1 {******************************************************************************}
2 {                                                                              }
3 { Access Control UI API interface Unit for Object Pascal                       }
4 {                                                                              }
5 { Portions created by Microsoft are Copyright (C) 1995-2001 Microsoft          }
6 { Corporation. All Rights Reserved.                                            }
7 {                                                                              }
8 { The original file is: aclui.h, released June 2000. The original Pascal       }
9 { code is: AclUI.pas, released December 2000. The initial developer of the     }
10 { Pascal code is Marcel van Brakel (brakelm att chello dott nl).               }
11 {                                                                              }
12 { Portions created by Marcel van Brakel are Copyright (C) 1999-2001            }
13 { Marcel van Brakel. All Rights Reserved.                                      }
14 {                                                                              }
15 { Obtained through: Joint Endeavour of Delphi Innovators (Project JEDI)        }
16 {                                                                              }
17 { You may retrieve the latest version of this file at the Project JEDI         }
18 { APILIB home page, located at http://jedi-apilib.sourceforge.net              }
19 {                                                                              }
20 { The contents of this file are used with permission, subject to the Mozilla   }
21 { Public License Version 1.1 (the "License"); you may not use this file except }
22 { in compliance with the License. You may obtain a copy of the License at      }
23 { http://www.mozilla.org/MPL/MPL-1.1.html                                      }
24 {                                                                              }
25 { Software distributed under the License is distributed on an "AS IS" basis,   }
26 { WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for }
27 { the specific language governing rights and limitations under the License.    }
28 {                                                                              }
29 { Alternatively, the contents of this file may be used under the terms of the  }
30 { GNU Lesser General Public License (the  "LGPL License"), in which case the   }
31 { provisions of the LGPL License are applicable instead of those above.        }
32 { If you wish to allow use of your version of this file only under the terms   }
33 { of the LGPL License and not to allow others to use your version of this file }
34 { under the MPL, indicate your decision by deleting  the provisions above and  }
35 { replace  them with the notice and other provisions required by the LGPL      }
36 { License.  If you do not delete the provisions above, a recipient may use     }
37 { your version of this file under either the MPL or the LGPL License.          }
38 {                                                                              }
39 { For more information about the LGPL: http://www.gnu.org/copyleft/lesser.html }
40 {                                                                              }
41 {******************************************************************************}
42 
43 // $Id: JwaAclUI.pas,v 1.13 2007/09/05 11:58:48 dezipaitor Exp $
44 
45 {$IFNDEF JWA_OMIT_SECTIONS}
46 unit JwaAclUI;
47 
48 {$WEAKPACKAGEUNIT}
49 
50 {$ENDIF JWA_OMIT_SECTIONS}
51 
52 {$HPPEMIT ''}
53 {$HPPEMIT '#include "aclui.h"'}
54 {$HPPEMIT ''}
55 
56 {$IFNDEF JWA_OMIT_SECTIONS}
57 {$I jediapilib.inc}
58 
59 interface
60 
61 uses
62   JwaAccCtrl, JwaWinNT, JwaWinUser, JwaWinType, JwaActiveX;
63 
64 {$ENDIF JWA_OMIT_SECTIONS}
65 
66 {$IFNDEF JWA_IMPLEMENTATIONSECTION}
67 //
68 // ISecurityInformation interface
69 //
70 //  Methods:
71 //
72 //     GetObjectInformation - Allows UI to determine type of object being
73 //       edited.  Also allows determining if object is a container.
74 //
75 //     GetSecurity - Allows retrieving of ACLs from the original object
76 //                       NOTE: ACLUI will LocalFree the security descriptor
77 //                       returned by GetSecurity.
78 //     SetSecurity - Allows setting of the ACLs on the original object
79 //
80 //     GetAccessRights - For retrieving the list of rights allowed
81 //              on this object.
82 //
83 //     MapGeneric - For mapping generic rights to standard & specific rights
84 //
85 //     GetInheritTypes - For retrieving the list of possible sub-object types
86 //              for a container.
87 //
88 //     PropertySheetCallback - A method which is called back during the various
89 //              security UI property pages so that specialized work can be
90 //              done.  Similar to PropSheetPageProc.  If uMsg == PSPCB_CREATE,
91 //              then any error return value other than E_NOTIMPL will abort
92 //              the creation of that page.  The type of page being created or
93 //              destroyed is indicated by the uPage parameter.
94 //
95 
96 type
97   PSI_OBJECT_INFO = ^SI_OBJECT_INFO;
98   {$EXTERNALSYM PSI_OBJECT_INFO}
99   _SI_OBJECT_INFO = record
100     dwFlags: DWORD;
101     hInstance: HINST;  // resources (e.g. strings) reside here
102     pszServerName: LPWSTR; // must be present
103     pszObjectName: LPWSTR; // must be present
104     pszPageTitle: LPWSTR;  // only valid if SI_PAGE_TITLE is set
105     guidObjectType: GUID;  // only valid if SI_OBJECT_GUID is set
106   end;
107   {$EXTERNALSYM _SI_OBJECT_INFO}
108   SI_OBJECT_INFO = _SI_OBJECT_INFO;
109   {$EXTERNALSYM SI_OBJECT_INFO}
110   TSiObjectInfo = SI_OBJECT_INFO;
111   PSiObjectInfo = PSI_OBJECT_INFO;
112 
113 // SI_OBJECT_INFO flags
114 
115 const
116   SI_EDIT_PERMS      = $00000000; // always implied
117   {$EXTERNALSYM SI_EDIT_PERMS}
118   SI_EDIT_OWNER      = $00000001;
119   {$EXTERNALSYM SI_EDIT_OWNER}
120   SI_EDIT_AUDITS     = $00000002;
121   {$EXTERNALSYM SI_EDIT_AUDITS}
122   SI_CONTAINER       = $00000004;
123   {$EXTERNALSYM SI_CONTAINER}
124   SI_READONLY        = $00000008;
125   {$EXTERNALSYM SI_READONLY}
126   SI_ADVANCED        = $00000010;
127   {$EXTERNALSYM SI_ADVANCED}
128   SI_RESET           = $00000020; // equals to SI_RESET_DACL|SI_RESET_SACL|SI_RESET_OWNER
129   {$EXTERNALSYM SI_RESET}
130   SI_OWNER_READONLY  = $00000040;
131   {$EXTERNALSYM SI_OWNER_READONLY}
132   SI_EDIT_PROPERTIES = $00000080;
133   {$EXTERNALSYM SI_EDIT_PROPERTIES}
134   SI_OWNER_RECURSE   = $00000100;
135   {$EXTERNALSYM SI_OWNER_RECURSE}
136   SI_NO_ACL_PROTECT  = $00000200;
137   {$EXTERNALSYM SI_NO_ACL_PROTECT}
138   SI_NO_TREE_APPLY   = $00000400;
139   {$EXTERNALSYM SI_NO_TREE_APPLY}
140   SI_PAGE_TITLE      = $00000800;
141   {$EXTERNALSYM SI_PAGE_TITLE}
142   SI_SERVER_IS_DC    = $00001000;
143   {$EXTERNALSYM SI_SERVER_IS_DC}
144   SI_RESET_DACL_TREE = $00004000;
145   {$EXTERNALSYM SI_RESET_DACL_TREE}
146   SI_RESET_SACL_TREE = $00008000;
147   {$EXTERNALSYM SI_RESET_SACL_TREE}
148   SI_OBJECT_GUID     = $00010000;
149   {$EXTERNALSYM SI_OBJECT_GUID}
150   SI_EDIT_EFFECTIVE  = $00020000;
151   {$EXTERNALSYM SI_EDIT_EFFECTIVE}
152   SI_RESET_DACL      = $00040000;
153   {$EXTERNALSYM SI_RESET_DACL}
154   SI_RESET_SACL      = $00080000;
155   {$EXTERNALSYM SI_RESET_SACL}
156   SI_RESET_OWNER     = $00100000;
157   {$EXTERNALSYM SI_RESET_OWNER}
158   SI_NO_ADDITIONAL_PERMISSION = $00200000;
159   {$EXTERNALSYM SI_NO_ADDITIONAL_PERMISSION}
160   SI_MAY_WRITE       = $10000000; //not sure if user can write permission
161   {$EXTERNALSYM SI_MAY_WRITE}
162 
163   SI_EDIT_ALL = SI_EDIT_PERMS or SI_EDIT_OWNER or SI_EDIT_AUDITS;
164   {$EXTERNALSYM SI_EDIT_ALL}
165 
166 type
167   PSI_ACCESS = ^SI_ACCESS;
168   {$EXTERNALSYM PSI_ACCESS}
169   _SI_ACCESS = record
170     pguid: LPGUID;
171     mask: ACCESS_MASK;
172     pszName: LPCWSTR; // may be resource ID
173     dwFlags: DWORD;
174   end;
175   {$EXTERNALSYM _SI_ACCESS}
176   SI_ACCESS = _SI_ACCESS;
177   {$EXTERNALSYM SI_ACCESS}
178   TSiAccess = SI_ACCESS;
179   PSiAccess = PSI_ACCESS;
180 
181 // SI_ACCESS flags
182 
183 const
184   SI_ACCESS_SPECIFIC  = $00010000;
185   {$EXTERNALSYM SI_ACCESS_SPECIFIC}
186   SI_ACCESS_GENERAL   = $00020000;
187   {$EXTERNALSYM SI_ACCESS_GENERAL}
188   SI_ACCESS_CONTAINER = $00040000; // general access, container-only
189   {$EXTERNALSYM SI_ACCESS_CONTAINER}
190   SI_ACCESS_PROPERTY  = $00080000;
191   {$EXTERNALSYM SI_ACCESS_PROPERTY}
192 
193 // ACE inheritance flags (CONTAINER_INHERIT_ACE, etc.) may also be set.
194 // They will be used as the inheritance when an access is turned on.
195 
196 type
197   PSI_INHERIT_TYPE = ^SI_INHERIT_TYPE;
198   {$EXTERNALSYM PSI_INHERIT_TYPE}
199   _SI_INHERIT_TYPE = record
200     pguid: LPGUID;
201     dwFlags: ULONG;
202     pszName: LPCWSTR; // may be resource ID
203   end;
204   {$EXTERNALSYM _SI_INHERIT_TYPE}
205   SI_INHERIT_TYPE = _SI_INHERIT_TYPE;
206   {$EXTERNALSYM SI_INHERIT_TYPE}
207   TSiInheritType = SI_INHERIT_TYPE;
208   PSiInheritType = PSI_INHERIT_TYPE;
209 
210 // SI_INHERIT_TYPE flags are a combination of INHERIT_ONLY_ACE,
211 // CONTAINER_INHERIT_ACE, and OBJECT_INHERIT_ACE.
212 
213   _SI_PAGE_TYPE = (SI_PAGE_PERM, SI_PAGE_ADVPERM, SI_PAGE_AUDIT, SI_PAGE_OWNER, SI_PAGE_EFFECTIVE);
214   {$EXTERNALSYM _SI_PAGE_TYPE}
215   SI_PAGE_TYPE = _SI_PAGE_TYPE;
216   {$EXTERNALSYM SI_PAGE_TYPE}
217   TSiPageType = _SI_PAGE_TYPE;
218 
219 // Message to PropertySheetPageCallback (in addition to
220 // PSPCB_CREATE and PSPCB_RELEASE)
221 
222 const
223   PSPCB_SI_INITDIALOG = WM_USER + 1;
224   {$EXTERNALSYM PSPCB_SI_INITDIALOG}
225 
226 const
227   IID_ISecurityInformation: GUID = (
228     D1:$965fc360; D2:$16ff; D3:$11d0; D4:($91, $cb, $0, $aa, $0, $bb, $b7, $23));
229   {$EXTERNALSYM IID_ISecurityInformation}
230   IID_ISecurityInformation2: GUID = (
231     D1:$c3ccfdb4; D2:$6f88; D3:$11d2; D4:($a3, $ce, $0, $c0, $4f, $b1, $78, $2a));
232   {$EXTERNALSYM IID_ISecurityInformation2}
233 
234   SID_ISecurityInformation  = '{965FC360-16FF-11d0-91CB-00AA00BBB723}';
235   SID_ISecurityInformation2 = '{c3ccfdb4-6f88-11d2-a3ce-00c04fb1782a}';
236 
237 type
238   ISecurityInformation = interface(IUnknown)
239   [SID_ISecurityInformation]
GetObjectInformationnull240     function GetObjectInformation(out pObjectInfo: SI_OBJECT_INFO): HRESULT; stdcall;
GetSecuritynull241     function GetSecurity(RequestedInformation: SECURITY_INFORMATION;
242       out ppSecurityDescriptor: PSECURITY_DESCRIPTOR; fDefault: BOOL): HRESULT; stdcall;
SetSecuritynull243     function SetSecurity(SecurityInformation: SECURITY_INFORMATION;
244       pSecurityDescriptor: PSECURITY_DESCRIPTOR): HRESULT; stdcall;
GetAccessRightsnull245     function GetAccessRights(pguidObjectType: LPGUID; dwFlags: DWORD;
246       out ppAccess: PSI_ACCESS; out pcAccesses, piDefaultAccess: ULONG): HRESULT; stdcall;
MapGenericnull247     function MapGeneric(pguidObjectType: LPGUID; pAceFlags: PUCHAR;
248       pMask: PACCESS_MASK): HRESULT; stdcall;
GetInheritTypesnull249     function GetInheritTypes(out ppInheritTypes: PSI_INHERIT_TYPE;
250       out pcInheritTypes: ULONG): HRESULT; stdcall;
PropertySheetPageCallbacknull251     function PropertySheetPageCallback(hwnd: HWND; uMsg: UINT;
252       uPage: SI_PAGE_TYPE): HRESULT; stdcall;
253   end;
254   {$EXTERNALSYM ISecurityInformation}
255 
256   LPSECURITYINFO = ISecurityInformation;
257   {$EXTERNALSYM LPSECURITYINFO}
258 
259   ISecurityInformation2 = interface(IUnknown)
260   [SID_ISecurityInformation2]
IsDaclCanonicalnull261     function IsDaclCanonical(pDacl: PACL): BOOL; stdcall;
262 
263     {If the compiler does not compile your implemented interface.
264      Try ActiveX.IDataObject instead if simply IDataObject.}
LookupSidsnull265     function LookupSids(cSids: ULONG; rgpSids: PPSID;
266       out ppdo: IDataObject): HRESULT; stdcall;
267   end;
268   {$EXTERNALSYM ISecurityInformation2}
269 
270   LPSECURITYINFO2 = ISecurityInformation2;
271   {$EXTERNALSYM LPSECURITYINFO2}
272 
273 // HGLOBAL containing SID_INFO_LIST returned by ISecurityInformation2::LookupSids
274 
275 const
276   CFSTR_ACLUI_SID_INFO_LIST = 'CFSTR_ACLUI_SID_INFO_LIST';
277   {$EXTERNALSYM CFSTR_ACLUI_SID_INFO_LIST}
278 
279 // Data structures corresponding to CFSTR_ACLUI_SID_INFO_LIST
280 
281 type
282   PSID_INFO = ^SID_INFO;
283   {$EXTERNALSYM PSID_INFO}
284   _SID_INFO = record
285     pSid: PSID;
286     pwzCommonName: PWSTR;
287     pwzClass: PWSTR; // Used for selecting icon, e.g. "User" or "Group"
288     pwzUPN: PWSTR;   // Optional, may be NULL
289   end;
290   {$EXTERNALSYM _SID_INFO}
291   SID_INFO = _SID_INFO;
292   {$EXTERNALSYM SID_INFO}
293   TSidInfo = SID_INFO;
294   PSidInfo = PSID_INFO;
295 
296   PSID_INFO_LIST = ^SID_INFO_LIST;
297   {$EXTERNALSYM PSID_INFO_LIST}
298   _SID_INFO_LIST = record
299     cItems: ULONG;
300     aSidInfo: array [0..ANYSIZE_ARRAY - 1] of SID_INFO;
301   end;
302   {$EXTERNALSYM _SID_INFO_LIST}
303   SID_INFO_LIST = _SID_INFO_LIST;
304   {$EXTERNALSYM SID_INFO_LIST}
305   TSidInfoList = SID_INFO_LIST;
306   PSidInfoList = PSID_INFO_LIST;
307 
308 const
309   IID_IEffectivePermission: TGUID = '{3853DC76-9F35-407c-88A1-D19344365FBC}';
310   {$EXTERNALSYM IID_IEffectivePermission}
311   IID_ISecurityObjectTypeInfo: TGUID = '{fc3066eb-79ef-444b-9111-d18a75ebf2fa}';
312   {$EXTERNALSYM IID_ISecurityObjectTypeInfo}
313 
314 type
315   IEffectivePermission = interface(IUnknown)
316   ['{3853DC76-9F35-407c-88A1-D19344365FBC}']
GetEffectivePermissionnull317     function GetEffectivePermission(const pguidObjectType: TGUID; pUserSid: PSID;
318       pszServerName: LPCWSTR; pSD: PSECURITY_DESCRIPTOR; var ppObjectTypeList: POBJECT_TYPE_LIST;
319       var pcObjectTypeListLength: ULONG; var ppGrantedAccessList: PACCESS_MASK;
320       var pcGrantedAccessListLength: ULONG): HRESULT; stdcall;
321   end;
322   {$EXTERNALSYM IEffectivePermission}
323   LPEFFECTIVEPERMISSION = IEffectivePermission;
324   {$EXTERNALSYM LPEFFECTIVEPERMISSION}
325 
326   ISecurityObjectTypeInfo = interface(IUnknown)
327   ['{fc3066eb-79ef-444b-9111-d18a75ebf2fa}']
GetInheritSourcenull328     function GetInheritSource(si: SECURITY_INFORMATION; pACL: PACL;
329       var ppInheritArray: PINHERITED_FROM): HRESULT; stdcall;
330   end;
331   {$EXTERNALSYM ISecurityObjectTypeInfo}
332   LPSecurityObjectTypeInfo = ISecurityObjectTypeInfo;
333   {$EXTERNALSYM LPSecurityObjectTypeInfo}
334 
335 type
336   HPROPSHEETPAGE = Pointer;
337   {$EXTERNALSYM HPROPSHEETPAGE}
338 
CreateSecurityPagenull339 function CreateSecurityPage(psi: LPSECURITYINFO): HPROPSHEETPAGE; stdcall;
340 {$EXTERNALSYM CreateSecurityPage}
EditSecuritynull341 function EditSecurity(hwndOwner: HWND; psi: LPSECURITYINFO): BOOL; stdcall;
342 {$EXTERNALSYM EditSecurity}
343 
344 {$ENDIF JWA_IMPLEMENTATIONSECTION}
345 
346 {$IFNDEF JWA_OMIT_SECTIONS}
347 implementation
348 //uses ...
349 {$ENDIF JWA_OMIT_SECTIONS}
350 
351 
352 {$IFNDEF JWA_INTERFACESECTION}
353 
354 {$IFNDEF JWA_INCLUDEMODE}
355 const
356   acluilib = 'aclui.dll';
357 {$ENDIF JWA_INCLUDEMODE}
358 
359 {$IFDEF DYNAMIC_LINK}
360 
361 var
362   _CreateSecurityPage: Pointer;
363 
CreateSecurityPagenull364 function CreateSecurityPage;
365 begin
366   GetProcedureAddress(_CreateSecurityPage, acluilib, 'CreateSecurityPage');
367   asm
368         MOV     ESP, EBP
369         POP     EBP
370         JMP     [_CreateSecurityPage]
371   end;
372 end;
373 
374 var
375   _EditSecurity: Pointer;
376 
EditSecuritynull377 function EditSecurity;
378 begin
379   GetProcedureAddress(_EditSecurity, acluilib, 'EditSecurity');
380   asm
381         MOV     ESP, EBP
382         POP     EBP
383         JMP     [_EditSecurity]
384   end;
385 end;
386 
387 {$ELSE}
388 
CreateSecurityPagenull389 function CreateSecurityPage; external acluilib name 'CreateSecurityPage';
EditSecuritynull390 function EditSecurity; external acluilib name 'EditSecurity';
391 
392 {$ENDIF DYNAMIC_LINK}
393 
394 {$ENDIF JWA_INTERFACESECTION}
395 
396 
397 {$IFNDEF JWA_OMIT_SECTIONS}
398 end.
399 {$ENDIF JWA_OMIT_SECTIONS}
400