sean-m
/
Vanara
mirror of https://github.com/dahall/Vanara.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Changed OBJECTS_AND_SID.pSid to PSID type and cleaned AccCtrl.cs

pull/328/head
dahall 2022-07-22 07:41:49 -06:00
parent a16440036f
commit 666392b2e5
1 changed files with 875 additions and 937 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

292
PInvoke/Security/AdvApi32/AccCtrl.cs
View File

@ -3,15 +3,15 @@ using System.Runtime.InteropServices;
using Vanara.Extensions;
using Vanara.InteropServices;
namespace Vanara.PInvoke
namespace Vanara.PInvoke;
public static partial class AdvApi32
{
public static partial class AdvApi32
{
/// <summary>
/// <para>
/// The <c>ACCESS_MODE</c> enumeration contains values that indicate how the access rights in an EXPLICIT_ACCESS structure apply to
/// the trustee. Functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl use these values to set or retrieve information in
/// an access control entry (ACE).
/// The <c>ACCESS_MODE</c> enumeration contains values that indicate how the access rights in an EXPLICIT_ACCESS structure apply to the
/// trustee. Functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl use these values to set or retrieve information in an access
/// control entry (ACE).
/// </para>
/// </summary>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ne-accctrl-_access_mode typedef enum _ACCESS_MODE { NOT_USED_ACCESS,
@ -23,8 +23,8 @@ namespace Vanara.PInvoke
NOT_USED_ACCESS,
/// <summary>
/// Indicates an ACCESS_ALLOWED_ACE structure. The new ACE combines the specified rights with any existing allowed or denied
/// rights of the trustee.
/// Indicates an ACCESS_ALLOWED_ACE structure. The new ACE combines the specified rights with any existing allowed or denied rights
/// of the trustee.
/// </summary>
GRANT_ACCESS,
@ -40,21 +40,17 @@ namespace Vanara.PInvoke
/// </summary>
DENY_ACCESS,
/// <summary>
/// Indicates that all existing ACCESS_ALLOWED_ACE or SYSTEM_AUDIT_ACE structures for the specified trustee are removed.
/// </summary>
/// <summary>Indicates that all existing ACCESS_ALLOWED_ACE or SYSTEM_AUDIT_ACE structures for the specified trustee are removed.</summary>
REVOKE_ACCESS,
/// <summary>
/// Indicates a SYSTEM_AUDIT_ACEstructure that generates audit messages for successful attempts to use the specified access
/// rights. On input, this value combines the specified rights with any existing audited access rights for the trustee.
/// Indicates a SYSTEM_AUDIT_ACEstructure that generates audit messages for successful attempts to use the specified access rights.
/// On input, this value combines the specified rights with any existing audited access rights for the trustee.
/// </summary>
SET_AUDIT_SUCCESS,
}
/// <summary>
/// Indicates how the access rights specified by the <c>Access</c> and <c>ProvSpecificAccess</c> members apply to the trustee.
/// </summary>
/// <summary>Indicates how the access rights specified by the <c>Access</c> and <c>ProvSpecificAccess</c> members apply to the trustee.</summary>
[PInvokeData("accctrl.h", MSDNShortId = "bcb2ad72-7b00-4582-b05e-e00720a4db77")]
[Flags]
public enum ACTRL_ACCESS_FLAGS : uint
@ -82,16 +78,14 @@ namespace Vanara.PInvoke
}
/// <summary>
/// A set of bit flags that determine whether other containers or objects can inherit the ACE from the primary object to which the
/// ACL is attached. The value of this member corresponds to the inheritance portion (low-order byte) of the AceFlags member of the
/// ACE_HEADER structure.
/// A set of bit flags that determine whether other containers or objects can inherit the ACE from the primary object to which the ACL is
/// attached. The value of this member corresponds to the inheritance portion (low-order byte) of the AceFlags member of the ACE_HEADER structure.
/// </summary>
[Flags]
public enum INHERIT_FLAGS : uint
{
/// <summary>
/// The specific access permissions will only be applied to the container, and will not be inherited by objects created within
/// the container.
/// The specific access permissions will only be applied to the container, and will not be inherited by objects created within the container.
/// </summary>
NO_INHERITANCE = 0,
@ -112,8 +106,8 @@ namespace Vanara.PInvoke
SUB_CONTAINERS_ONLY_INHERIT = CONTAINER_INHERIT_ACE,
/// <summary>
/// Both containers and noncontainer objects that are contained by the primary object inherit the ACE. This flag corresponds to
/// the combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// Both containers and noncontainer objects that are contained by the primary object inherit the ACE. This flag corresponds to the
/// combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// </summary>
SUB_CONTAINERS_AND_OBJECTS_INHERIT = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
@ -121,14 +115,14 @@ namespace Vanara.PInvoke
NO_PROPAGATE_INHERIT_ACE = 4,
/// <summary>
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object
/// inherit the entry.
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object inherit
/// the entry.
/// </summary>
INHERIT_ONLY_ACE = 8,
/// <summary>
/// The ACE is inherited. Operations that change the security on a tree of objects may modify inherited ACEs without changing
/// ACEs that were directly applied to the object.
/// The ACE is inherited. Operations that change the security on a tree of objects may modify inherited ACEs without changing ACEs
/// that were directly applied to the object.
/// </summary>
INHERITED_ACE = 0x10,
@ -158,21 +152,21 @@ namespace Vanara.PInvoke
NO_MULTIPLE_TRUSTEE,
/// <summary>
/// The trustee is an impersonation trustee. The pMultipleTrustee member of the TRUSTEE structure points to a trustee for a
/// server that can impersonate the client trustee.
/// The trustee is an impersonation trustee. The pMultipleTrustee member of the TRUSTEE structure points to a trustee for a server
/// that can impersonate the client trustee.
/// </summary>
TRUSTEE_IS_IMPERSONATE
}
/// <summary>
/// <para>
/// The <c>PROG_INVOKE_SETTING</c> enumeration indicates the initial setting of the function used to track the progress of a call to
/// the TreeSetNamedSecurityInfo or TreeResetNamedSecurityInfo function.
/// The <c>PROG_INVOKE_SETTING</c> enumeration indicates the initial setting of the function used to track the progress of a call to the
/// TreeSetNamedSecurityInfo or TreeResetNamedSecurityInfo function.
/// </para>
/// </summary>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ne-accctrl-_progress_invoke_setting typedef enum
// _PROGRESS_INVOKE_SETTING { ProgressInvokeNever, ProgressInvokeEveryObject, ProgressInvokeOnError, ProgressCancelOperation,
// ProgressRetryOperation, ProgressInvokePrePostError } PROG_INVOKE_SETTING, *PPROG_INVOKE_SETTING;
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ne-accctrl-_progress_invoke_setting typedef enum _PROGRESS_INVOKE_SETTING
// { ProgressInvokeNever, ProgressInvokeEveryObject, ProgressInvokeOnError, ProgressCancelOperation, ProgressRetryOperation,
// ProgressInvokePrePostError } PROG_INVOKE_SETTING, *PPROG_INVOKE_SETTING;
[PInvokeData("accctrl.h", MSDNShortId = "3eee30d6-7d9d-468f-b6ba-e172da523169")]
public enum PROG_INVOKE_SETTING
{
@ -196,9 +190,9 @@ namespace Vanara.PInvoke
}
/// <summary>
/// The SE_OBJECT_TYPE enumeration contains values that correspond to the types of Windows objects that support security. The
/// functions, such as GetSecurityInfo and SetSecurityInfo, that set and retrieve the security information of an object, use these
/// values to indicate the type of object.
/// The SE_OBJECT_TYPE enumeration contains values that correspond to the types of Windows objects that support security. The functions,
/// such as GetSecurityInfo and SetSecurityInfo, that set and retrieve the security information of an object, use these values to
/// indicate the type of object.
/// </summary>
[PInvokeData("AccCtrl.h", MSDNShortId = "aa379593")]
public enum SE_OBJECT_TYPE
@ -220,9 +214,7 @@ namespace Vanara.PInvoke
/// </summary>
SE_SERVICE,
/// <summary>
/// Indicates a printer. A printer object can be a local printer, such as PrinterName, or a remote printer, such as \\ComputerName\PrinterName.
/// </summary>
/// <summary>Indicates a printer. A printer object can be a local printer, such as PrinterName, or a remote printer, such as \\ComputerName\PrinterName.</summary>
SE_PRINTER,
/// <summary>
@ -246,14 +238,14 @@ namespace Vanara.PInvoke
SE_KERNEL_OBJECT,
/// <summary>
/// Indicates a window station or desktop object on the local computer. You cannot use GetNamedSecurityInfo and
/// SetNamedSecurityInfo with these objects because the names of window stations or desktops are not unique.
/// Indicates a window station or desktop object on the local computer. You cannot use GetNamedSecurityInfo and SetNamedSecurityInfo
/// with these objects because the names of window stations or desktops are not unique.
/// </summary>
SE_WINDOW_OBJECT,
/// <summary>
/// Indicates a directory service object or a property set or property of a directory service object. The name string for a
/// directory service object must be in X.500 form, for example:
/// Indicates a directory service object or a property set or property of a directory service object. The name string for a directory
/// service object must be in X.500 form, for example:
/// <para>CN=SomeObject,OU=ou2,OU=ou1,DC=DomainName,DC=CompanyName,DC=com,O=internet</para>
/// </summary>
SE_DS_OBJECT,
@ -335,10 +327,8 @@ namespace Vanara.PInvoke
}
/// <summary>
/// <para>
/// Contains access-control information for a specified trustee. This structure stores information equivalent to the access-control
/// information stored in an ACE.
/// </para>
/// </summary>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_actrl_access_entrya typedef struct _ACTRL_ACCESS_ENTRYA {
// TRUSTEE_A Trustee; ULONG fAccessFlags; ACCESS_RIGHTS Access; ACCESS_RIGHTS ProvSpecificAccess; INHERIT_FLAGS Inheritance; LPSTR
@ -348,17 +338,15 @@ namespace Vanara.PInvoke
public struct ACTRL_ACCESS_ENTRY
{
/// <summary>
/// <para>
/// A TRUSTEE structure that identifies the user, group, or program (such as a service) to which the access-control entry applies.
/// </para>
/// </summary>
public TRUSTEE Trustee;
/// <summary>
/// <para>
/// Indicates how the access rights specified by the <c>Access</c> and <c>ProvSpecificAccess</c> members apply to the trustee.
/// This member can be one of the following values. If you are using this structure with the COM implementation of
/// IAccessControl, this member must be ACTRL_ACCESS_ALLOWED or ACTRL_ACCESS_DENIED.
/// Indicates how the access rights specified by the <c>Access</c> and <c>ProvSpecificAccess</c> members apply to the trustee. This
/// member can be one of the following values. If you are using this structure with the COM implementation of IAccessControl, this
/// member must be ACTRL_ACCESS_ALLOWED or ACTRL_ACCESS_DENIED.
/// </para>
/// <list type="table">
/// <listheader>
@ -389,8 +377,7 @@ namespace Vanara.PInvoke
/// <para>A bitmask that specifies the access rights that the entry allows, denies, or audits for the trustee.</para>
/// <para>
/// This member must use the provider-independent access flags, such as ACTRL_READ_CONTROL, rather than access flags such as
/// READ_CONTROL. The provider for the object type converts these provider-independent flags to the corresponding
/// provider-specific flags.
/// READ_CONTROL. The provider for the object type converts these provider-independent flags to the corresponding provider-specific flags.
/// </para>
/// <para>If you are using this structure with the COM implementation of IAccessControl, this member must be COM_RIGHTS_EXECUTE.</para>
/// <para>ACTRL_SYSTEM_ACCESS</para>
@ -410,19 +397,17 @@ namespace Vanara.PInvoke
public uint Access;
/// <summary>
/// <para>
/// A bitmask that specifies access rights specific to the provider type. The functions that use the <c>ACTRL_ACCESS_ENTRY</c>
/// structure pass these bits on to the provider without interpreting them. In most cases, this member should be 0.
/// </para>
/// </summary>
public uint ProvSpecificAccess;
/// <summary>
/// <para>
/// A set of bit flags that determines whether other containers or objects can inherit the access-control entry from the primary
/// object to which the access list is attached. If you are using this structure with the COM implementation of IAccessControl,
/// this value must be NO_INHERITANCE, which indicates that the access-control entry is not inheritable. Otherwise, this value
/// can be NO_INHERITANCE or it can be a combination of the following values.
/// object to which the access list is attached. If you are using this structure with the COM implementation of IAccessControl, this
/// value must be NO_INHERITANCE, which indicates that the access-control entry is not inheritable. Otherwise, this value can be
/// NO_INHERITANCE or it can be a combination of the following values.
/// </para>
/// <list type="table">
/// <listheader>
@ -436,8 +421,8 @@ namespace Vanara.PInvoke
/// <item>
/// <term>INHERIT_ONLY_ACE 0x8</term>
/// <term>
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object
/// inherit the entry.
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object inherit
/// the entry.
/// </term>
/// </item>
/// <item>
@ -451,15 +436,14 @@ namespace Vanara.PInvoke
/// <item>
/// <term>SUB_CONTAINERS_AND_OBJECTS_INHERIT 0x3</term>
/// <term>
/// Both containers and noncontainer objects that are contained by the primary object inherit the entry. This flag corresponds to
/// the combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// Both containers and noncontainer objects that are contained by the primary object inherit the entry. This flag corresponds to the
/// combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// </term>
/// </item>
/// <item>
/// <term>SUB_CONTAINERS_ONLY_INHERIT 0x2</term>
/// <term>
/// Other containers that are contained by the primary object inherit the entry. This flag corresponds to the
/// CONTAINER_INHERIT_ACE flag.
/// Other containers that are contained by the primary object inherit the entry. This flag corresponds to the CONTAINER_INHERIT_ACE flag.
/// </term>
/// </item>
/// <item>
@ -473,17 +457,13 @@ namespace Vanara.PInvoke
public INHERIT_FLAGS Inheritance;
/// <summary>
/// <para>
/// A pointer to a null-terminated string that identifies the object types that can inherit the entry. If you are using this
/// structure with the COM implementation of IAccessControl, this member must be <c>NULL</c>.
/// </para>
/// </summary>
public string lpInheritProperty;
}
/// <summary>
/// <para>Contains a list of access entries.</para>
/// </summary>
/// <summary>Contains a list of access entries.</summary>
/// <remarks>
/// <para>
/// To create an empty access list, set <c>cEntries</c> to zero and <c>pAccessList</c> to <c>NULL</c>. An empty list does not grant
@ -500,48 +480,34 @@ namespace Vanara.PInvoke
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
public struct ACTRL_ACCESS_ENTRY_LIST
{
/// <summary>
/// <para>The number of entries in the <c>pAccessList</c> array.</para>
/// </summary>
/// <summary>The number of entries in the <c>pAccessList</c> array.</summary>
public uint cEntries;
/// <summary>
/// <para>
/// A pointer to an array of ACTRL_ACCESS_ENTRY structures. Each structure specifies access-control information for a specified trustee.
/// </para>
/// </summary>
public IntPtr pAccessList;
}
/// <summary>
/// <para>Contains an array of access-control lists for an object and its properties.</para>
/// </summary>
/// <remarks>
/// <para>Note the following type definition.</para>
/// </remarks>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_actrl_alista typedef struct _ACTRL_ALISTA { ULONG
// cEntries; PACTRL_PROPERTY_ENTRYA pPropertyAccessList; } ACTRL_ACCESSA, *PACTRL_ACCESSA, ACTRL_AUDITA, *PACTRL_AUDITA;
/// <summary>Contains an array of access-control lists for an object and its properties.</summary>
/// <remarks>Note the following type definition.</remarks>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_actrl_alista typedef struct _ACTRL_ALISTA { ULONG cEntries;
// PACTRL_PROPERTY_ENTRYA pPropertyAccessList; } ACTRL_ACCESSA, *PACTRL_ACCESSA, ACTRL_AUDITA, *PACTRL_AUDITA;
[PInvokeData("accctrl.h", MSDNShortId = "d7fb10c1-ebb8-44cf-b61c-a70a787b324f")]
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
public struct ACTRL_ALIST
{
/// <summary>
/// <para>The number of entries in the <c>pPropertyAccessList</c> array.</para>
/// </summary>
/// <summary>The number of entries in the <c>pPropertyAccessList</c> array.</summary>
public uint cEntries;
/// <summary>
/// <para>
/// An array of ACTRL_PROPERTY_ENTRY structures. Each structure contains a list of access-control entries for an object or a
/// specified property on the object.
/// </para>
/// </summary>
public IntPtr pPropertyAccessList;
}
/// <summary>
/// <para>Contains a list of access-control entries for an object or a specified property on an object.</para>
/// </summary>
/// <summary>Contains a list of access-control entries for an object or a specified property on an object.</summary>
/// <remarks>
/// <para>
/// To create an <c>ACTRL_PROPERTY_ENTRY</c> structure that grants everyone full access to an object, set the <c>pAccessEntryList</c>
@ -552,22 +518,18 @@ namespace Vanara.PInvoke
/// point to an ACTRL_ACCESS_ENTRY_LIST structure whose <c>cEntries</c> member is 0 and <c>pAccessList</c> member is <c>NULL</c>.
/// </para>
/// </remarks>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_actrl_property_entrya typedef struct
// _ACTRL_PROPERTY_ENTRYA { LPSTR lpProperty; PACTRL_ACCESS_ENTRY_LISTA pAccessEntryList; ULONG fListFlags; } ACTRL_PROPERTY_ENTRYA, *PACTRL_PROPERTY_ENTRYA;
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_actrl_property_entrya typedef struct _ACTRL_PROPERTY_ENTRYA {
// LPSTR lpProperty; PACTRL_ACCESS_ENTRY_LISTA pAccessEntryList; ULONG fListFlags; } ACTRL_PROPERTY_ENTRYA, *PACTRL_PROPERTY_ENTRYA;
[PInvokeData("accctrl.h", MSDNShortId = "90b13dd1-0ca6-4674-b9fa-a61aed4637d7")]
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
public struct ACTRL_PROPERTY_ENTRY
{
/// <summary>
/// <para>
/// The GUID of a property on an object. Use the UuidToString function to generate a string representation of a property GUID.
/// </para>
/// </summary>
public string lpProperty;
/// <summary>
/// <para>A pointer to an ACTRL_ACCESS_ENTRY_LIST structure that contains a list of access-control entries.</para>
/// </summary>
/// <summary>A pointer to an ACTRL_ACCESS_ENTRY_LIST structure that contains a list of access-control entries.</summary>
public IntPtr pAccessEntryList;
/// <summary>
@ -587,43 +549,37 @@ namespace Vanara.PInvoke
}
/// <summary>
/// <para>
/// The <c>EXPLICIT_ACCESS</c> structure defines access control information for a specified trustee. Access control functions, such
/// as SetEntriesInAcl and GetExplicitEntriesFromAcl, use this structure to describe the information in an access control entry(ACE)
/// of an access control list (ACL).
/// </para>
/// The <c>EXPLICIT_ACCESS</c> structure defines access control information for a specified trustee. Access control functions, such as
/// SetEntriesInAcl and GetExplicitEntriesFromAcl, use this structure to describe the information in an access control entry(ACE) of an
/// access control list (ACL).
/// </summary>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_explicit_access_a typedef struct _EXPLICIT_ACCESS_A {
// DWORD grfAccessPermissions; ACCESS_MODE grfAccessMode; DWORD grfInheritance; TRUSTEE_A Trustee; } EXPLICIT_ACCESS_A,
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_explicit_access_a typedef struct _EXPLICIT_ACCESS_A { DWORD
// grfAccessPermissions; ACCESS_MODE grfAccessMode; DWORD grfInheritance; TRUSTEE_A Trustee; } EXPLICIT_ACCESS_A,
// *PEXPLICIT_ACCESS_A, EXPLICIT_ACCESSA, *PEXPLICIT_ACCESSA;
[PInvokeData("accctrl.h", MSDNShortId = "6fe09542-10dd-439c-adf8-a4e06943ddb2")]
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
public struct EXPLICIT_ACCESS
{
/// <summary>
/// <para>
/// A set of bit flags that use the ACCESS_MASK format to specify the access rights that an ACE allows, denies, or audits for the
/// trustee. The functions that use the <c>EXPLICIT_ACCESS</c> structure do not convert, interpret, or validate the bits in this mask.
/// </para>
/// </summary>
public ACCESS_MASK grfAccessPermissions;
/// <summary>
/// <para>
/// A value from the ACCESS_MODE enumeration. For a discretionary access control list (DACL), this flag indicates whether the ACL
/// allows or denies the specified access rights. For a system access control list (SACL), this flag indicates whether the ACL
/// generates audit messages for successful attempts to use the specified access rights, or failed attempts, or both. When
/// modifying an existing ACL, you can specify the REVOKE_ACCESS flag to remove any existing ACEs for the specified trustee.
/// </para>
/// generates audit messages for successful attempts to use the specified access rights, or failed attempts, or both. When modifying
/// an existing ACL, you can specify the REVOKE_ACCESS flag to remove any existing ACEs for the specified trustee.
/// </summary>
public ACCESS_MODE grfAccessMode;
/// <summary>
/// <para>
/// A set of bit flags that determines whether other containers or objects can inherit the ACE from the primary object to which
/// the ACL is attached. The value of this member corresponds to the inheritance portion (low-order byte) of the <c>AceFlags</c>
/// member of the ACE_HEADER structure. This parameter can be NO_INHERITANCE to indicate that the ACE is not inheritable; or it
/// can be a combination of the following values.
/// A set of bit flags that determines whether other containers or objects can inherit the ACE from the primary object to which the
/// ACL is attached. The value of this member corresponds to the inheritance portion (low-order byte) of the <c>AceFlags</c> member
/// of the ACE_HEADER structure. This parameter can be NO_INHERITANCE to indicate that the ACE is not inheritable; or it can be a
/// combination of the following values.
/// </para>
/// <list type="table">
/// <listheader>
@ -645,8 +601,8 @@ namespace Vanara.PInvoke
/// <item>
/// <term>INHERIT_ONLY_ACE</term>
/// <term>
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object
/// inherit the ACE.
/// The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object inherit
/// the ACE.
/// </term>
/// </item>
/// <item>
@ -664,8 +620,8 @@ namespace Vanara.PInvoke
/// <item>
/// <term>SUB_CONTAINERS_AND_OBJECTS_INHERIT</term>
/// <term>
/// Both containers and noncontainer objects that are contained by the primary object inherit the ACE. This flag corresponds to
/// the combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// Both containers and noncontainer objects that are contained by the primary object inherit the ACE. This flag corresponds to the
/// combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.
/// </term>
/// </item>
/// <item>
@ -676,17 +632,13 @@ namespace Vanara.PInvoke
/// </item>
/// <item>
/// <term>SUB_OBJECTS_ONLY_INHERIT</term>
/// <term>
/// Noncontainer objects contained by the primary object inherit the ACE. This flag corresponds to the OBJECT_INHERIT_ACE flag.
/// </term>
/// <term>Noncontainer objects contained by the primary object inherit the ACE. This flag corresponds to the OBJECT_INHERIT_ACE flag.</term>
/// </item>
/// </list>
/// </summary>
public INHERIT_FLAGS grfInheritance;
/// <summary>
/// <para>A TRUSTEE structure that identifies the user, group, or program (such as a Windows service) to which the ACE applies.</para>
/// </summary>
/// <summary>A TRUSTEE structure that identifies the user, group, or program (such as a Windows service) to which the ACE applies.</summary>
public TRUSTEE Trustee;
}
@ -714,41 +666,36 @@ namespace Vanara.PInvoke
AncestorName = ancestorName;
}
/// <summary>Returns a <see cref="System.String"/> that represents this instance.</summary>
/// <returns>A <see cref="System.String"/> that represents this instance.</returns>
/// <summary>Returns a <see cref="string"/> that represents this instance.</summary>
/// <returns>A <see cref="string"/> that represents this instance.</returns>
public override string ToString() => $"{AncestorName} : 0x{GenerationGap:X}";
/// <summary>ACE is explicit.</summary>
public static readonly INHERITED_FROM Explicit = new INHERITED_FROM(0, null);
public static readonly INHERITED_FROM Explicit = new(0, null);
/// <summary>ACE inheritance cannot be determined.</summary>
public static readonly INHERITED_FROM Indeterminate = new INHERITED_FROM(-1, null);
public static readonly INHERITED_FROM Indeterminate = new(-1, null);
}
/// <summary>
/// <para>
/// The <c>OBJECTS_AND_NAME</c> structure contains a string that identifies a trustee by name and additional strings that identify
/// the object types of an object-specific access control entry (ACE).
/// </para>
/// The <c>OBJECTS_AND_NAME</c> structure contains a string that identifies a trustee by name and additional strings that identify the
/// object types of an object-specific access control entry (ACE).
/// </summary>
/// <remarks>
/// <para>
/// The <c>ptstrName</c> member of a TRUSTEE structure can be a pointer to an <c>OBJECTS_AND_NAME</c> structure. This enables
/// functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl to store object-specific ACE information in the <c>Trustee</c>
/// member of an EXPLICIT_ACCESS structure.
/// </para>
/// The <c>ptstrName</c> member of a TRUSTEE structure can be a pointer to an <c>OBJECTS_AND_NAME</c> structure. This enables functions
/// such as SetEntriesInAcl and GetExplicitEntriesFromAcl to store object-specific ACE information in the <c>Trustee</c> member of an
/// EXPLICIT_ACCESS structure.
/// </remarks>
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_objects_and_name_a typedef struct _OBJECTS_AND_NAME_A {
// DWORD ObjectsPresent; SE_OBJECT_TYPE ObjectType; LPSTR ObjectTypeName; LPSTR InheritedObjectTypeName; LPSTR ptstrName; }
// OBJECTS_AND_NAME_A, *POBJECTS_AND_NAME_A;
// https://docs.microsoft.com/en-us/windows/desktop/api/accctrl/ns-accctrl-_objects_and_name_a typedef struct _OBJECTS_AND_NAME_A { DWORD
// ObjectsPresent; SE_OBJECT_TYPE ObjectType; LPSTR ObjectTypeName; LPSTR InheritedObjectTypeName; LPSTR ptstrName; } OBJECTS_AND_NAME_A, *POBJECTS_AND_NAME_A;
[PInvokeData("accctrl.h", MSDNShortId = "ad91a302-f693-44e9-9655-ec4488ff78c4")]
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto, Pack = 4)]
public struct OBJECTS_AND_NAME
{
/// <summary>
/// <para>
/// Indicates whether the <c>ObjectTypeName</c> and <c>InheritedObjectTypeName</c> members contain strings. This parameter can be
/// a combination of the following values.
/// Indicates whether the <c>ObjectTypeName</c> and <c>InheritedObjectTypeName</c> members contain strings. This parameter can be a
/// combination of the following values.
/// </para>
/// <list type="table">
/// <listheader>
@ -767,9 +714,7 @@ namespace Vanara.PInvoke
/// </summary>
public AceObjectPresence ObjectsPresent;
/// <summary>
/// <para>Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object.</para>
/// </summary>
/// <summary>Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object.</summary>
public SE_OBJECT_TYPE ObjectType;
/// <summary>
@ -782,31 +727,27 @@ namespace Vanara.PInvoke
/// <para>A pointer to a null-terminated string that identifies the type of object that can inherit the ACE.</para>
/// <para>This string must be a valid LDAP display name in the Active Directory schema.</para>
/// <para>
/// If the ACE_INHERITED_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the
/// <c>InheritedObjectTypeName</c> member is ignored, and all types of child objects can inherit the ACE. Otherwise, only the
/// specified object type can inherit the ACE. In either case, inheritance is also controlled by the inheritance flags in the
/// ACE_HEADERstructure as well as by any protection against inheritance placed on the child objects.
/// If the ACE_INHERITED_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the <c>InheritedObjectTypeName</c>
/// member is ignored, and all types of child objects can inherit the ACE. Otherwise, only the specified object type can inherit the
/// ACE. In either case, inheritance is also controlled by the inheritance flags in the ACE_HEADERstructure as well as by any
/// protection against inheritance placed on the child objects.
/// </para>
/// </summary>
public StrPtrAuto InheritedObjectTypeName;
/// <summary>
/// <para>A pointer to a null-terminated string that contains the name of the trustee.</para>
/// </summary>
/// <summary>A pointer to a null-terminated string that contains the name of the trustee.</summary>
public StrPtrAuto ptstrName;
}
/// <summary>
/// <para>
/// The <c>OBJECTS_AND_SID</c> structure contains a security identifier (SID) that identifies a trustee and GUIDs that identify the
/// object types of an object-specific access control entry (ACE).
/// </para>
/// </summary>
/// <remarks>
/// <para>
/// The <c>ptstrName</c> member of a TRUSTEE structure can be a pointer to an <c>OBJECTS_AND_SID</c> structure. This enables
/// functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl to store object-specific ACE information in the <c>Trustee</c>
/// member of an EXPLICIT_ACCESS structure.
/// The <c>ptstrName</c> member of a TRUSTEE structure can be a pointer to an <c>OBJECTS_AND_SID</c> structure. This enables functions
/// such as SetEntriesInAcl and GetExplicitEntriesFromAcl to store object-specific ACE information in the <c>Trustee</c> member of an
/// EXPLICIT_ACCESS structure.
/// </para>
/// <para>
/// When you use this structure in a call to SetEntriesInAcl, <c>ObjectTypeGuid</c> and <c>InheritedObjectTypeGuid</c> must be valid
@ -843,40 +784,38 @@ namespace Vanara.PInvoke
/// <summary>
/// <para>
/// A GUID structure that identifies the type of object, property set, or property protected by the ACE. If this ACE is
/// inherited, the GUID identifies the type of object, property set, or property protected by the inherited ACE. This GUID must
/// be a valid schema identifier in the Active Directory schema.
/// A GUID structure that identifies the type of object, property set, or property protected by the ACE. If this ACE is inherited,
/// the GUID identifies the type of object, property set, or property protected by the inherited ACE. This GUID must be a valid
/// schema identifier in the Active Directory schema.
/// </para>
/// <para>
/// If the ACE_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the <c>ObjectTypeGuid</c> member is
/// ignored, and the ACE protects the object to which the ACL is assigned.
/// If the ACE_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the <c>ObjectTypeGuid</c> member is ignored,
/// and the ACE protects the object to which the ACL is assigned.
/// </para>
/// </summary>
public Guid ObjectTypeGuid;
/// <summary>
/// <para>
/// A GUID structure that identifies the type of object that can inherit the ACE. This GUID must be a valid schema identifier in
/// the Active Directory schema.
/// A GUID structure that identifies the type of object that can inherit the ACE. This GUID must be a valid schema identifier in the
/// Active Directory schema.
/// </para>
/// <para>
/// If the ACE_INHERITED_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the
/// <c>InheritedObjectTypeGuid</c> member is ignored, and all types of child objects can inherit the ACE. Otherwise, only the
/// specified object type can inherit the ACE. In either case, inheritance is also controlled by the inheritance flags in the
/// ACE_HEADERstructure as well as by any protection against inheritance placed on the child objects.
/// If the ACE_INHERITED_OBJECT_TYPE_PRESENT bit is not set in the <c>ObjectsPresent</c> member, the <c>InheritedObjectTypeGuid</c>
/// member is ignored, and all types of child objects can inherit the ACE. Otherwise, only the specified object type can inherit the
/// ACE. In either case, inheritance is also controlled by the inheritance flags in the ACE_HEADERstructure as well as by any
/// protection against inheritance placed on the child objects.
/// </para>
/// </summary>
public Guid InheritedObjectTypeGuid;
/// <summary>
/// <para>A pointer to the SID of the trustee to whom the ACE applies.</para>
/// </summary>
public IntPtr pSid;
/// <summary>A pointer to the SID of the trustee to whom the ACE applies.</summary>
public PSID pSid;
}
/// <summary>
/// The TRUSTEE structure identifies the user account, group account, or logon session to which an access control entry (ACE)
/// applies. The structure can use a name or a security identifier (SID) to identify the trustee.
/// The TRUSTEE structure identifies the user account, group account, or logon session to which an access control entry (ACE) applies.
/// The structure can use a name or a security identifier (SID) to identify the trustee.
/// <para>
/// Access control functions, such as SetEntriesInAcl and GetExplicitEntriesFromAcl, use this structure to identify the logon account
/// associated with the access control or audit control information in an EXPLICIT_ACCESS structure.
@ -905,8 +844,8 @@ namespace Vanara.PInvoke
public TRUSTEE_TYPE TrusteeType;
/// <summary>
/// A pointer to a buffer that identifies the trustee and, optionally, contains information about object-specific ACEs. The type
/// of data depends on the value of the TrusteeForm member. This member can be one of the following values.
/// A pointer to a buffer that identifies the trustee and, optionally, contains information about object-specific ACEs. The type of
/// data depends on the value of the TrusteeForm member. This member can be one of the following values.
/// <list type="table">
/// <listheader>
/// <term>Value</term>
@ -975,5 +914,4 @@ namespace Vanara.PInvoke
/// <value>The structure.</value>
public OBJECTS_AND_SID ObjectsAndSid => TrusteeForm == TRUSTEE_FORM.TRUSTEE_IS_OBJECTS_AND_SID ? ptstrName.ToStructure<OBJECTS_AND_SID>() : default;
}
}
}