ReactOS 0.4.15-dev-8135-g1bc6c90
resman.c
Go to the documentation of this file.
1/*
2 * ReactOS Authorization Framework
3 * Copyright (C) 2005 - 2006 ReactOS Team
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19/*
20 * PROJECT: ReactOS Authorization Framework
21 * FILE: lib/authz/resman.c
22 * PURPOSE: Authorization Framework
23 * PROGRAMMER: Thomas Weidenmueller <w3seek@reactos.com>
24 *
25 * UPDATE HISTORY:
26 * 10/07/2005 Created
27 */
28
29#include "precomp.h"
30
31#define NDEBUG
32#include <debug.h>
33
34static BOOL
36 IN HANDLE hToken)
37{
38 TOKEN_USER User;
39 TOKEN_STATISTICS Statistics;
41 PSID UserSid = NULL;
42 BOOL Ret = FALSE;
43
44 /* query information about the user */
45 BufLen = sizeof(User);
46 Ret = GetTokenInformation(hToken,
48 &User,
49 BufLen,
50 &BufLen);
51 if (Ret)
52 {
54 if (BufLen != 0)
55 {
56 UserSid = (PSID)LocalAlloc(LMEM_FIXED,
57 BufLen);
58 if (UserSid != NULL)
59 {
60 CopyMemory(UserSid,
61 User.User.Sid,
62 BufLen);
63 }
64 else
65 Ret = FALSE;
66 }
67 else
68 Ret = FALSE;
69 }
70
71 if (Ret)
72 {
73 /* query general information */
74 BufLen = sizeof(Statistics);
75 Ret = GetTokenInformation(hToken,
77 &Statistics,
78 BufLen,
79 &BufLen);
80 }
81
82 if (Ret)
83 {
84 ResMan->UserSid = UserSid;
85 ResMan->AuthenticationId = Statistics.AuthenticationId;
86 Ret = TRUE;
87 }
88 else
89 {
90 if (UserSid != NULL)
91 {
92 LocalFree((HLOCAL)UserSid);
93 }
94 }
95
96 return Ret;
97}
98
99static BOOL
101{
102 HANDLE hToken;
103 BOOL Ret;
104
107 TRUE,
108 &hToken);
109 if (Ret)
110 {
111 Ret = AuthzpQueryToken(ResMan,
112 hToken);
113 CloseHandle(hToken);
114 }
115
116 return Ret;
117}
118
119static BOOL
121{
122 HANDLE hToken;
123 BOOL Ret;
124
127 &hToken);
128 if (Ret)
129 {
130 Ret = AuthzpQueryToken(ResMan,
131 hToken);
132 CloseHandle(hToken);
133 }
134
135 return Ret;
136}
137
138
139/*
140 * @unimplemented
141 */
143BOOL
144WINAPI
147 IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL,
148 IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL,
149 IN PCWSTR ResourceManagerName OPTIONAL,
150 IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
151{
152 BOOL Ret = FALSE;
153
154 if (pAuthzResourceManager != NULL &&
156 {
157 PAUTHZ_RESMAN ResMan;
159
160 if (ResourceManagerName != NULL)
161 {
162 RequiredSize += wcslen(ResourceManagerName) * sizeof(WCHAR);
163 }
164
167 if (ResMan != NULL)
168 {
169 /* initialize the resource manager structure */
170#if DBG
171 ResMan->Tag = RESMAN_TAG;
172#endif
173
174 ResMan->flags = flags;
175 ResMan->UserSid = NULL;
176
177 if (ResourceManagerName != NULL)
178 {
180 ResourceManagerName);
181 }
182 else
184
185 ResMan->pfnAccessCheck = pfnAccessCheck;
186 ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
187 ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
188
190 {
191 /* FIXME - initialize auditing */
192 DPRINT1("Auditing not implemented!\n");
193 }
194
196 {
197 Ret = AuthzpInitUnderImpersonation(ResMan);
198 }
199 else
200 {
201 Ret = AuthzpInitSelf(ResMan);
202 }
203
204 if (Ret)
205 {
206 /* finally return the handle */
207 *pAuthzResourceManager = (AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
208 }
209 else
210 {
211 DPRINT1("Querying the token failed!\n");
212 LocalFree((HLOCAL)ResMan);
213 }
214 }
215 }
216 else
218
219 return Ret;
220}
221
222
223/*
224 * @unimplemented
225 */
227BOOL
228WINAPI
230{
231 BOOL Ret = FALSE;
232
233 if (AuthzResourceManager != NULL)
234 {
235 PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
236
237 VALIDATE_RESMAN_HANDLE(AuthzResourceManager);
238
239 if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
240 {
241 /* FIXME - cleanup auditing */
242 }
243
244 if (ResMan->UserSid != NULL)
245 {
246 LocalFree((HLOCAL)ResMan->UserSid);
247 }
248
249 LocalFree((HLOCAL)AuthzResourceManager);
250 Ret = TRUE;
251 }
252 else
254
255 return Ret;
256}
257
VOID(CALLBACK * PFN_AUTHZ_FREE_DYNAMIC_GROUPS)(IN PSID_AND_ATTRIBUTES pSidAttrArray)
Definition: authz.h:120
HANDLE AUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
#define AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION
Definition: authz.h:43
#define AUTHZ_RM_FLAG_NO_AUDIT
Definition: authz.h:42
#define AUTHZAPI
Definition: authz.h:21
BOOL(CALLBACK * PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PVOID Args, OUT PSID_AND_ATTRIBUTES *pSidAttrArray, OUT PDWORD pSidCount, OUT PSID_AND_ATTRIBUTES *pRestrictedSidAttrArray, OUT PDWORD pRestrictedSidCount)
Definition: authz.h:113
BOOL(CALLBACK * PFN_AUTHZ_DYNAMIC_ACCESS_CHECK)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PACE_HEADER pAce, IN PVOID pArgs OPTIONAL, IN OUT PBOOL pbAceApplicable)
Definition: authz.h:108
#define DPRINT1
Definition: precomp.h:8
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:411
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:919
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:336
#define VALIDATE_RESMAN_HANDLE(handle)
Definition: precomp.h:26
struct _AUTHZ_RESMAN * PAUTHZ_RESMAN
struct _AUTHZ_RESMAN AUTHZ_RESMAN
#define CloseHandle
Definition: compat.h:739
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define SetLastError(x)
Definition: compat.h:752
#define GetCurrentProcess()
Definition: compat.h:759
#define BufLen
Definition: fatfs.h:167
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
GLbitfield flags
Definition: glext.h:7161
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1390
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
struct _SID * PSID
Definition: eventlog.c:35
#define UNICODE_NULL
AUTHZAPI BOOL WINAPI AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
Definition: resman.c:229
static BOOL AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
Definition: resman.c:120
static BOOL AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan, IN HANDLE hToken)
Definition: resman.c:35
AUTHZAPI BOOL WINAPI AuthzInitializeResourceManager(IN DWORD flags, IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck OPTIONAL, IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL, IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL, IN PCWSTR ResourceManagerName OPTIONAL, IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
Definition: resman.c:145
static BOOL AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
Definition: resman.c:100
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
WCHAR ResourceManagerName[1]
Definition: precomp.h:45
DWORD flags
Definition: precomp.h:41
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups
Definition: precomp.h:38
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck
Definition: precomp.h:37
PSID UserSid
Definition: precomp.h:42
PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups
Definition: precomp.h:39
LUID AuthenticationId
Definition: setypes.h:1087
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
const uint16_t * PCWSTR
Definition: typedefs.h:57
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define IN
Definition: typedefs.h:39
#define OUT
Definition: typedefs.h:40
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ ULONG _Out_ PVOID _Out_ PULONG RequiredSize
Definition: wdfdevice.h:4439
HANDLE WINAPI GetCurrentThread(void)
Definition: proc.c:1148
#define CopyMemory
Definition: winbase.h:1710
#define LMEM_FIXED
Definition: winbase.h:368
#define WINAPI
Definition: msvc.h:6
#define TOKEN_QUERY
Definition: setypes.h:928
@ TokenUser
Definition: setypes.h:966
__wchar_t WCHAR
Definition: xmlstorage.h:180