280 lines
7.1 KiB
C++
280 lines
7.1 KiB
C++
/*++
|
|
|
|
Copyright (C) 1996-2001 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
Abstract:
|
|
|
|
History:
|
|
|
|
--*/
|
|
|
|
|
|
//***************************************************************************
|
|
//
|
|
// SECEDIT.H
|
|
//
|
|
// Support classes for WBEM Security Editor.
|
|
//
|
|
// raymcc 8-Jul-97 Created
|
|
// raymcc 5-Feb-98 Fixed some return codes
|
|
//
|
|
//***************************************************************************
|
|
|
|
#ifndef _SECEDIT_H_
|
|
#define _SECEDIT_H_
|
|
|
|
//***************************************************************************
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CWbemSubject
|
|
{
|
|
protected:
|
|
LPWSTR m_pName;
|
|
LPWSTR m_pAuthority;
|
|
DWORD m_dwFlags;
|
|
DWORD m_dwType;
|
|
|
|
CWbemSubject() { /* don't use this */ }
|
|
|
|
public:
|
|
enum
|
|
{
|
|
Perm_Enabled = 0x1,
|
|
Perm_Read = 0x2,
|
|
Perm_WriteInstance = 0x4,
|
|
Perm_WriteClass = 0x8,
|
|
Perm_EditSecurity = 0x10,
|
|
Perm_ExecuteMethods = 0x20
|
|
};
|
|
|
|
enum
|
|
{
|
|
Type_Invalid = 0,
|
|
Type_User = 0x1,
|
|
Type_Group = 0x2
|
|
};
|
|
|
|
enum { NoError, InvalidParameter, Failed, AccessDenied = 0x5 };
|
|
|
|
CWbemSubject(DWORD dwType);
|
|
virtual ~CWbemSubject();
|
|
CWbemSubject(CWbemSubject &Src);
|
|
CWbemSubject & operator =(CWbemSubject &Src);
|
|
|
|
int SetName(LPWSTR pName);
|
|
// Returns: NoError, InvalidParameter, Failed
|
|
|
|
const LPWSTR GetName() { return m_pName; }
|
|
// Returns string or NULL
|
|
const LPWSTR GetAuthority() { return m_pAuthority; }
|
|
|
|
void SetFlags(DWORD dwNewFlags) { m_dwFlags = dwNewFlags; }
|
|
// Replaces the flags entirely
|
|
|
|
DWORD GetFlags() { return m_dwFlags; }
|
|
// Returns all flags
|
|
|
|
int operator ==(CWbemSubject &Test);
|
|
// Test two users for equality
|
|
|
|
BOOL IsEmpty() { return m_pName ? FALSE : TRUE; }
|
|
// Is the object empty?
|
|
|
|
BOOL IsValid();
|
|
// If FALSE, the user/group is not valid
|
|
};
|
|
|
|
//***************************************************************************
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CWbemUser : public CWbemSubject
|
|
{
|
|
friend class CWbemSecurity;
|
|
// To get at password for computing digests.
|
|
|
|
public:
|
|
enum { NoError, Failed, InvalidParameter, AccessDenied = 0x5 };
|
|
|
|
CWbemUser();
|
|
~CWbemUser();
|
|
CWbemUser(CWbemUser &Src);
|
|
CWbemUser & operator =(CWbemUser &Src);
|
|
|
|
int operator ==(CWbemUser &Test) { return CWbemSubject::operator==(Test); }
|
|
|
|
int SetNtlmDomain(
|
|
LPWSTR pszDomain
|
|
);
|
|
// Returns NoError, or Failed
|
|
|
|
const LPWSTR GetNtlmDomain() { return m_pAuthority; }
|
|
// Returns NULL if NTLM is disabled
|
|
|
|
BOOL IsValid();
|
|
// If FALSE, the user/group is not valid
|
|
};
|
|
|
|
//***************************************************************************
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CWbemSecurity;
|
|
|
|
class CWbemGroup : public CWbemSubject
|
|
{
|
|
DWORD m_dwGroupFlags;
|
|
|
|
public:
|
|
enum { NoError, Failed, NoMoreData, InvalidParameter, NotFound, AccessDenied };
|
|
enum {
|
|
GroupType_Undefined = 0,
|
|
GroupType_NTLM_Local = 1,
|
|
GroupType_NTLM_Global = 2
|
|
};
|
|
|
|
CWbemGroup();
|
|
~CWbemGroup();
|
|
CWbemGroup(CWbemGroup &Src);
|
|
CWbemGroup & operator =(CWbemGroup &Src);
|
|
|
|
int operator ==(CWbemGroup &Test) { return CWbemSubject::operator==(Test); }
|
|
|
|
BOOL SetNtlmDomain(
|
|
LPWSTR pszDomainName
|
|
);
|
|
// Sets the domain name if the group is an NTLM group
|
|
|
|
const LPWSTR GetNtlmDomain() { return m_pAuthority; }
|
|
// Gets the NTLM domain name if the group is an NTLM group
|
|
|
|
BOOL IsValid();
|
|
// If FALSE, the user/group is not valid
|
|
|
|
DWORD GetGroupFlags() { return m_dwGroupFlags; }
|
|
void SetGroupFlags(DWORD dwSrc) { m_dwGroupFlags = dwSrc; }
|
|
};
|
|
|
|
|
|
//***************************************************************************
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CWbemSecurity
|
|
{
|
|
CFlexArray m_aGroups;
|
|
CFlexArray m_aUsers;
|
|
CFlexArray m_aOriginalObjects;
|
|
DWORD m_dwFlags;
|
|
IWbemServices *m_pSecurity;
|
|
|
|
friend class CWbemGroup;
|
|
|
|
// Disallow public construction, assignment, and initialization.
|
|
// ==============================================================
|
|
CWbemSecurity() {}
|
|
CWbemSecurity(CWbemSecurity &Src) { /* Not to be used */ }
|
|
|
|
DWORD Load();
|
|
DWORD LoadObject(
|
|
IWbemClassObject *pObj
|
|
);
|
|
|
|
DWORD BuildNewUserList();
|
|
DWORD BuildUser(
|
|
CWbemUser &User,
|
|
IWbemClassObject *pUser
|
|
);
|
|
|
|
DWORD BuildNewGroupList();
|
|
DWORD BuildGroup(
|
|
CWbemGroup &Grp,
|
|
IWbemClassObject *pGroupDef
|
|
);
|
|
|
|
DWORD PurgeDeletedSubjects();
|
|
|
|
|
|
public:
|
|
enum { NoError, Failed, NoMoreData, AlreadyExists, AccessDenied = 0x5,
|
|
NotFound, InvalidParameter, InvalidUser, InvalidGroup, QueryFailure,
|
|
ExistsAsGroup, ExistsAsUser, AlienSubject
|
|
};
|
|
|
|
static int Login(
|
|
LPWSTR pUser,
|
|
LPWSTR pPassword,
|
|
LPWSTR pDomain,
|
|
DWORD dwReserved,
|
|
CWbemSecurity **pSecEdit
|
|
);
|
|
// Factory
|
|
// Returns NoError, AccessDenied, InvalidParameter, Failed
|
|
// The returned pointer is deallocated using operator delete
|
|
|
|
|
|
int CommitChanges();
|
|
// Updates the WBEM database with all changes.
|
|
// This should be called if the user does not CANCEL edits.
|
|
|
|
~CWbemSecurity();
|
|
|
|
// Users.
|
|
// ======
|
|
|
|
// Nested users within this group.
|
|
// ===============================
|
|
|
|
int GetNumUsers() { return m_aUsers.Size(); }
|
|
CWbemUser GetUser(int n);
|
|
|
|
int DeleteUser(
|
|
LPWSTR pszUser,
|
|
LPWSTR pszDomain
|
|
);
|
|
// returns NoError, NotFound, AccessDenied, InvalidParameter
|
|
|
|
int PutUser(
|
|
CWbemUser &User,
|
|
BOOL bCreate = TRUE // Set to FALSE for an update
|
|
);
|
|
// Returns NoError, NotFound, AccessDenied, AlreadyExists, InvalidUser
|
|
|
|
BOOL FindUser(
|
|
IN LPWSTR pszUserName,
|
|
LPWSTR pszDomain,
|
|
OUT CWbemUser &User
|
|
);
|
|
// Returns TRUE if found, FALSE if not
|
|
|
|
// Global group list.
|
|
// ==================
|
|
|
|
int GetNumGroups() { return m_aGroups.Size(); }
|
|
CWbemGroup GetGroup(int n);
|
|
|
|
int DeleteGroup(
|
|
LPWSTR pszGroup,
|
|
LPWSTR pszDomain
|
|
);
|
|
|
|
int PutGroup(
|
|
CWbemGroup &Group
|
|
);
|
|
// Returns FALSE if the group was invalid, TRUE if group
|
|
// was updated or added.
|
|
|
|
BOOL FindGroup(
|
|
LPWSTR pszGroupName,
|
|
LPWSTR pszDomain,
|
|
OUT CWbemGroup &Group
|
|
);
|
|
// Returns NoError, Failed, NotFound, InvalidParameter
|
|
};
|
|
|
|
|
|
#endif
|