advapi32: Implement GetPrivateObjectSecurity (with test).

This commit is contained in:
Mikolaj Zalewski 2007-09-27 12:01:49 -07:00 committed by Alexandre Julliard
parent 0590dc9b5c
commit 8fd1cf0f56
2 changed files with 100 additions and 5 deletions

View File

@ -1123,11 +1123,51 @@ BOOL WINAPI GetPrivateObjectSecurity(
DWORD DescriptorLength,
PDWORD ReturnLength )
{
SECURITY_DESCRIPTOR desc;
BOOL defaulted, present;
PACL pacl;
PSID psid;
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor, SecurityInformation,
ResultantDescriptor, DescriptorLength, ReturnLength);
return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor, SecurityInformation,
ResultantDescriptor, DescriptorLength, ReturnLength ));
if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION))
return FALSE;
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorOwner(ObjectDescriptor, &psid, &defaulted))
return FALSE;
SetSecurityDescriptorOwner(&desc, psid, defaulted);
}
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorGroup(ObjectDescriptor, &psid, &defaulted))
return FALSE;
SetSecurityDescriptorGroup(&desc, psid, defaulted);
}
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorDacl(ObjectDescriptor, &present, &pacl, &defaulted))
return FALSE;
SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorSacl(ObjectDescriptor, &present, &pacl, &defaulted))
return FALSE;
SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
}
*ReturnLength = DescriptorLength;
if (!MakeSelfRelativeSD(&desc, ResultantDescriptor, ReturnLength))
return FALSE;
GetSecurityDescriptorOwner(ResultantDescriptor, &psid, &defaulted);
FIXME("%p, sid=%p\n", &desc, psid);
return TRUE;
}
/******************************************************************************

View File

@ -2044,11 +2044,65 @@ static void test_ConvertSecurityDescriptorToString()
AddAuditAccessAceEx(pacl, ACL_REVISION, NO_PROPAGATE_INHERIT_ACE, FILE_GENERIC_READ|FILE_GENERIC_WRITE, psid2, TRUE, FALSE);
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(&desc, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
CHECK_RESULT_AND_FREE("O:SYG:S-1-5-21-93476-23408-4576D:S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
#undef CHECK_RESULT_AND_FREE
}
static void test_PrivateObjectSecurity(void)
{
SECURITY_INFORMATION sec_info = OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION;
SECURITY_DESCRIPTOR_CONTROL ctrl;
PSECURITY_DESCRIPTOR sec;
DWORD dwDescSize;
DWORD dwRevision;
DWORD retSize;
LPSTR string;
ULONG len;
PSECURITY_DESCRIPTOR buf;
ok(ConvertStringSecurityDescriptorToSecurityDescriptorA(
"O:SY"
"G:S-1-5-21-93476-23408-4576"
"D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
"S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)", SDDL_REVISION_1, &sec, &dwDescSize), "Creating descriptor failed\n");
buf = HeapAlloc(GetProcessHeap(), 0, dwDescSize);
SetSecurityDescriptorControl(sec, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
GetSecurityDescriptorControl(sec, &ctrl, &dwRevision);
todo_wine expect_eq(ctrl, 0x9014, int, "%x");
ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576");
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
expect_eq(ctrl, 0x8000, int, "%x");
ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed err=%u\n", GetLastError());
CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)");
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
expect_eq(ctrl, 0x8004, int, "%x");
ok(GetPrivateObjectSecurity(sec, sec_info, buf, dwDescSize, &retSize),
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
ok(retSize == dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
CHECK_RESULT_AND_FREE("O:SY"
"G:S-1-5-21-93476-23408-4576"
"D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
"S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
expect_eq(ctrl, 0x8014, int, "%x");
SetLastError(0xdeadbeef);
ok(GetPrivateObjectSecurity(sec, sec_info, buf, 5, &retSize) == FALSE, "GetPrivateObjectSecurity should have failed\n");
ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "Expected error ERROR_INSUFFICIENT_BUFFER, got %u\n", GetLastError());
LocalFree(sec);
}
#undef CHECK_RESULT_AND_FREE
START_TEST(security)
{
init();
@ -2074,4 +2128,5 @@ START_TEST(security)
test_GetNamedSecurityInfoA();
test_ConvertStringSecurityDescriptor();
test_ConvertSecurityDescriptorToString();
test_PrivateObjectSecurity();
}