//
// System.Security.AccessControl.DiscretionaryAcl implementation
//
-// Author:
+// Authors:
// Dick Porter <dick@ximian.com>
+// Atsushi Enomoto <atsushi@ximian.com>
+// James Bellinger <jfb@zer7.com>
//
-// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2012 James Bellinger
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-#if NET_2_0
-
using System.Security.Principal;
-namespace System.Security.AccessControl {
+namespace System.Security.AccessControl
+{
public sealed class DiscretionaryAcl : CommonAcl
{
- public DiscretionaryAcl (bool isContainer, bool isDS,
- int capacity)
+ public DiscretionaryAcl (bool isContainer, bool isDS, int capacity)
+ : base (isContainer, isDS, capacity)
{
- throw new NotImplementedException ();
}
- public DiscretionaryAcl (bool isContainer, bool isDS,
- RawAcl rawAcl)
+ public DiscretionaryAcl (bool isContainer, bool isDS, RawAcl rawAcl)
+ : base (isContainer, isDS, rawAcl)
{
- throw new NotImplementedException ();
}
- public DiscretionaryAcl (bool isContainer, bool isDS,
- byte revision, int capacity)
+ public DiscretionaryAcl (bool isContainer, bool isDS, byte revision, int capacity)
+ : base (isContainer, isDS, revision, capacity)
{
- throw new NotImplementedException ();
}
-
+
public void AddAccess (AccessControlType accessType,
SecurityIdentifier sid, int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
- throw new NotImplementedException ();
+ AddAce (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None);
}
public void AddAccess (AccessControlType accessType,
Guid objectType,
Guid inheritedObjectType)
{
- throw new NotImplementedException ();
+ AddAce (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None,
+ objectFlags, objectType, inheritedObjectType);
}
+ [MonoTODO]
public bool RemoveAccess (AccessControlType accessType,
SecurityIdentifier sid,
int accessMask,
throw new NotImplementedException ();
}
+ [MonoTODO]
public bool RemoveAccess (AccessControlType accessType,
SecurityIdentifier sid,
int accessMask,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
- throw new NotImplementedException ();
+ RemoveAceSpecific (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None);
}
public void RemoveAccessSpecific (AccessControlType accessType,
Guid objectType,
Guid inheritedObjectType)
{
- throw new NotImplementedException ();
+ RemoveAceSpecific (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None,
+ objectFlags, objectType, inheritedObjectType);
}
public void SetAccess (AccessControlType accessType,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags)
{
- throw new NotImplementedException ();
+ SetAce (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None);
}
public void SetAccess (AccessControlType accessType,
Guid objectType,
Guid inheritedObjectType)
{
- throw new NotImplementedException ();
+ SetAce (GetAceQualifier (accessType), sid, accessMask,
+ inheritanceFlags, propagationFlags, AuditFlags.None,
+ objectFlags, objectType, inheritedObjectType);
+ }
+
+ internal override void ApplyCanonicalSortToExplicitAces ()
+ {
+ int explicitCount = GetCanonicalExplicitAceCount ();
+ int explicitDenys = GetCanonicalExplicitDenyAceCount ();
+
+ ApplyCanonicalSortToExplicitAces (0, explicitDenys);
+ ApplyCanonicalSortToExplicitAces (explicitDenys, explicitCount - explicitDenys);
+ }
+
+ internal override int GetAceInsertPosition (AceQualifier aceQualifier)
+ {
+ // Canonical order for DACLs is explicit deny, explicit allow, inherited.
+ if (AceQualifier.AccessAllowed == aceQualifier)
+ return GetCanonicalExplicitDenyAceCount ();
+ else
+ return 0;
+ }
+
+ static AceQualifier GetAceQualifier (AccessControlType accessType)
+ {
+ if (AccessControlType.Allow == accessType)
+ return AceQualifier.AccessAllowed;
+ else if (AccessControlType.Deny == accessType)
+ return AceQualifier.AccessDenied;
+ else
+ throw new ArgumentOutOfRangeException ("accessType");
+ }
+
+ internal override bool IsAceMeaningless (GenericAce ace)
+ {
+ if (base.IsAceMeaningless (ace)) return true;
+ if (AuditFlags.None != ace.AuditFlags) return true;
+
+ QualifiedAce qace = ace as QualifiedAce;
+ if (null != qace) {
+ if (!(AceQualifier.AccessAllowed == qace.AceQualifier ||
+ AceQualifier.AccessDenied == qace.AceQualifier)) return true;
+ }
+
+ return false;
}
}
}
-#endif