📄 accctrl.inc
字号:
comment ^
Module Name:
accctrl.inc
Abstract:
common includes for new style Win32 Access Control APIs
Author:
Four-F (four-f@mail.ru)
Last Update:
25-November-2003
^
;#ifndef __ACCESS_CONTROL__
;#define __ACCESS_CONTROL__
;#define AccFree LocalFree
; Definition: TRUSTEE_TYPE
; This enumerated type specifies the type of trustee account for the trustee
; returned by the API described in this document.
; TRUSTEE_IS_UNKNOWN - The trustee is an unknown, but not necessarily invalid
; type. This field is not validated on input to the APIs
; that take Trustees.
; TRUSTEE_IS_USER The trustee account is a user account.
; TRUSTEE_IS_GROUP The trustee account is a group account.
;typedef enum _TRUSTEE_TYPE
TRUSTEE_IS_UNKNOWN equ 0
TRUSTEE_IS_USER equ 1
TRUSTEE_IS_GROUP equ 2
TRUSTEE_IS_DOMAIN equ 3
TRUSTEE_IS_ALIAS equ 4
TRUSTEE_IS_WELL_KNOWN_GROUP equ 5
TRUSTEE_IS_DELETED equ 6
TRUSTEE_IS_INVALID equ 7
; Definition: TRUSTEE_FORM
; This enumerated type specifies the form the trustee identifier is in for a
; particular trustee.
; TRUSTEE_IS_SID The trustee is identified with a SID rather than with a name.
; TRUSTEE_IS_NAME The trustee is identified with a name.
;typedef enum _TRUSTEE_FORM
TRUSTEE_IS_SID equ 0
TRUSTEE_IS_NAME equ 1
TRUSTEE_BAD_FORM equ 2
; Definition: MULTIPLE_TRUSTEE_OPERATION
; If the trustee is a multiple trustee, this enumerated type specifies the type.
; TRUSTEE_IS_IMPERSONATE The trustee is an impersonate trustee and the multiple
; trustee field in the trustee points to another trustee
; that is a trustee for the server that will be doing the
; impersonation.
;typedef enum _MULTIPLE_TRUSTEE_OPERATION
NO_MULTIPLE_TRUSTEE equ 0
TRUSTEE_IS_IMPERSONATE equ 1
; Definition: TRUSTEE
; This structure is used to pass account information into and out of the system
; using the API defined in this document.
; PMultipleTrustee - if NON-NULL, points to another trustee structure, as
; defined by the multiple trustee operation field.
; MultipleTrusteeOperation - Defines the multiple trustee operation/type.
; TrusteeForm - defines if the trustee is defined by name or SID.
; TrusteeType - defines if the trustee type is unknown, a user or a group.
; PwcsName - points to the trustee name or the trustee SID.
TRUSTEE_A STRUCT
pMultipleTrustee DWORD ? ; PTR TRUSTEE_A
MultipleTrusteeOperation DWORD ? ; MULTIPLE_TRUSTEE_OPERATION
TrusteeForm DWORD ? ; TRUSTEE_FORM
TrusteeType DWORD ? ; TRUSTEE_TYPE
union
ptstrName DWORD ? ; LPSTR
pSid DWORD ? ; PTR SID
ends
TRUSTEE_A ENDS
PTRUSTEE_A typedef ptr TRUSTEE_A
TRUSTEEA equ <TRUSTEE_A>
PTRUSTEEA typedef ptr TRUSTEE_A
TRUSTEE_W STRUCT
pMultipleTrustee DWORD ? ; PTR TRUSTEE_W
MultipleTrusteeOperation DWORD ? ; MULTIPLE_TRUSTEE_OPERATION
TrusteeForm DWORD ? ; TRUSTEE_FORM
TrusteeType DWORD ? ; TRUSTEE_TYPE
union
ptstrName DWORD ? ; LPWSTR
pSid DWORD ? ; PTR SID
ends
TRUSTEE_W ENDS
PTRUSTEE_W typedef ptr TRUSTEE_W
TRUSTEEW equ <TRUSTEE_W>
PTRUSTEEW typedef ptr TRUSTEE_W
IFDEF UNICODE
DEV_BROADCAST_PORT equ DEV_BROADCAST_PORT_W
PDEV_BROADCAST_PORT equ PDEV_BROADCAST_PORT_W
ELSE
DEV_BROADCAST_PORT equ DEV_BROADCAST_PORT_A
PDEV_BROADCAST_PORT equ PDEV_BROADCAST_PORT_A
ENDIF
IFDEF UNICODE
TRUSTEE_ equ <TRUSTEE_W>
PTRUSTEE_ equ PTRUSTEE_W
TRUSTEE equ <TRUSTEEW>
PTRUSTEE equ PTRUSTEEW
ELSE
TRUSTEE_ equ <TRUSTEE_A>
PTRUSTEE_ equ PTRUSTEE_A
TRUSTEE equ <TRUSTEEA>
PTRUSTEE equ PTRUSTEEA
ENDIF
; Definition: ACCESS_MODE
; This enumerated type specifies how permissions are (requested)/to be applied
; for the trustee by the access control entry. On input this field can by any
; of the values, although it is not meaningful to mix access control and audit
; control entries. On output this field will be either SET_ACCESS, DENY_ACCESS,
; SET_AUDIT_SUCCESS, SET_AUDIT_FAILURE.
; The following descriptions define how this type effects an explicit access
; request to apply access permissions to an object.
; GRANT_ACCESS - The trustee will have at least the requested permissions upon
; successful completion of the command. (If the trustee has
; additional permissions they will not be removed).
; SET_ACCESS - The trustee will have exactly the requested permissions upon
; successful completion of the command.
; DENY_ACCESS - The trustee will be denied the specified permissions.
; REVOKE_ACCESS - Any explicit access rights the trustee has will be revoked.
; SET_AUDIT_SUCCESS - The trustee will be audited for successful opens of the
; object using the requested permissions.
; SET_AUDIT_FAILURE - The trustee will be audited for failed opens of the object
; using the requested permissions.
;typedef enum _ACCESS_MODE
NOT_USED_ACCESS equ 0
GRANT_ACCESS equ 1
SET_ACCESS equ 2
DENY_ACCESS equ 3
REVOKE_ACCESS equ 4
SET_AUDIT_SUCCESS equ 5
SET_AUDIT_FAILURE equ 6
; Definition: Inheritance flags
; These bit masks are provided to allow simple application of inheritance in
; explicit access requests on containers.
; NO_INHERITANCE The specific access permissions will only be applied to
; the container, and will not be inherited by objects created
; within the container.
; SUB_CONTAINERS_ONLY_INHERIT The specific access permissions will be inherited
; and applied to sub containers created within the
; container, and will be applied to the container
; itself.
; SUB_OBJECTS_ONLY_INHERIT The specific access permissions will only be inherited
; by objects created within the specific container.
; The access permissions will not be applied to the
; container itself.
; SUB_CONTAINERS_AND_OBJECTS_INHERIT The specific access permissions will be
; inherited by containers created within the
; specific container, will be applied to
; objects created within the container, but
; will not be applied to the container itself.
NO_INHERITANCE equ 0
SUB_OBJECTS_ONLY_INHERIT equ 1
SUB_CONTAINERS_ONLY_INHERIT equ 2
SUB_CONTAINERS_AND_OBJECTS_INHERIT equ 3
INHERIT_NO_PROPAGATE equ 4
INHERIT_ONLY equ 8
; Informational bit that is returned
INHERITED_ACCESS_ENTRY equ 10h
; Informational bit that tells where a node was inherited from. Valid only
; for NT 5 APIs
INHERITED_PARENT equ 10000000h
INHERITED_GRANDPARENT equ 20000000h
; Definition:
; This enumerated type defines the objects supported by the get/set API within
; this document. See section 3.1, Object Types for a detailed definition of the
; supported object types, and their name formats.
;typedef enum _SE_OBJECT_TYPE
SE_UNKNOWN_OBJECT_TYPE equ 0
SE_FILE_OBJECT equ 1
SE_SERVICE equ 2
SE_PRINTER equ 3
SE_REGISTRY_KEY equ 4
SE_LMSHARE equ 5
SE_KERNEL_OBJECT equ 6
SE_WINDOW_OBJECT equ 7
SE_DS_OBJECT equ 8
SE_DS_OBJECT_ALL equ 9
SE_PROVIDER_DEFINED_OBJECT equ 10
; Definition: EXPLICIT_ACCESS
; This structure is used to pass access control entry information into and out
; of the system using the API defined in this document.
; grfAccessPermissions - This contains the access permissions to assign for the
; trustee. It is in the form of an NT access mask.
; grfAccessMode - This field defines how the permissions are to be applied for
; the trustee.
; grfInheritance - For containers, this field defines how the access control
; entry is/(is requested) to be inherited on
; objects/sub-containers created within the container.
; Trustee - This field contains the definition of the trustee account the
; explicit access applies to.
EXPLICIT_ACCESS_A STRUCT
grfAccessPermissions DWORD ?
grfAccessMode DWORD ? ; ACCESS_MODE
grfInheritance DWORD ?
Trustee TRUSTEE_A <>
EXPLICIT_ACCESS_A ENDS
PEXPLICIT_ACCESS_A typedef ptr EXPLICIT_ACCESS_A
EXPLICIT_ACCESSA equ <EXPLICIT_ACCESS_A>
PEXPLICIT_ACCESSA typedef ptr EXPLICIT_ACCESS_A
EXPLICIT_ACCESS_W STRUCT
grfAccessPermissions DWORD ?
grfAccessMode DWORD ? ; ACCESS_MODE
grfInheritance DWORD ?
Trustee TRUSTEE_W <>
EXPLICIT_ACCESS_W ENDS
PEXPLICIT_ACCESS_W typedef ptr EXPLICIT_ACCESS_W
EXPLICIT_ACCESSW equ <EXPLICIT_ACCESS_W>
PEXPLICIT_ACCESSW typedef ptr EXPLICIT_ACCESS_W
IFDEF UNICODE
EXPLICIT_ACCESS_ equ <EXPLICIT_ACCESS_W>
PEXPLICIT_ACCESS_ equ PEXPLICIT_ACCESS_W
EXPLICIT_ACCESS equ <EXPLICIT_ACCESSW>
PEXPLICIT_ACCESS equ PEXPLICIT_ACCESSW
ELSE
EXPLICIT_ACCESS_ equ <EXPLICIT_ACCESS_A>
PEXPLICIT_ACCESS_ equ PEXPLICIT_ACCESS_A
EXPLICIT_ACCESS equ <EXPLICIT_ACCESSA>
PEXPLICIT_ACCESS equ PEXPLICIT_ACCESSA
ENDIF
;----------------------------------------------------------------------------
;
; NT5 APIs
;
;----------------------------------------------------------------------------
comment ^
; Default provider
#define ACCCTRL_DEFAULT_PROVIDER TEXT("Windows NT Access Provider")
^
; Access rights
ACCESS_RIGHTS typedef DWORD
PACCESS_RIGHTS typedef ptr DWORD
; Inheritance flags
INHERIT_FLAGS typedef DWORD
PINHERIT_FLAGS typedef ptr DWORD
; Access / Audit structures
ACTRL_ACCESS_ENTRYA STRUCT
Trustee TRUSTEE_A <>
fAccessFlags DWORD ?
Access DWORD ? ; ACCESS_RIGHTS
ProvSpecificAccess DWORD ? ; ACCESS_RIGHTS
Inheritance DWORD ? ; INHERIT_FLAGS
lpInheritProperty DWORD ? ; LPSTR
ACTRL_ACCESS_ENTRYA ENDS
PACTRL_ACCESS_ENTRYA typedef ptr ACTRL_ACCESS_ENTRYA
; Access / Audit structures
ACTRL_ACCESS_ENTRYW STRUCT
Trustee TRUSTEE_W <>
fAccessFlags DWORD ?
Access DWORD ? ; ACCESS_RIGHTS
ProvSpecificAccess DWORD ? ; ACCESS_RIGHTS
Inheritance DWORD ? ; INHERIT_FLAGS
lpInheritProperty DWORD ? ; LPWSTR
ACTRL_ACCESS_ENTRYW ENDS
PACTRL_ACCESS_ENTRYW typedef ptr ACTRL_ACCESS_ENTRYW
IFDEF UNICODE
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -