Class: Win32::Security::SID

Inherits:

Object

• Object
• Win32::Security::SID

Extended by:

Windows::Security::Functions

Includes:

Windows::Security::Constants, Windows::Security::Functions, Windows::Security::Structs

Defined in:

lib/win32/security/sid.rb

Overview

The SID class encapsulates a Security Identifier.

Constant Summary

VERSION =

The version of the Win32::Security::SID class.

'0.2.2'

Null =

Some constant SID’s for your convenience, in string format. See support.microsoft.com/kb/243330 for details.

'S-1-0'

Nobody =

'S-1-0-0'

World =

'S-1-1'

Everyone =

'S-1-1-0'

Local =

'S-1-2'

Creator =

'S-1-3'

CreatorOwner =

'S-1-3-0'

CreatorGroup =

'S-1-3-1'

CreatorOwnerServer =

'S-1-3-2'

CreatorGroupServer =

'S-1-3-3'

NonUnique =

'S-1-4'

Nt =

'S-1-5'

Dialup =

'S-1-5-1'

Network =

'S-1-5-2'

Batch =

'S-1-5-3'

Interactive =

'S-1-5-4'

Service =

'S-1-5-6'

Anonymous =

'S-1-5-7'

Proxy =

'S-1-5-8'

EnterpriseDomainControllers =

'S-1-5-9'

PrincipalSelf =

'S-1-5-10'

AuthenticatedUsers =

'S-1-5-11'

RestrictedCode =

'S-1-5-12'

TerminalServerUsers =

'S-1-5-13'

LocalSystem =

'S-1-5-18'

NtLocal =

'S-1-5-19'

NtNetwork =

'S-1-5-20'

BuiltinAdministrators =

'S-1-5-32-544'

BuiltinUsers =

'S-1-5-32-545'

Guests =

'S-1-5-32-546'

PowerUsers =

'S-1-5-32-547'

AccountOperators =

'S-1-5-32-548'

ServerOperators =

'S-1-5-32-549'

PrintOperators =

'S-1-5-32-550'

BackupOperators =

'S-1-5-32-551'

Replicators =

'S-1-5-32-552'

Instance Attribute Summary

• #account ⇒ Object readonly

  The account name passed to the constructor.

• #account_type ⇒ Object readonly

  The SID account type, e.g.

• #domain ⇒ Object readonly

  The domain the SID is on.

• #host ⇒ Object readonly

  The host passed to the constructor, or the localhost if none was specified.

• #sid ⇒ Object readonly

  The binary SID object itself.

Class Method Summary

• .create(authority, *sub_authorities) ⇒ Object

  Creates a new SID with authority and up to 8 subauthorities, and returns new Win32::Security::SID object.

• .open(account = nil, host = Socket.gethostname) ⇒ Object

  Synonym for SID.new.

• .sid_to_string(sid) ⇒ Object

  Converts a binary SID to a string in S-R-I-S-S…

• .string_to_sid(string) ⇒ Object

  Converts a string in S-R-I-S-S…

Instance Method Summary

• #==(other) ⇒ Object

  Returns whether or not the SID object is equal to other.

• #initialize(account = nil, host = Socket.gethostname) ⇒ SID constructor

  Creates and returns a new Win32::Security::SID object, based on the account name, which may also be a binary SID.

• #length ⇒ Object

  Returns the length of the SID object, in bytes.

• #to_s ⇒ Object (also: #to_str)

  Returns the binary SID in string format suitable for display, storage or transmission.

• #valid? ⇒ Boolean

  Returns whether or not the SID is a valid sid.

• #well_known? ⇒ Boolean

  Returns whether or not the SID is a well known SID.

Constructor Details

#initialize(account = nil, host = Socket.gethostname) ⇒ SID

Creates and returns a new Win32::Security::SID object, based on the account name, which may also be a binary SID. If a host is provided, then the information is retrieved from that host. Otherwise, the local host is used.

If no account is provided then it retrieves information for the user account associated with the calling thread and the host argument is ignored.

Note that this does NOT create a new SID, but merely retrieves information for an existing SID. To create a new SID, use the SID.create method.

Examples:

# Current user
Win32::Security::SID.new

# User 'john' on the localhost
Win32::Security::SID.new('john')

# User 'jane' on a remote machine
Win32::Security::SID.new('jane', 'some_host')

# Binary SID
Win32::Security::SID.new("\001\000\000\000\000\000\001\000\000\000\000")

# File 'lib/win32/security/sid.rb', line 183

def initialize(account=nil, host=Socket.gethostname)
  if account.nil?
    begin
      if RUBY_PLATFORM == 'java' && ENV_JAVA['sun.arch.data.model'] == '64'
        ptr_type = :ulong_long
      else
        ptr_type = :uintptr_t
      end

      ptoken = FFI::MemoryPointer.new(ptr_type)

      # Try the thread token first, default to the process token.
      bool = OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, 1, ptoken)

      if !bool && FFI.errno != ERROR_NO_TOKEN
        raise SystemCallError.new("OpenThreadToken", FFI.errno)
      else
        ptoken.clear
        unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, ptoken)
          raise SystemCallError.new("OpenProcessToken", FFI.errno)
        end
      end

      token = ptoken.read_pointer.to_i

      pinfo = FFI::MemoryPointer.new(:pointer)
      plength = FFI::MemoryPointer.new(:ulong)

      # First pass, just get the size needed (1 is TokenOwner)
      GetTokenInformation(token, 1, pinfo, pinfo.size, plength)

      pinfo = FFI::MemoryPointer.new(plength.read_ulong)
      plength.clear

      # Second pass, actual call (1 is TokenOwner)
      unless GetTokenInformation(token, 1, pinfo, pinfo.size, plength)
        raise SystemCallError.new("GetTokenInformation", FFI.errno)
      end

      token_info = pinfo.read_pointer
    ensure
      CloseHandle(token) if token
    end
  end

  if account
    ordinal_val = account[0]
    ordinal_val = ordinal_val.ord if RUBY_VERSION.to_f >= 1.9
  else
    ordinal_val = nil
  end

  sid = FFI::MemoryPointer.new(:uchar, 260)
  sid_size = FFI::MemoryPointer.new(:ulong)
  sid_size.write_ulong(sid.size)

  domain = FFI::MemoryPointer.new(:uchar, 260)
  domain_size = FFI::MemoryPointer.new(:ulong)
  domain_size.write_ulong(domain.size)

  use_ptr = FFI::MemoryPointer.new(:ulong)

  if ordinal_val.nil?
    bool = LookupAccountSid(
      nil,
      token_info,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )
    unless bool
      raise SystemCallError.new("LookupAccountSid", FFI.errno)
    end
  elsif ordinal_val < 10 # Assume it's a binary SID.
    account_ptr = FFI::MemoryPointer.from_string(account)

    bool = LookupAccountSid(
      host,
      account_ptr,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )

    unless bool
      raise SystemCallError.new("LookupAccountSid", FFI.errno)
    end

    account_ptr.free
  else
    bool = LookupAccountName(
      host,
      account,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )
    unless bool
      raise SystemCallError.new("LookupAccountName", FFI.errno)
    end
  end

  # The arguments are flipped depending on which path we took
  if ordinal_val.nil?
    @sid = token_info.read_string
    @account = sid.read_string(sid.size).strip
  elsif ordinal_val < 10
    @sid = account
    @account = sid.read_string(sid.size).strip
  else
    length = GetLengthSid(sid)
    @sid = sid.read_string(length)
    @account = account
  end

  @host   = host
  @domain = domain.read_string

  @account_type = get_account_type(use_ptr.read_ulong)
end

Instance Attribute Details

#account ⇒ Object (readonly)

The account name passed to the constructor.

# File 'lib/win32/security/sid.rb', line 63

def account
  @account
end

#account_type ⇒ Object (readonly)

The SID account type, e.g. ‘user, ’group’, etc.

# File 'lib/win32/security/sid.rb', line 66

def account_type
  @account_type
end

#domain ⇒ Object (readonly)

The domain the SID is on.

# File 'lib/win32/security/sid.rb', line 69

def domain
  @domain
end

#host ⇒ Object (readonly)

The host passed to the constructor, or the localhost if none was specified.

# File 'lib/win32/security/sid.rb', line 73

def host
  @host
end

#sid ⇒ Object (readonly)

The binary SID object itself.

# File 'lib/win32/security/sid.rb', line 60

def sid
  @sid
end

Class Method Details

.create(authority, *sub_authorities) ⇒ Object

Creates a new SID with authority and up to 8 subauthorities, and returns new Win32::Security::SID object.

Example:

sec = Security::SID.create(
   Security::SID::SECURITY_WORLD_SID_AUTHORITY,
   Security::SID::SECURITY_WORLD_RID
)

p sec

#<Win32::Security::SID:0x2c5a95c
   @host="your_host",
   @account="Everyone",
   @account_type="well known group",
   @sid="\001\001\000\000\000\000\000\001\000\000\000\000",
   @domain=""
>

# File 'lib/win32/security/sid.rb', line 129

def self.create(authority, *sub_authorities)
  if sub_authorities.length > 8
    raise ArgumentError, "maximum of 8 subauthorities allowed"
  end

  size = GetSidLengthRequired(sub_authorities.length)
  new_obj = nil

  FFI::MemoryPointer.new(:uchar, size) do |sid|
    auth = SID_IDENTIFIER_AUTHORITY.new
    auth[:Value][5] = authority

    unless InitializeSid(sid, auth, sub_authorities.length)
      raise SystemCallError.new("InitializeSid", FFI.errno)
    end

    sub_authorities.each_index do |i|
      ptr = GetSidSubAuthority(sid, i)
      ptr.write_ulong(sub_authorities[i])
    end

    new_obj = new(sid.read_string(size)) # Pass a binary string
  end

  new_obj
end

.open(account = nil, host = Socket.gethostname) ⇒ Object

Synonym for SID.new.

# File 'lib/win32/security/sid.rb', line 312

def self.open(account=nil, host=Socket.gethostname)
  new(account, host)
end

.sid_to_string(sid) ⇒ Object

Converts a binary SID to a string in S-R-I-S-S… format.

# File 'lib/win32/security/sid.rb', line 77

def self.sid_to_string(sid)
  result = nil

  FFI::MemoryPointer.new(:pointer) do |string_sid|
    unless ConvertSidToStringSid(sid, string_sid)
      raise SystemCallError.new("ConvertSidToStringSid", FFI.errno)
    end

    result = string_sid.read_pointer.read_string
  end

  result
end

.string_to_sid(string) ⇒ Object

Converts a string in S-R-I-S-S… format back to a binary SID.

# File 'lib/win32/security/sid.rb', line 93

def self.string_to_sid(string)
  result = nil

  FFI::MemoryPointer.new(:pointer) do |sid|
    unless ConvertStringSidToSid(string, sid)
      raise SystemCallError.new("ConvertStringSidToSid", FFI.errno)
    end

    ptr = sid.read_pointer

    result = ptr.read_bytes(GetLengthSid(ptr))
  end

  result
end

Instance Method Details

#==(other) ⇒ Object

Returns whether or not the SID object is equal to other.

# File 'lib/win32/security/sid.rb', line 337

def ==(other)
  EqualSid(@sid, other.sid)
end

#length ⇒ Object

Returns the length of the SID object, in bytes.

# File 'lib/win32/security/sid.rb', line 362

def length
  GetLengthSid(@sid)
end

#to_s ⇒ Object Also known as: to_str

Returns the binary SID in string format suitable for display, storage or transmission.

# File 'lib/win32/security/sid.rb', line 319

def to_s
  string = nil

  FFI::MemoryPointer.new(:pointer) do |ptr|
    unless ConvertSidToStringSid(@sid, ptr)
      raise SystemCallError.new("ConvertSidToStringSid", FFI.errno)
    end

    string = ptr.read_pointer.read_string
  end

  string
end

#valid? ⇒ Boolean

Returns whether or not the SID is a valid sid.

Returns:

• (Boolean)

# File 'lib/win32/security/sid.rb', line 343

def valid?
  IsValidSid(@sid)
end

#well_known? ⇒ Boolean

Returns whether or not the SID is a well known SID.

Requires Windows XP or later. Earlier versions will raise a NoMethodError.

Returns:

• (Boolean)

# File 'lib/win32/security/sid.rb', line 352

def well_known?
  if defined? IsWellKnownSid
    IsWellKnownSid(@sid)
  else
    raise NoMethodError, 'requires Windows XP or later'
  end
end