2 * ReactOS Authorization Framework
3 * Copyright (C) 2005 ReactOS Team
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 /* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
21 * PROJECT: ReactOS Authorization Framework
22 * FILE: lib/authz/resman.c
23 * PURPOSE: Authorization Framework
24 * PROGRAMMER: Thomas Weidenmueller <w3seek@reactos.com>
31 typedef struct _AUTHZ_RESMAN
37 PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck
;
38 PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups
;
39 PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups
;
43 LUID AuthenticationId
;
45 WCHAR ResourceManagerName
[1];
46 } AUTHZ_RESMAN
, *PAUTHZ_RESMAN
;
49 AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan
,
53 TOKEN_STATISTICS Statistics
;
58 /* query information about the user */
59 BufLen
= sizeof(User
);
60 Ret
= GetTokenInformation(hToken
,
67 BufLen
= GetLengthSid(User
.User
.Sid
);
70 UserSid
= (PSID
)LocalAlloc(LMEM_FIXED
,
87 /* query general information */
88 BufLen
= sizeof(Statistics
);
89 Ret
= GetTokenInformation(hToken
,
98 ResMan
->UserSid
= UserSid
;
99 ResMan
->AuthenticationId
= Statistics
.AuthenticationId
;
106 LocalFree((HLOCAL
)UserSid
);
114 AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan
)
119 Ret
= OpenThreadToken(GetCurrentThread(),
125 Ret
= AuthzpQueryToken(ResMan
,
134 AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan
)
139 Ret
= OpenProcessToken(GetCurrentProcess(),
144 Ret
= AuthzpQueryToken(ResMan
,
159 AuthzInitializeResourceManager(IN DWORD flags
,
160 IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck OPTIONAL
,
161 IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL
,
162 IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL
,
163 IN PCWSTR ResourceManagerName OPTIONAL
,
164 IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager
)
168 if (pAuthzResourceManager
!= NULL
&&
169 !(flags
& ~(AUTHZ_RM_FLAG_NO_AUDIT
| AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION
)))
171 PAUTHZ_RESMAN ResMan
;
172 SIZE_T RequiredSize
= sizeof(AUTHZ_RESMAN
);
174 if (ResourceManagerName
!= NULL
)
176 RequiredSize
+= wcslen(ResourceManagerName
) * sizeof(WCHAR
);
179 ResMan
= (PAUTHZ_RESMAN
)LocalAlloc(LMEM_FIXED
,
183 /* initialize the resource manager structure */
185 ResMan
->Tag
= RESMAN_TAG
;
188 ResMan
->flags
= flags
;
189 ResMan
->UserSid
= NULL
;
191 if (ResourceManagerName
!= NULL
)
193 wcscpy(ResMan
->ResourceManagerName
,
194 ResourceManagerName
);
197 ResMan
->ResourceManagerName
[0] = UNICODE_NULL
;
199 ResMan
->pfnAccessCheck
= pfnAccessCheck
;
200 ResMan
->pfnComputeDynamicGroups
= pfnComputeDynamicGroups
;
201 ResMan
->pfnFreeDynamicGroups
= pfnFreeDynamicGroups
;
203 if (!(flags
& AUTHZ_RM_FLAG_NO_AUDIT
))
205 /* FIXME - initialize auditing */
206 DPRINT1("Auditing not implemented!\n");
209 if (flags
& AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION
)
211 Ret
= AuthzpInitUnderImpersonation(ResMan
);
215 Ret
= AuthzpInitSelf(ResMan
);
220 /* finally return the handle */
221 *pAuthzResourceManager
= (AUTHZ_RESOURCE_MANAGER_HANDLE
)ResMan
;
225 DPRINT1("Querying the token failed!\n");
226 LocalFree((HLOCAL
)ResMan
);
231 SetLastError(ERROR_INVALID_PARAMETER
);
243 AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager
)
247 if (AuthzResourceManager
!= NULL
)
249 PAUTHZ_RESMAN ResMan
= (PAUTHZ_RESMAN
)AuthzResourceManager
;
251 VALID_RESMAN_HANDLE(AuthzResourceManager
);
253 if (!(ResMan
->flags
& AUTHZ_RM_FLAG_NO_AUDIT
))
255 /* FIXME - cleanup auditing */
258 if (ResMan
->UserSid
!= NULL
)
260 LocalFree((HLOCAL
)ResMan
->UserSid
);
263 LocalFree((HLOCAL
)AuthzResourceManager
);
267 SetLastError(ERROR_INVALID_PARAMETER
);