InheritanceFlags inheritanceFlags,
153 PropagationFlags propagationFlags,
154 ObjectAceFlags objectFlags,
156 Guid inheritedObjectType)
158 SetAce (AceQualifier.SystemAudit, sid, accessMask,
159 inheritanceFlags, propagationFlags, auditFlags,
160 objectFlags, objectType, inheritedObjectType);
163 public void SetAudit (SecurityIdentifier sid, ObjectAuditRule rule)
165 SetAudit (rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags, rule.ObjectFlags, rule.ObjectType, rule.InheritedObjectType);
168 internal override void ApplyCanonicalSortToExplicitAces ()
170 int explicitCount = GetCanonicalExplicitAceCount ();
171 ApplyCanonicalSortToExplicitAces (0, explicitCount);
174 internal override int GetAceInsertPosition (AceQualifier aceQualifier)
179 internal override bool IsAceMeaningless (GenericAce ace)
181 if (base.IsAceMeaningless (ace)) return true;
182 if (!IsValidAuditFlags (ace.AuditFlags)) return true;
184 QualifiedAce qace = ace as QualifiedAce;
186 if (!(AceQualifier.SystemAudit == qace.AceQualifier ||
187 AceQualifier.SystemAlarm == qace.AceQualifier)) return true;
193 static bool IsValidAuditFlags (AuditFlags auditFlags)
195 return auditFlags != AuditFlags.None &&
196 auditFlags == ((AuditFlags.Success|AuditFlags.Failure) & auditFlags);