/*++ Copyright (c) 1992 Microsoft Corporation Module Name: convnode.hxx Abstract: This module contains declarations for the ACL_CONVERT_NODE class, which models the nodes in the ACL Conversion tree. This class is used to handle the conversion of Lanman 2.x ACL's to NT ACL's. It uses a tree structure to bridge the different inheritance schemes. Under Lanman, all ACE's are inherited--thus, applying a new ACE to an existing directory implicitly applies that ACE to all its descendants. Under NT, this is not the case. Thus, it's necessary to create ACEs for all the descendants. Author: Bill McJohn (billmc) 09-Feb-1992 Revision History: --*/ #if !defined (_ACL_CONVERT_NODE_DEFN_) #define _ACL_CONVERT_NODE_DEFN_ #include "list.hxx" #include "listit.hxx" #include "string.hxx" #include "wstring.hxx" #include "backacc.hxx" #include "logfile.hxx" typedef struct _INHERITANCE_BUFFER { PVOID RecessiveDeniedAces; ULONG RecessiveDeniedMaxLength; ULONG RecessiveDeniedLength; PVOID DominantDeniedAces; ULONG DominantDeniedMaxLength; ULONG DominantDeniedLength; PVOID RecessiveAllowedAces; ULONG RecessiveAllowedMaxLength; ULONG RecessiveAllowedLength; PVOID DominantAllowedAces; ULONG DominantAllowedMaxLength; ULONG DominantAllowedLength; }; DEFINE_TYPE( _INHERITANCE_BUFFER, INHERITANCE_BUFFER ); CONST SecurityDescriptorBufferSize = 8192; CONST AclBufferSize = 8192; CONST SystemAceBufferSize = 1024; DECLARE_CLASS( ACL_CONVERT_NODE ); DECLARE_CLASS( ACLCONV ); class ACL_CONVERT_NODE : public OBJECT { public: DECLARE_CONSTRUCTOR( ACL_CONVERT_NODE ); VIRTUAL ~ACL_CONVERT_NODE( ); NONVIRTUAL BOOLEAN Initialize( IN PCWSTRING ComponentName, IN BOOLEAN IsTransient DEFAULT FALSE ); NONVIRTUAL BOOLEAN AddLanmanAcl( IN ULONG AccessEntryCount, IN PLM_ACCESS_LIST AccessEntries, IN USHORT AuditInfo ); NONVIRTUAL PWSTRING GetName( ); NONVIRTUAL PACL_CONVERT_NODE GetChild( IN PCWSTRING SearchName ); NONVIRTUAL PACL_CONVERT_NODE AddChild( IN PCWSTRING ChildComponentName, IN BOOLEAN IsTransient DEFAULT FALSE ); NONVIRTUAL BOOLEAN Convert( IN OUT PPATH CurrentPath, IN OUT PCINHERITANCE_BUFFER InheritanceBuffer, IN OUT PACLCONV AclConv ); NONVIRTUAL BOOLEAN QueryInheritance( IN PACLCONV AclConv, IN OUT PINHERITANCE_BUFFER Inheritance, IN BOOLEAN IsDir ); NONVIRTUAL ACE_CONVERT_CODE ConvertOneAce( IN PACLCONV AclConv, IN OUT PINHERITANCE_BUFFER InheritanceBuffer, IN PLM_ACCESS_LIST AccessEntry, IN BOOLEAN IsDir ); NONVIRTUAL BOOLEAN AddAces( IN PCPATH ResourceName, IN PCINHERITANCE_BUFFER InheritanceBuffer, IN BOOLEAN IsDir, IN BOOLEAN ByDefault ); NONVIRTUAL VOID Dump( IN PPATH ParentPath OPTIONAL ); NONVIRTUAL BOOLEAN IsTransient( ); NONVIRTUAL BOOLEAN ExpandChildren( PFSN_DIRECTORY DirFsn ); private: NONVIRTUAL VOID Construct(); NONVIRTUAL VOID Destroy(); DSTRING _ComponentName; BOOLEAN _LanmanAclPresent; BOOLEAN _IsTransient; ULONG _AccessEntryCount; PLM_ACCESS_LIST _AccessEntries; PULONG _AceConversionResults; USHORT _AuditInfo; LIST _Children; PITERATOR _ChildIterator; ACCESS_MASK _DirSuccessfulAuditMask; ACCESS_MASK _DirFailedAuditMask; ACCESS_MASK _FileSuccessfulAuditMask; ACCESS_MASK _FileFailedAuditMask; STATIC BYTE _SelfRelativeSDBuffer[ SecurityDescriptorBufferSize ]; STATIC BYTE _AbsoluteSDBuffer[ SecurityDescriptorBufferSize ]; STATIC BYTE _AclWorkBuffer[ AclBufferSize ]; STATIC BYTE _DaclBuffer[ AclBufferSize ]; STATIC BYTE _SaclBuffer[ AclBufferSize ]; STATIC BYTE _SystemAces[ SystemAceBufferSize ]; }; INLINE PWSTRING ACL_CONVERT_NODE::GetName( ) /*++ Routine Description: This method fetches the component name. Arguments: None. Return Value: A pointer to the component name. --*/ { return( &_ComponentName ); } INLINE BOOLEAN ACL_CONVERT_NODE::IsTransient( ) /*++ Routine Description: This method determines whether the node is transient, ie. should be deleted immediately after conversion. Arguments: None. Return Value: TRUE if the node is transient; FALSE if not. --*/ { return _IsTransient; } #endif