Class: Win32::Security::ACL

Inherits:

Object

Object
Win32::Security::ACL

show all

Extended by:: Windows::Security::Functions

Includes:: Windows::Security::Constants, Windows::Security::Functions, Windows::Security::Structs

Defined in:: lib/win32/security/acl.rb

Overview

The ACL class encapsulates an Access Control List.

Constant Summary collapse

VERSION = The version of the Win32::Security::ACL class.

'0.2.0'

Constants included from Windows::Security::Constants

Instance Attribute Summary collapse

#acl ⇒ Object readonly

The underlying ACL structure.
#revision ⇒ Object

The revision level.

Instance Method Summary collapse

#ace_count ⇒ Object

Returns the number of ACE’s in the ACL object.
#add_access_allowed_ace(sid, mask = 0) ⇒ Object

Adds an access allowed ACE to the given sid.
#add_access_denied_ace(sid, mask = 0) ⇒ Object

Adds an access denied ACE to the given sid.
#add_ace(ace, index = MAXDWORD) ⇒ Object

Adds an ACE to the ACL object with the given revision at index or the end of the chain if no index is specified.
#delete_ace(index = MAXDWORD) ⇒ Object

Deletes an ACE from the ACL object at index, or from the end of the chain if no index is specified.
#find_ace(index = nil) ⇒ Object

Finds and returns a pointer (address) to an ACE in the ACL at the given index.
#initialize(revision = ACL_REVISION) ⇒ ACL constructor

Creates and returns a new Win32::Security::ACL object.
#valid? ⇒ Boolean

Returns whether or not the ACL is a valid ACL.

Constructor Details

#initialize(revision = ACL_REVISION) ⇒ `ACL`

Creates and returns a new Win32::Security::ACL object. This object encapsulates an ACL structure, including a binary representation of the ACL itself, and the revision information.

# File 'lib/win32/security/acl.rb', line 31

def initialize(revision = ACL_REVISION)
  acl = ACL_STRUCT.new

  unless InitializeAcl(acl, acl.size, revision)
    raise SystemCallError.new("InitializeAcl", FFI.errno)
  end

  @acl = acl
  @revision = revision
end

Instance Attribute Details

#acl ⇒ `Object` (readonly)

The underlying ACL structure.



22
23
24

# File 'lib/win32/security/acl.rb', line 22

def acl
  @acl
end

#revision ⇒ `Object`

The revision level.



25
26
27

# File 'lib/win32/security/acl.rb', line 25

def revision
  @revision
end

Instance Method Details

#ace_count ⇒ `Object`

Returns the number of ACE’s in the ACL object.

# File 'lib/win32/security/acl.rb', line 44

def ace_count
  info = ACL_SIZE_INFORMATION.new

  unless GetAclInformation(@acl, info, info.size, AclSizeInformation)
    raise SystemCallError.new("GetAclInformation", FFI.errno)
  end

  info[:AceCount]
end

#add_access_allowed_ace(sid, mask = 0) ⇒ `Object`

Adds an access allowed ACE to the given sid. The mask is a bitwise OR’d value of access rights.

TODO: Move this into the SID class?

# File 'lib/win32/security/acl.rb', line 58

def add_access_allowed_ace(sid, mask=0)
  unless AddAccessAllowedAce(@acl, @revision, mask, sid)
    raise SystemCallError.new("AddAccessAllowedAce", FFI.errno)
  end
end

#add_access_denied_ace(sid, mask = 0) ⇒ `Object`

Adds an access denied ACE to the given sid.

# File 'lib/win32/security/acl.rb', line 66

def add_access_denied_ace(sid, mask=0)
  unless AddAccessDeniedAce(@acl, @revision, mask, sid)
    raise SystemCallError.new("AddAccessDeniedAce", FFI.errno)
  end
end

#add_ace(ace, index = MAXDWORD) ⇒ `Object`

Adds an ACE to the ACL object with the given revision at index or the end of the chain if no index is specified.

Returns the index if successful. – This is untested and will require an actual implementation of Win32::Security::Ace before it can work properly.

# File 'lib/win32/security/acl.rb', line 80

def add_ace(ace, index=MAXDWORD)
  unless AddAce(@acl, @revision, index, ace, ace.length)
    raise SystemCallError.new("AddAce", FFI.errno)
  end

  index
end

#delete_ace(index = MAXDWORD) ⇒ `Object`

Deletes an ACE from the ACL object at index, or from the end of the chain if no index is specified.

Returns the index if successful. – This is untested and will require an actual implementation of Win32::Security::Ace before it can work properly.

# File 'lib/win32/security/acl.rb', line 96

def delete_ace(index=MAXDWORD)
  unless DeleteAce(@ace, index)
    raise SystemCallError.new("DeleteAce", FFI.errno)
  end

  index
end

#find_ace(index = nil) ⇒ `Object`

Finds and returns a pointer (address) to an ACE in the ACL at the given index. If no index is provided, then an address to the first free byte of the ACL is returned.

# File 'lib/win32/security/acl.rb', line 108

def find_ace(index = nil)
  pptr = FFI::MemoryPointer.new(:pointer)

  if index.nil?
    unless FindFirstFreeAce(@acl, pptr)
      raise SystemCallError.new("DeleteAce", FFI.errno)
    end
  else
    unless GetAce(@acl, index, pptr)
      raise SystemCallError.new("GetAce", FFI.errno)
    end
  end

  pptr.read_pointer.address
end

#valid? ⇒ `Boolean`

Returns whether or not the ACL is a valid ACL.

Returns:

(Boolean)



144
145
146

# File 'lib/win32/security/acl.rb', line 144

def valid?
  IsValidAcl(@acl)
end

Class: Win32::Security::ACL

Overview

Constant Summary collapse

Constants included from Windows::Security::Constants

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(revision = ACL_REVISION) ⇒ ACL

Instance Attribute Details

#acl ⇒ Object (readonly)

#revision ⇒ Object

Instance Method Details

#ace_count ⇒ Object

#add_access_allowed_ace(sid, mask = 0) ⇒ Object

#add_access_denied_ace(sid, mask = 0) ⇒ Object

#add_ace(ace, index = MAXDWORD) ⇒ Object

#delete_ace(index = MAXDWORD) ⇒ Object

#find_ace(index = nil) ⇒ Object

#valid? ⇒ Boolean