NCBI C++ ToolKit
Static Public Member Functions | List of all members
CWinSecurity Class Reference

Search Toolkit Book for CWinSecurity

CWinSecurity –. More...

#include "ncbi_os_mswin_p.hpp"
(Private to src/corelib.)

Static Public Member Functions

static string GetUserName (void)
 Get name of the current user. More...
 
static bool GetObjectOwner (const string &obj_name, SE_OBJECT_TYPE obj_type, string *owner, string *group, unsigned int *uid=0, unsigned int *gid=0)
 Get owner name of specified system object. More...
 
static bool GetObjectOwner (HANDLE obj_handle, SE_OBJECT_TYPE obj_type, string *owner, string *group, unsigned int *uid=0, unsigned int *gid=0)
 Same as GetObjectOwner(objname) but gets the owner/group information by an arbitrary handle rather than by name. More...
 
static bool GetFileOwner (const string &filename, string *owner, string *group, unsigned int *uid=0, unsigned int *gid=0)
 Get file owner name. More...
 
static bool SetFileOwner (const string &filename, const string &owner, const string &group=kEmptyStr, unsigned int *uid=0, unsigned int *gid=0)
 Set file object owner. More...
 
static bool SetTokenPrivilege (HANDLE token, LPCTSTR privilege, bool enable, bool *prev=0)
 Enables or disables privileges in the specified access token. More...
 
static bool SetThreadPrivilege (LPCTSTR privilege, bool enable, bool *prev=0)
 Enables or disables privileges for the current thread. More...
 
static bool GetFilePermissions (const string &path, ACCESS_MASK *permissions)
 Get file access permissions. More...
 

Detailed Description

CWinSecurity –.

Utility class with wrappers for MS Windows security functions.

Definition at line 63 of file ncbi_os_mswin_p.hpp.

Member Function Documentation

◆ GetFileOwner()

static bool CWinSecurity::GetFileOwner ( const string filename,
string owner,
string group,
unsigned int uid = 0,
unsigned int gid = 0 
)
inlinestatic

Get file owner name.

See also
GetObjectOwner, SetFileOwner

Definition at line 109 of file ncbi_os_mswin_p.hpp.

References GetObjectOwner().

Referenced by CDirEntry::GetOwner().

◆ GetFilePermissions()

bool CWinSecurity::GetFilePermissions ( const string path,
ACCESS_MASK *  permissions 
)
static

Get file access permissions.

The permissions will be taken for current process thread owner only.

Parameters
strPathPath to the file object.
pPermissionsPointer to a variable that receives a file access mask. See MSDN or WinNT.h for all access rights constants.
Returns
TRUE if the operation was completed successfully; FALSE, otherwise.

Definition at line 479 of file ncbi_os_mswin.cpp.

References CNcbiError::eBadAddress, CNcbiError::GetLast(), HANDLE, INVALID_HANDLE_VALUE, s_GetCurrentThreadToken(), s_GetFileSecurityDescriptor(), CNcbiError::Set(), and CNcbiError::SetFromWindowsError().

Referenced by CDirEntry::CheckAccess().

◆ GetObjectOwner() [1/2]

bool CWinSecurity::GetObjectOwner ( const string obj_name,
SE_OBJECT_TYPE  obj_type,
string owner,
string group,
unsigned int uid = 0,
unsigned int gid = 0 
)
static

Get owner name of specified system object.

Retrieve the name of the named object owner and the name of the first group, which the account belongs to. The obtained group name may be an empty string, if we don't have permissions to get it. Win32 really does not use groups, but they exist for the sake of POSIX compatibility. Windows 2000/XP: In addition to looking up for local accounts, local domain accounts, and explicitly trusted domain accounts, it also can look for any account in any known domain around.

Parameters
ownerPointer to a string to receive an owner name.
groupPointer to a string to receive a group name.
uidPointer to an int to receive a (fake) user id.
gidPointer to an int to receive a (fake) group id.
Returns
TRUE if successful, FALSE otherwise.

Definition at line 248 of file ncbi_os_mswin.cpp.

References _T_XCSTRING, ACCOUNT_SECURITY_INFO, NULL, s_GetOwnerGroupFromSIDs(), and CNcbiError::SetWindowsError().

Referenced by GetFileOwner(), and CTar::x_Append().

◆ GetObjectOwner() [2/2]

bool CWinSecurity::GetObjectOwner ( HANDLE  obj_handle,
SE_OBJECT_TYPE  obj_type,
string owner,
string group,
unsigned int uid = 0,
unsigned int gid = 0 
)
static

Same as GetObjectOwner(objname) but gets the owner/group information by an arbitrary handle rather than by name.

Definition at line 227 of file ncbi_os_mswin.cpp.

References ACCOUNT_SECURITY_INFO, NULL, s_GetOwnerGroupFromSIDs(), and CNcbiError::SetWindowsError().

◆ GetUserName()

string CWinSecurity::GetUserName ( void  )
static

Get name of the current user.

Retrieves the user name of the current thread. This is the name of the user currently logged onto the system.

Returns
Current user name, or empty string if there was an error.

Definition at line 60 of file ncbi_os_mswin.cpp.

References _T_STDSTRING, _TX, kEmptyStr, and CNcbiError::SetFromWindowsError().

Referenced by CSystemInfo::GetUserName().

◆ SetFileOwner()

bool CWinSecurity::SetFileOwner ( const string filename,
const string owner,
const string group = kEmptyStr,
unsigned int uid = 0,
unsigned int gid = 0 
)
static

Set file object owner.

You should have administrative rights to change an owner. Only administrative privileges (Restore and Take Ownership) grant rights to change ownership. Without one of the privileges, an administrator cannot take ownership of any file or give ownership back to the original owner.

Parameters
filenameFilename to change the owner of.
ownerNew owner name to set. If specified as empty, then is not changed.
groupNew group name to set. If specified as empty, then is not changed.
uidTo receive (fake) numeric user id of the prospective owner (even if the ownership change was unsuccessful), or 0 if unknown.
gidTo receive (fake) numeric user id of the prospective group (even if the ownership change was unsuccessful), or 0 if unknown.
Returns
TRUE if successful, FALSE otherwise.
See also
GetFileOwner, SetThreadPrivilege, SetTokenPrivilege

Definition at line 299 of file ncbi_os_mswin.cpp.

References _ASSERT, _T_XCSTRING, cleanup(), HANDLE, INVALID_HANDLE_VALUE, NULL, s_GetCurrentThreadToken(), s_GetOwnerGroupFromSIDs(), SetTokenPrivilege(), and x_GetAccountSidByName().

Referenced by CDirEntry::SetOwner().

◆ SetThreadPrivilege()

bool CWinSecurity::SetThreadPrivilege ( LPCTSTR  privilege,
bool  enable,
bool prev = 0 
)
static

Enables or disables privileges for the current thread.

In most case you should have administrative rights to change some privileges.

Parameters
privilegeName of privilege to enable/disable.
enableTRUE/FALSE, to enable or disable privilege.
prevTo receive previous state of chnaged privilege (if specified).
Returns
TRUE if successful, FALSE otherwise.
See also
SetFileOwner, SetTokenPrivilege

Definition at line 428 of file ncbi_os_mswin.cpp.

References HANDLE, INVALID_HANDLE_VALUE, prev(), s_GetCurrentThreadToken(), and SetTokenPrivilege().

◆ SetTokenPrivilege()

bool CWinSecurity::SetTokenPrivilege ( HANDLE  token,
LPCTSTR  privilege,
bool  enable,
bool prev = 0 
)
static

Enables or disables privileges in the specified access token.

In most case you should have administrative rights to change some privileges.

Parameters
tokenA handle to the access token that contains the privileges to be modified. The handle must have TOKEN_ADJUST_PRIVILEGES and TOKEN_QUERY access to the token.
privilegeName of privilege to enable/disable.
enableTRUE/FALSE, to enable or disable privilege.
prevTo receive previous state of chnaged privilege (if specified).
Returns
TRUE if successful, FALSE otherwise.
See also
SetFileOwner, SetThreadPrivilege

Definition at line 379 of file ncbi_os_mswin.cpp.

References FALSE, NULL, prev(), CNcbiError::SetFromWindowsError(), and CNcbiError::SetWindowsError().

Referenced by SetFileOwner(), and SetThreadPrivilege().


The documentation for this class was generated from the following files:
Modified on Tue Jul 16 13:22:21 2024 by modify_doxy.py rev. 669887