Class: TurboRex::Windows::Security::ACE

Inherits:
Object
  • Object
show all
Defined in:
lib/turborex/windows/security/ace.rb

Direct Known Subclasses

AccessAllowedACE, AccessDeniedACE, SystemAuditAce

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(type, flags) ⇒ ACE

Returns a new instance of ACE.



8
9
10
11
 
# File 'lib/turborex/windows/security/ace.rb', line 8

def initialize(type, flags)
  @type = type
  @flags = flags
end

Instance Attribute Details

#flagsObject (readonly)

Returns the value of attribute flags.



6
7
8
 
# File 'lib/turborex/windows/security/ace.rb', line 6

def flags
  @flags
end

#typeObject (readonly)

Returns the value of attribute type.



5
6
7
 
# File 'lib/turborex/windows/security/ace.rb', line 5

def type
  @type
end

Class Method Details

.from_raw(raw) ⇒ Object 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/turborex/windows/security/ace.rb', line 13

def self.from_raw(raw)
  ace_header = TurboRex::Windows::Win32API.decode_c_struct('ACE_HEADER', raw)
  sid_offset = ace_header.sizeof + 4
  type = ace_header.AceType
  flags = ace_header.AceFlags
  mask = raw[ace_header.sizeof, 4].unpack('V').first

  sid = TurboRex::Windows::Win32API.decode_c_struct('SID', raw, sid_offset)
  ppszsid = TurboRex::Windows::Win32API.alloc_c_ptr('LPSTR')
  if TurboRex::Windows::Win32API.convertsidtostringsida(sid, ppszsid) == 0
    raise "Unable to call ConvertSidToStringSidA. GetLastError returns: #{TurboRex::Windows::Win32API.getlasterror}"
  end
  sz_sid = TurboRex::Windows::Win32API.memory_read_strz(ppszsid[0])

  case type
  when TurboRex::Windows::Constants::ACCESS_DENIED_ACE_TYPE
    AccessDeniedACE.new(mask, sz_sid, flags)
  when TurboRex::Windows::Constants::ACCESS_ALLOWED_ACE_TYPE
    AccessAllowedACE.new(mask, sz_sid, flags)
  end
end