projects / reactos.git / blob
? search:


19456d04a41877cad587f9fc6374218ff03bdb7c
[reactos.git] / reactos / lib / authz / resman.c
1 /*
2 * ReactOS Authorization Framework
3 * Copyright (C) 2005 ReactOS Team
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 /* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
20 *
21 * PROJECT: ReactOS Authorization Framework
22 * FILE: lib/authz/resman.c
23 * PURPOSE: Authorization Framework
24 * PROGRAMMER: Thomas Weidenmueller <w3seek@reactos.com>
25 *
26 * UPDATE HISTORY:
27 * 10/07/2005 Created
28 */
29 #include <precomp.h>
30
31 typedef struct _AUTHZ_RESMAN
32 {
33 #if DBG
34 DWORD Tag;
35 #endif
36
37 PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
38 PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
39 PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
40
41 DWORD flags;
42 PSID UserSid;
43 LUID AuthenticationId;
44
45 WCHAR ResourceManagerName[1];
46 } AUTHZ_RESMAN, *PAUTHZ_RESMAN;
47
48 static BOOL
49 AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan,
50 IN HANDLE hToken)
51 {
52 TOKEN_USER User;
53 TOKEN_STATISTICS Statistics;
54 DWORD BufLen;
55 PSID UserSid = NULL;
56 BOOL Ret = FALSE;
57
58 /* query information about the user */
59 BufLen = sizeof(User);
60 Ret = GetTokenInformation(hToken,
61 TokenUser,
62 &User,
63 BufLen,
64 &BufLen);
65 if (Ret)
66 {
67 BufLen = GetLengthSid(User.User.Sid);
68 if (BufLen != 0)
69 {
70 UserSid = (PSID)LocalAlloc(LMEM_FIXED,
71 BufLen);
72 if (UserSid != NULL)
73 {
74 CopyMemory(UserSid,
75 User.User.Sid,
76 BufLen);
77 }
78 else
79 Ret = FALSE;
80 }
81 else
82 Ret = FALSE;
83 }
84
85 if (Ret)
86 {
87 /* query general information */
88 BufLen = sizeof(Statistics);
89 Ret = GetTokenInformation(hToken,
90 TokenUser,
91 &Statistics,
92 BufLen,
93 &BufLen);
94 }
95
96 if (Ret)
97 {
98 ResMan->UserSid = UserSid;
99 ResMan->AuthenticationId = Statistics.AuthenticationId;
100 Ret = TRUE;
101 }
102 else
103 {
104 if (UserSid != NULL)
105 {
106 LocalFree((HLOCAL)UserSid);
107 }
108 }
109
110 return Ret;
111 }
112
113 static BOOL
114 AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
115 {
116 HANDLE hToken;
117 BOOL Ret;
118
119 Ret = OpenThreadToken(GetCurrentThread(),
120 TOKEN_QUERY,
121 TRUE,
122 &hToken);
123 if (Ret)
124 {
125 Ret = AuthzpQueryToken(ResMan,
126 hToken);
127 CloseHandle(hToken);
128 }
129
130 return Ret;
131 }
132
133 static BOOL
134 AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
135 {
136 HANDLE hToken;
137 BOOL Ret;
138
139 Ret = OpenProcessToken(GetCurrentProcess(),
140 TOKEN_QUERY,
141 &hToken);
142 if (Ret)
143 {
144 Ret = AuthzpQueryToken(ResMan,
145 hToken);
146 CloseHandle(hToken);
147 }
148
149 return Ret;
150 }
151
152
153 /*
154 * @unimplemented
155 */
156 AUTHZAPI
157 BOOL
158 WINAPI
159 AuthzInitializeResourceManager(IN DWORD flags,
160 IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck OPTIONAL,
161 IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL,
162 IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL,
163 IN PCWSTR ResourceManagerName OPTIONAL,
164 IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
165 {
166 BOOL Ret = FALSE;
167
168 if (pAuthzResourceManager != NULL &&
169 !(flags & ~(AUTHZ_RM_FLAG_NO_AUDIT | AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)))
170 {
171 PAUTHZ_RESMAN ResMan;
172 SIZE_T RequiredSize = sizeof(AUTHZ_RESMAN);
173
174 if (ResourceManagerName != NULL)
175 {
176 RequiredSize += wcslen(ResourceManagerName) * sizeof(WCHAR);
177 }
178
179 ResMan = (PAUTHZ_RESMAN)LocalAlloc(LMEM_FIXED,
180 RequiredSize);
181 if (ResMan != NULL)
182 {
183 /* initialize the resource manager structure */
184 #if DBG
185 ResMan->Tag = RESMAN_TAG;
186 #endif
187
188 ResMan->flags = flags;
189 ResMan->UserSid = NULL;
190
191 if (ResourceManagerName != NULL)
192 {
193 wcscpy(ResMan->ResourceManagerName,
194 ResourceManagerName);
195 }
196 else
197 ResMan->ResourceManagerName[0] = UNICODE_NULL;
198
199 ResMan->pfnAccessCheck = pfnAccessCheck;
200 ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
201 ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
202
203 if (!(flags & AUTHZ_RM_FLAG_NO_AUDIT))
204 {
205 /* FIXME - initialize auditing */
206 DPRINT1("Auditing not implemented!\n");
207 }
208
209 if (flags & AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)
210 {
211 Ret = AuthzpInitUnderImpersonation(ResMan);
212 }
213 else
214 {
215 Ret = AuthzpInitSelf(ResMan);
216 }
217
218 if (Ret)
219 {
220 /* finally return the handle */
221 *pAuthzResourceManager = (AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
222 }
223 else
224 {
225 DPRINT1("Querying the token failed!\n");
226 LocalFree((HLOCAL)ResMan);
227 }
228 }
229 }
230 else
231 SetLastError(ERROR_INVALID_PARAMETER);
232
233 return Ret;
234 }
235
236
237 /*
238 * @unimplemented
239 */
240 AUTHZAPI
241 BOOL
242 WINAPI
243 AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
244 {
245 BOOL Ret = FALSE;
246
247 if (AuthzResourceManager != NULL)
248 {
249 PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
250
251 VALID_RESMAN_HANDLE(AuthzResourceManager);
252
253 if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
254 {
255 /* FIXME - cleanup auditing */
256 }
257
258 if (ResMan->UserSid != NULL)
259 {
260 LocalFree((HLOCAL)ResMan->UserSid);
261 }
262
263 LocalFree((HLOCAL)AuthzResourceManager);
264 Ret = TRUE;
265 }
266 else
267 SetLastError(ERROR_INVALID_PARAMETER);
268
269 return Ret;
270 }
271
A free Windows-compatible Operating System