mcs/class/corlib/System.Security.Principal/WindowsPrincipal.cs

   1 //
   2 // WindowsPrincipal.cs: Windows IPrincipal implementation
   3 //
   4 // Author:
   5 //      Sebastien Pouliot (sebastien@ximian.com)
   6 //
   7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
   8 // (C) 2004 Novell (http://www.novell.com)
   9 //
  10
  11 using System;
  12 using System.Collections;
  13 using System.Runtime.CompilerServices;
  14
  15 namespace System.Security.Principal {
  16
  17         [Serializable]
  18         public class WindowsPrincipal : IPrincipal {
  19
  20                 private WindowsIdentity _identity;
  21                 // http://groups.google.ca/groups?q=WindowsPrincipal+m_roles&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=OghXf4OgCHA.4228%40tkmsftngp08&rnum=4
  22                 private string [] m_roles;
  23
  24                 // case sensitivity versus number of groups
  25                 // http://groups.google.ca/groups?q=WindowsPrincipal+m_roles&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=%23JEMHsMQCHA.1916%40tkmsftngp13&rnum=5
  26
  27                 public WindowsPrincipal (WindowsIdentity ntIdentity)
  28                 {
  29                         if (ntIdentity == null)
  30                                 throw new ArgumentNullException ("ntIdentity");
  31
  32                         _identity = ntIdentity;
  33                 }
  34
  35                 // properties
  36
  37                 public virtual IIdentity Identity {
  38                         get { return _identity; }
  39                 }
  40
  41                 // methods
  42
  43                 public virtual bool IsInRole (int rid)
  44                 {
  45                         if (IsPosix) {
  46                                 return IsMemberOfGroupId (Token, (IntPtr) rid);
  47                         }
  48                         else {
  49                                 string role = null;
  50                                 switch (rid) {
  51                                         case 544: // Administrator
  52                                                 role = "BUILTIN\\Administrators";
  53                                                 break;
  54                                         case 545: // User
  55                                                 role = "BUILTIN\\Users";
  56                                                 break;
  57                                         case 546: // Guest
  58                                                 role = "BUILTIN\\Guests";
  59                                                 break;
  60                                         case 547: // PowerUser
  61                                                 role = "BUILTIN\\Power Users";
  62                                                 break;
  63                                         case 548: // AccountOperator
  64                                                 role = "BUILTIN\\Account Operators";
  65                                                 break;
  66                                         case 549: // SystemOperator
  67                                                 role = "BUILTIN\\System Operators";
  68                                                 break;
  69                                         case 550: // PrintOperator
  70                                                 role = "BUILTIN\\Print Operators";
  71                                                 break;
  72                                         case 551: // BackupOperator
  73                                                 role = "BUILTIN\\Backup Operators";
  74                                                 break;
  75                                         case 552: // Replicator
  76                                                 role = "BUILTIN\\Replicator";
  77                                                 break;
  78                                         default:
  79                                                 return false;
  80                                 }
  81                                 return IsInRole (role);
  82                         }
  83                 }
  84
  85                 public virtual bool IsInRole (string role)
  86                 {
  87                         if (role == null)
  88                                 return false;   // ArgumentNullException
  89
  90                         if (IsPosix) {
  91                                 // note: Posix is always case-sensitive
  92                                 return IsMemberOfGroupName (Token, role);
  93                         }
  94                         else {
  95                                 // Windows specific code that
  96                                 // (a) build the role cache like the MS framework (for compatibility)
  97                                 // (b) case sensitive (for Fx 1.0) and case insensitive (later Fx)
  98                                 if (m_roles == null) {
  99                                         m_roles = WindowsIdentity._GetRoles (Token);
 100                                 }
 101 #if !NET_1_0
 102                                 role = role.ToUpper ();
 103 #endif
 104                                 foreach (string check in m_roles) {
 105 #if NET_1_0
 106                                         if (role == check)
 107                                                 return true;
 108 #else
 109                                         Console.WriteLine ("> {0}", check);
 110                                         if ((check != null) && (role == check.ToUpper ()))
 111                                                 return true;
 112 #endif
 113                                 }
 114                                 return false;
 115                         }
 116                 }
 117
 118                 public virtual bool IsInRole (WindowsBuiltInRole role)
 119                 {
 120                         if (IsPosix) {
 121                                 // right now we only map Administrator == root
 122                                 string group = null;
 123                                 switch (role) {
 124                                         case WindowsBuiltInRole.Administrator:
 125                                                 group = "root";
 126                                                 break;
 127                                         default:
 128                                                 return false;
 129                                 }
 130                                 return IsInRole (group);
 131                         }
 132                         else {
 133                                 return IsInRole ((int) role);
 134                         }
 135                 }
 136
 137                 private static bool IsPosix {
 138                         get { return ((int) Environment.Platform == 128); }
 139                 }
 140
 141                 private IntPtr Token {
 142                         get { return (_identity as WindowsIdentity).Token; }
 143                 }
 144
 145                 // see mono/mono/metadata/security.c for implementation
 146
 147                 // note: never called by Win32 code (i.e. always return false)
 148                 [MethodImplAttribute (MethodImplOptions.InternalCall)]
 149                 private extern static bool IsMemberOfGroupId (IntPtr user, IntPtr group);
 150
 151                 // note: never called by Win32 code (i.e. always return false)
 152                 [MethodImplAttribute (MethodImplOptions.InternalCall)]
 153                 private extern static bool IsMemberOfGroupName (IntPtr user, string group);
 154         }
 155 }