1 {******************************************************************************}
2 { }
3 { Access Control UI API interface Unit for Object Pascal }
4 { }
5 { Portions created by Microsoft are Copyright (C) 1995-2001 Microsoft }
6 { Corporation. All Rights Reserved. }
7 { }
8 { The original file is: aclui.h, released June 2000. The original Pascal }
9 { code is: AclUI.pas, released December 2000. The initial developer of the }
10 { Pascal code is Marcel van Brakel (brakelm att chello dott nl). }
11 { }
12 { Portions created by Marcel van Brakel are Copyright (C) 1999-2001 }
13 { Marcel van Brakel. All Rights Reserved. }
14 { }
15 { Obtained through: Joint Endeavour of Delphi Innovators (Project JEDI) }
16 { }
17 { You may retrieve the latest version of this file at the Project JEDI }
18 { APILIB home page, located at http://jedi-apilib.sourceforge.net }
19 { }
20 { The contents of this file are used with permission, subject to the Mozilla }
21 { Public License Version 1.1 (the "License"); you may not use this file except }
22 { in compliance with the License. You may obtain a copy of the License at }
23 { http://www.mozilla.org/MPL/MPL-1.1.html }
24 { }
25 { Software distributed under the License is distributed on an "AS IS" basis, }
26 { WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for }
27 { the specific language governing rights and limitations under the License. }
28 { }
29 { Alternatively, the contents of this file may be used under the terms of the }
30 { GNU Lesser General Public License (the "LGPL License"), in which case the }
31 { provisions of the LGPL License are applicable instead of those above. }
32 { If you wish to allow use of your version of this file only under the terms }
33 { of the LGPL License and not to allow others to use your version of this file }
34 { under the MPL, indicate your decision by deleting the provisions above and }
35 { replace them with the notice and other provisions required by the LGPL }
36 { License. If you do not delete the provisions above, a recipient may use }
37 { your version of this file under either the MPL or the LGPL License. }
38 { }
39 { For more information about the LGPL: http://www.gnu.org/copyleft/lesser.html }
40 { }
41 {******************************************************************************}
42
43 // $Id: JwaAclUI.pas,v 1.13 2007/09/05 11:58:48 dezipaitor Exp $
44
45 {$IFNDEF JWA_OMIT_SECTIONS}
46 unit JwaAclUI;
47
48 {$WEAKPACKAGEUNIT}
49
50 {$ENDIF JWA_OMIT_SECTIONS}
51
52 {$HPPEMIT ''}
53 {$HPPEMIT '#include "aclui.h"'}
54 {$HPPEMIT ''}
55
56 {$IFNDEF JWA_OMIT_SECTIONS}
57 {$I jediapilib.inc}
58
59 interface
60
61 uses
62 JwaAccCtrl, JwaWinNT, JwaWinUser, JwaWinType, JwaActiveX;
63
64 {$ENDIF JWA_OMIT_SECTIONS}
65
66 {$IFNDEF JWA_IMPLEMENTATIONSECTION}
67 //
68 // ISecurityInformation interface
69 //
70 // Methods:
71 //
72 // GetObjectInformation - Allows UI to determine type of object being
73 // edited. Also allows determining if object is a container.
74 //
75 // GetSecurity - Allows retrieving of ACLs from the original object
76 // NOTE: ACLUI will LocalFree the security descriptor
77 // returned by GetSecurity.
78 // SetSecurity - Allows setting of the ACLs on the original object
79 //
80 // GetAccessRights - For retrieving the list of rights allowed
81 // on this object.
82 //
83 // MapGeneric - For mapping generic rights to standard & specific rights
84 //
85 // GetInheritTypes - For retrieving the list of possible sub-object types
86 // for a container.
87 //
88 // PropertySheetCallback - A method which is called back during the various
89 // security UI property pages so that specialized work can be
90 // done. Similar to PropSheetPageProc. If uMsg == PSPCB_CREATE,
91 // then any error return value other than E_NOTIMPL will abort
92 // the creation of that page. The type of page being created or
93 // destroyed is indicated by the uPage parameter.
94 //
95
96 type
97 PSI_OBJECT_INFO = ^SI_OBJECT_INFO;
98 {$EXTERNALSYM PSI_OBJECT_INFO}
99 _SI_OBJECT_INFO = record
100 dwFlags: DWORD;
101 hInstance: HINST; // resources (e.g. strings) reside here
102 pszServerName: LPWSTR; // must be present
103 pszObjectName: LPWSTR; // must be present
104 pszPageTitle: LPWSTR; // only valid if SI_PAGE_TITLE is set
105 guidObjectType: GUID; // only valid if SI_OBJECT_GUID is set
106 end;
107 {$EXTERNALSYM _SI_OBJECT_INFO}
108 SI_OBJECT_INFO = _SI_OBJECT_INFO;
109 {$EXTERNALSYM SI_OBJECT_INFO}
110 TSiObjectInfo = SI_OBJECT_INFO;
111 PSiObjectInfo = PSI_OBJECT_INFO;
112
113 // SI_OBJECT_INFO flags
114
115 const
116 SI_EDIT_PERMS = $00000000; // always implied
117 {$EXTERNALSYM SI_EDIT_PERMS}
118 SI_EDIT_OWNER = $00000001;
119 {$EXTERNALSYM SI_EDIT_OWNER}
120 SI_EDIT_AUDITS = $00000002;
121 {$EXTERNALSYM SI_EDIT_AUDITS}
122 SI_CONTAINER = $00000004;
123 {$EXTERNALSYM SI_CONTAINER}
124 SI_READONLY = $00000008;
125 {$EXTERNALSYM SI_READONLY}
126 SI_ADVANCED = $00000010;
127 {$EXTERNALSYM SI_ADVANCED}
128 SI_RESET = $00000020; // equals to SI_RESET_DACL|SI_RESET_SACL|SI_RESET_OWNER
129 {$EXTERNALSYM SI_RESET}
130 SI_OWNER_READONLY = $00000040;
131 {$EXTERNALSYM SI_OWNER_READONLY}
132 SI_EDIT_PROPERTIES = $00000080;
133 {$EXTERNALSYM SI_EDIT_PROPERTIES}
134 SI_OWNER_RECURSE = $00000100;
135 {$EXTERNALSYM SI_OWNER_RECURSE}
136 SI_NO_ACL_PROTECT = $00000200;
137 {$EXTERNALSYM SI_NO_ACL_PROTECT}
138 SI_NO_TREE_APPLY = $00000400;
139 {$EXTERNALSYM SI_NO_TREE_APPLY}
140 SI_PAGE_TITLE = $00000800;
141 {$EXTERNALSYM SI_PAGE_TITLE}
142 SI_SERVER_IS_DC = $00001000;
143 {$EXTERNALSYM SI_SERVER_IS_DC}
144 SI_RESET_DACL_TREE = $00004000;
145 {$EXTERNALSYM SI_RESET_DACL_TREE}
146 SI_RESET_SACL_TREE = $00008000;
147 {$EXTERNALSYM SI_RESET_SACL_TREE}
148 SI_OBJECT_GUID = $00010000;
149 {$EXTERNALSYM SI_OBJECT_GUID}
150 SI_EDIT_EFFECTIVE = $00020000;
151 {$EXTERNALSYM SI_EDIT_EFFECTIVE}
152 SI_RESET_DACL = $00040000;
153 {$EXTERNALSYM SI_RESET_DACL}
154 SI_RESET_SACL = $00080000;
155 {$EXTERNALSYM SI_RESET_SACL}
156 SI_RESET_OWNER = $00100000;
157 {$EXTERNALSYM SI_RESET_OWNER}
158 SI_NO_ADDITIONAL_PERMISSION = $00200000;
159 {$EXTERNALSYM SI_NO_ADDITIONAL_PERMISSION}
160 SI_MAY_WRITE = $10000000; //not sure if user can write permission
161 {$EXTERNALSYM SI_MAY_WRITE}
162
163 SI_EDIT_ALL = SI_EDIT_PERMS or SI_EDIT_OWNER or SI_EDIT_AUDITS;
164 {$EXTERNALSYM SI_EDIT_ALL}
165
166 type
167 PSI_ACCESS = ^SI_ACCESS;
168 {$EXTERNALSYM PSI_ACCESS}
169 _SI_ACCESS = record
170 pguid: LPGUID;
171 mask: ACCESS_MASK;
172 pszName: LPCWSTR; // may be resource ID
173 dwFlags: DWORD;
174 end;
175 {$EXTERNALSYM _SI_ACCESS}
176 SI_ACCESS = _SI_ACCESS;
177 {$EXTERNALSYM SI_ACCESS}
178 TSiAccess = SI_ACCESS;
179 PSiAccess = PSI_ACCESS;
180
181 // SI_ACCESS flags
182
183 const
184 SI_ACCESS_SPECIFIC = $00010000;
185 {$EXTERNALSYM SI_ACCESS_SPECIFIC}
186 SI_ACCESS_GENERAL = $00020000;
187 {$EXTERNALSYM SI_ACCESS_GENERAL}
188 SI_ACCESS_CONTAINER = $00040000; // general access, container-only
189 {$EXTERNALSYM SI_ACCESS_CONTAINER}
190 SI_ACCESS_PROPERTY = $00080000;
191 {$EXTERNALSYM SI_ACCESS_PROPERTY}
192
193 // ACE inheritance flags (CONTAINER_INHERIT_ACE, etc.) may also be set.
194 // They will be used as the inheritance when an access is turned on.
195
196 type
197 PSI_INHERIT_TYPE = ^SI_INHERIT_TYPE;
198 {$EXTERNALSYM PSI_INHERIT_TYPE}
199 _SI_INHERIT_TYPE = record
200 pguid: LPGUID;
201 dwFlags: ULONG;
202 pszName: LPCWSTR; // may be resource ID
203 end;
204 {$EXTERNALSYM _SI_INHERIT_TYPE}
205 SI_INHERIT_TYPE = _SI_INHERIT_TYPE;
206 {$EXTERNALSYM SI_INHERIT_TYPE}
207 TSiInheritType = SI_INHERIT_TYPE;
208 PSiInheritType = PSI_INHERIT_TYPE;
209
210 // SI_INHERIT_TYPE flags are a combination of INHERIT_ONLY_ACE,
211 // CONTAINER_INHERIT_ACE, and OBJECT_INHERIT_ACE.
212
213 _SI_PAGE_TYPE = (SI_PAGE_PERM, SI_PAGE_ADVPERM, SI_PAGE_AUDIT, SI_PAGE_OWNER, SI_PAGE_EFFECTIVE);
214 {$EXTERNALSYM _SI_PAGE_TYPE}
215 SI_PAGE_TYPE = _SI_PAGE_TYPE;
216 {$EXTERNALSYM SI_PAGE_TYPE}
217 TSiPageType = _SI_PAGE_TYPE;
218
219 // Message to PropertySheetPageCallback (in addition to
220 // PSPCB_CREATE and PSPCB_RELEASE)
221
222 const
223 PSPCB_SI_INITDIALOG = WM_USER + 1;
224 {$EXTERNALSYM PSPCB_SI_INITDIALOG}
225
226 const
227 IID_ISecurityInformation: GUID = (
228 D1:$965fc360; D2:$16ff; D3:$11d0; D4:($91, $cb, $0, $aa, $0, $bb, $b7, $23));
229 {$EXTERNALSYM IID_ISecurityInformation}
230 IID_ISecurityInformation2: GUID = (
231 D1:$c3ccfdb4; D2:$6f88; D3:$11d2; D4:($a3, $ce, $0, $c0, $4f, $b1, $78, $2a));
232 {$EXTERNALSYM IID_ISecurityInformation2}
233
234 SID_ISecurityInformation = '{965FC360-16FF-11d0-91CB-00AA00BBB723}';
235 SID_ISecurityInformation2 = '{c3ccfdb4-6f88-11d2-a3ce-00c04fb1782a}';
236
237 type
238 ISecurityInformation = interface(IUnknown)
239 [SID_ISecurityInformation]
GetObjectInformationnull240 function GetObjectInformation(out pObjectInfo: SI_OBJECT_INFO): HRESULT; stdcall;
GetSecuritynull241 function GetSecurity(RequestedInformation: SECURITY_INFORMATION;
242 out ppSecurityDescriptor: PSECURITY_DESCRIPTOR; fDefault: BOOL): HRESULT; stdcall;
SetSecuritynull243 function SetSecurity(SecurityInformation: SECURITY_INFORMATION;
244 pSecurityDescriptor: PSECURITY_DESCRIPTOR): HRESULT; stdcall;
GetAccessRightsnull245 function GetAccessRights(pguidObjectType: LPGUID; dwFlags: DWORD;
246 out ppAccess: PSI_ACCESS; out pcAccesses, piDefaultAccess: ULONG): HRESULT; stdcall;
MapGenericnull247 function MapGeneric(pguidObjectType: LPGUID; pAceFlags: PUCHAR;
248 pMask: PACCESS_MASK): HRESULT; stdcall;
GetInheritTypesnull249 function GetInheritTypes(out ppInheritTypes: PSI_INHERIT_TYPE;
250 out pcInheritTypes: ULONG): HRESULT; stdcall;
PropertySheetPageCallbacknull251 function PropertySheetPageCallback(hwnd: HWND; uMsg: UINT;
252 uPage: SI_PAGE_TYPE): HRESULT; stdcall;
253 end;
254 {$EXTERNALSYM ISecurityInformation}
255
256 LPSECURITYINFO = ISecurityInformation;
257 {$EXTERNALSYM LPSECURITYINFO}
258
259 ISecurityInformation2 = interface(IUnknown)
260 [SID_ISecurityInformation2]
IsDaclCanonicalnull261 function IsDaclCanonical(pDacl: PACL): BOOL; stdcall;
262
263 {If the compiler does not compile your implemented interface.
264 Try ActiveX.IDataObject instead if simply IDataObject.}
LookupSidsnull265 function LookupSids(cSids: ULONG; rgpSids: PPSID;
266 out ppdo: IDataObject): HRESULT; stdcall;
267 end;
268 {$EXTERNALSYM ISecurityInformation2}
269
270 LPSECURITYINFO2 = ISecurityInformation2;
271 {$EXTERNALSYM LPSECURITYINFO2}
272
273 // HGLOBAL containing SID_INFO_LIST returned by ISecurityInformation2::LookupSids
274
275 const
276 CFSTR_ACLUI_SID_INFO_LIST = 'CFSTR_ACLUI_SID_INFO_LIST';
277 {$EXTERNALSYM CFSTR_ACLUI_SID_INFO_LIST}
278
279 // Data structures corresponding to CFSTR_ACLUI_SID_INFO_LIST
280
281 type
282 PSID_INFO = ^SID_INFO;
283 {$EXTERNALSYM PSID_INFO}
284 _SID_INFO = record
285 pSid: PSID;
286 pwzCommonName: PWSTR;
287 pwzClass: PWSTR; // Used for selecting icon, e.g. "User" or "Group"
288 pwzUPN: PWSTR; // Optional, may be NULL
289 end;
290 {$EXTERNALSYM _SID_INFO}
291 SID_INFO = _SID_INFO;
292 {$EXTERNALSYM SID_INFO}
293 TSidInfo = SID_INFO;
294 PSidInfo = PSID_INFO;
295
296 PSID_INFO_LIST = ^SID_INFO_LIST;
297 {$EXTERNALSYM PSID_INFO_LIST}
298 _SID_INFO_LIST = record
299 cItems: ULONG;
300 aSidInfo: array [0..ANYSIZE_ARRAY - 1] of SID_INFO;
301 end;
302 {$EXTERNALSYM _SID_INFO_LIST}
303 SID_INFO_LIST = _SID_INFO_LIST;
304 {$EXTERNALSYM SID_INFO_LIST}
305 TSidInfoList = SID_INFO_LIST;
306 PSidInfoList = PSID_INFO_LIST;
307
308 const
309 IID_IEffectivePermission: TGUID = '{3853DC76-9F35-407c-88A1-D19344365FBC}';
310 {$EXTERNALSYM IID_IEffectivePermission}
311 IID_ISecurityObjectTypeInfo: TGUID = '{fc3066eb-79ef-444b-9111-d18a75ebf2fa}';
312 {$EXTERNALSYM IID_ISecurityObjectTypeInfo}
313
314 type
315 IEffectivePermission = interface(IUnknown)
316 ['{3853DC76-9F35-407c-88A1-D19344365FBC}']
GetEffectivePermissionnull317 function GetEffectivePermission(const pguidObjectType: TGUID; pUserSid: PSID;
318 pszServerName: LPCWSTR; pSD: PSECURITY_DESCRIPTOR; var ppObjectTypeList: POBJECT_TYPE_LIST;
319 var pcObjectTypeListLength: ULONG; var ppGrantedAccessList: PACCESS_MASK;
320 var pcGrantedAccessListLength: ULONG): HRESULT; stdcall;
321 end;
322 {$EXTERNALSYM IEffectivePermission}
323 LPEFFECTIVEPERMISSION = IEffectivePermission;
324 {$EXTERNALSYM LPEFFECTIVEPERMISSION}
325
326 ISecurityObjectTypeInfo = interface(IUnknown)
327 ['{fc3066eb-79ef-444b-9111-d18a75ebf2fa}']
GetInheritSourcenull328 function GetInheritSource(si: SECURITY_INFORMATION; pACL: PACL;
329 var ppInheritArray: PINHERITED_FROM): HRESULT; stdcall;
330 end;
331 {$EXTERNALSYM ISecurityObjectTypeInfo}
332 LPSecurityObjectTypeInfo = ISecurityObjectTypeInfo;
333 {$EXTERNALSYM LPSecurityObjectTypeInfo}
334
335 type
336 HPROPSHEETPAGE = Pointer;
337 {$EXTERNALSYM HPROPSHEETPAGE}
338
CreateSecurityPagenull339 function CreateSecurityPage(psi: LPSECURITYINFO): HPROPSHEETPAGE; stdcall;
340 {$EXTERNALSYM CreateSecurityPage}
EditSecuritynull341 function EditSecurity(hwndOwner: HWND; psi: LPSECURITYINFO): BOOL; stdcall;
342 {$EXTERNALSYM EditSecurity}
343
344 {$ENDIF JWA_IMPLEMENTATIONSECTION}
345
346 {$IFNDEF JWA_OMIT_SECTIONS}
347 implementation
348 //uses ...
349 {$ENDIF JWA_OMIT_SECTIONS}
350
351
352 {$IFNDEF JWA_INTERFACESECTION}
353
354 {$IFNDEF JWA_INCLUDEMODE}
355 const
356 acluilib = 'aclui.dll';
357 {$ENDIF JWA_INCLUDEMODE}
358
359 {$IFDEF DYNAMIC_LINK}
360
361 var
362 _CreateSecurityPage: Pointer;
363
CreateSecurityPagenull364 function CreateSecurityPage;
365 begin
366 GetProcedureAddress(_CreateSecurityPage, acluilib, 'CreateSecurityPage');
367 asm
368 MOV ESP, EBP
369 POP EBP
370 JMP [_CreateSecurityPage]
371 end;
372 end;
373
374 var
375 _EditSecurity: Pointer;
376
EditSecuritynull377 function EditSecurity;
378 begin
379 GetProcedureAddress(_EditSecurity, acluilib, 'EditSecurity');
380 asm
381 MOV ESP, EBP
382 POP EBP
383 JMP [_EditSecurity]
384 end;
385 end;
386
387 {$ELSE}
388
CreateSecurityPagenull389 function CreateSecurityPage; external acluilib name 'CreateSecurityPage';
EditSecuritynull390 function EditSecurity; external acluilib name 'EditSecurity';
391
392 {$ENDIF DYNAMIC_LINK}
393
394 {$ENDIF JWA_INTERFACESECTION}
395
396
397 {$IFNDEF JWA_OMIT_SECTIONS}
398 end.
399 {$ENDIF JWA_OMIT_SECTIONS}
400