Terraria v1.4.4.9
Terraria source code documentation
Loading...
Searching...
No Matches
CommonObjectSecurity.cs
Go to the documentation of this file.
1using System.Diagnostics.CodeAnalysis;
2using System.Security.Principal;
3
4namespace System.Security.AccessControl;
5
6public abstract class CommonObjectSecurity : ObjectSecurity
7{
8 protected CommonObjectSecurity(bool isContainer)
9 : base(isContainer, isDS: false)
10 {
11 }
12
13 internal CommonObjectSecurity(CommonSecurityDescriptor securityDescriptor)
14 : base(securityDescriptor)
15 {
16 }
17
18 private static bool IsValidTargetTypeStatic(Type targetType)
19 {
20 if (targetType == typeof(NTAccount))
21 {
22 return true;
23 }
24 if (targetType == typeof(SecurityIdentifier))
25 {
26 return true;
27 }
28 return false;
29 }
30
31 private AuthorizationRuleCollection GetRules(bool access, bool includeExplicit, bool includeInherited, Type targetType)
32 {
33 ReadLock();
34 try
35 {
36 AuthorizationRuleCollection authorizationRuleCollection = new AuthorizationRuleCollection();
37 if (!IsValidTargetTypeStatic(targetType))
38 {
39 throw new ArgumentException(System.SR.Arg_MustBeIdentityReferenceType, "targetType");
40 }
41 CommonAcl commonAcl = null;
42 if (access)
43 {
44 if ((_securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclPresent) != 0)
45 {
46 commonAcl = _securityDescriptor.DiscretionaryAcl;
47 }
48 }
49 else if ((_securityDescriptor.ControlFlags & ControlFlags.SystemAclPresent) != 0)
50 {
51 commonAcl = _securityDescriptor.SystemAcl;
52 }
53 if (commonAcl == null)
54 {
55 return authorizationRuleCollection;
56 }
57 IdentityReferenceCollection identityReferenceCollection = null;
58 if (targetType != typeof(SecurityIdentifier))
59 {
60 IdentityReferenceCollection identityReferenceCollection2 = new IdentityReferenceCollection(commonAcl.Count);
61 for (int i = 0; i < commonAcl.Count; i++)
62 {
63 CommonAce commonAce = commonAcl[i] as CommonAce;
64 if (AceNeedsTranslation(commonAce, access, includeExplicit, includeInherited))
65 {
66 identityReferenceCollection2.Add(commonAce.SecurityIdentifier);
67 }
68 }
69 identityReferenceCollection = identityReferenceCollection2.Translate(targetType);
70 }
71 int num = 0;
72 for (int j = 0; j < commonAcl.Count; j++)
73 {
74 CommonAce commonAce2 = commonAcl[j] as CommonAce;
75 if (AceNeedsTranslation(commonAce2, access, includeExplicit, includeInherited))
76 {
77 IdentityReference identityReference = ((targetType == typeof(SecurityIdentifier)) ? commonAce2.SecurityIdentifier : identityReferenceCollection[num++]);
78 if (access)
79 {
80 authorizationRuleCollection.AddRule(AccessRuleFactory(type: (commonAce2.AceQualifier != 0) ? AccessControlType.Deny : AccessControlType.Allow, identityReference: identityReference, accessMask: commonAce2.AccessMask, isInherited: commonAce2.IsInherited, inheritanceFlags: commonAce2.InheritanceFlags, propagationFlags: commonAce2.PropagationFlags));
81 }
82 else
83 {
84 authorizationRuleCollection.AddRule(AuditRuleFactory(identityReference, commonAce2.AccessMask, commonAce2.IsInherited, commonAce2.InheritanceFlags, commonAce2.PropagationFlags, commonAce2.AuditFlags));
85 }
86 }
87 }
88 return authorizationRuleCollection;
89 }
90 finally
91 {
92 ReadUnlock();
93 }
94 }
95
96 private bool AceNeedsTranslation([NotNullWhen(true)] CommonAce ace, bool isAccessAce, bool includeExplicit, bool includeInherited)
97 {
98 if (ace == null)
99 {
100 return false;
101 }
102 if (isAccessAce)
103 {
104 if (ace.AceQualifier != 0 && ace.AceQualifier != AceQualifier.AccessDenied)
105 {
106 return false;
107 }
108 }
109 else if (ace.AceQualifier != AceQualifier.SystemAudit)
110 {
111 return false;
112 }
113 if ((includeExplicit && (ace.AceFlags & AceFlags.Inherited) == 0) || (includeInherited && (ace.AceFlags & AceFlags.Inherited) != 0))
114 {
115 return true;
116 }
117 return false;
118 }
119
120 protected override bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified)
121 {
122 if (rule == null)
123 {
124 throw new ArgumentNullException("rule");
125 }
126 WriteLock();
127 try
128 {
129 bool flag = true;
130 if (_securityDescriptor.DiscretionaryAcl == null)
131 {
132 if (modification == AccessControlModification.Remove || modification == AccessControlModification.RemoveAll || modification == AccessControlModification.RemoveSpecific)
133 {
134 modified = false;
135 return flag;
136 }
137 _securityDescriptor.DiscretionaryAcl = new DiscretionaryAcl(base.IsContainer, base.IsDS, GenericAcl.AclRevision, 1);
138 _securityDescriptor.AddControlFlags(ControlFlags.DiscretionaryAclPresent);
139 }
140 SecurityIdentifier sid = (SecurityIdentifier)rule.IdentityReference.Translate(typeof(SecurityIdentifier));
141 if (rule.AccessControlType == AccessControlType.Allow)
142 {
143 switch (modification)
144 {
145 case AccessControlModification.Add:
146 _securityDescriptor.DiscretionaryAcl.AddAccess(AccessControlType.Allow, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
147 break;
148 case AccessControlModification.Set:
149 _securityDescriptor.DiscretionaryAcl.SetAccess(AccessControlType.Allow, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
150 break;
151 case AccessControlModification.Reset:
152 _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Deny, sid, -1, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None);
153 _securityDescriptor.DiscretionaryAcl.SetAccess(AccessControlType.Allow, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
154 break;
155 case AccessControlModification.Remove:
156 flag = _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Allow, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
157 break;
158 case AccessControlModification.RemoveAll:
159 flag = _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Allow, sid, -1, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None);
160 if (!flag)
161 {
162 throw new InvalidOperationException();
163 }
164 break;
165 case AccessControlModification.RemoveSpecific:
166 _securityDescriptor.DiscretionaryAcl.RemoveAccessSpecific(AccessControlType.Allow, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
167 break;
168 default:
169 throw new ArgumentOutOfRangeException("modification", System.SR.ArgumentOutOfRange_Enum);
170 }
171 }
172 else
173 {
174 if (rule.AccessControlType != AccessControlType.Deny)
175 {
176 throw new ArgumentException(System.SR.Format(System.SR.Arg_EnumIllegalVal, (int)rule.AccessControlType), "rule");
177 }
178 switch (modification)
179 {
180 case AccessControlModification.Add:
181 _securityDescriptor.DiscretionaryAcl.AddAccess(AccessControlType.Deny, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
182 break;
183 case AccessControlModification.Set:
184 _securityDescriptor.DiscretionaryAcl.SetAccess(AccessControlType.Deny, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
185 break;
186 case AccessControlModification.Reset:
187 _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Allow, sid, -1, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None);
188 _securityDescriptor.DiscretionaryAcl.SetAccess(AccessControlType.Deny, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
189 break;
190 case AccessControlModification.Remove:
191 flag = _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Deny, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
192 break;
193 case AccessControlModification.RemoveAll:
194 flag = _securityDescriptor.DiscretionaryAcl.RemoveAccess(AccessControlType.Deny, sid, -1, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None);
195 if (!flag)
196 {
197 throw new InvalidOperationException();
198 }
199 break;
200 case AccessControlModification.RemoveSpecific:
201 _securityDescriptor.DiscretionaryAcl.RemoveAccessSpecific(AccessControlType.Deny, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
202 break;
203 default:
204 throw new ArgumentOutOfRangeException("modification", System.SR.ArgumentOutOfRange_Enum);
205 }
206 }
207 modified = flag;
208 base.AccessRulesModified |= modified;
209 return flag;
210 }
211 finally
212 {
213 WriteUnlock();
214 }
215 }
216
217 protected override bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified)
218 {
219 if (rule == null)
220 {
221 throw new ArgumentNullException("rule");
222 }
223 WriteLock();
224 try
225 {
226 bool flag = true;
227 if (_securityDescriptor.SystemAcl == null)
228 {
229 if (modification == AccessControlModification.Remove || modification == AccessControlModification.RemoveAll || modification == AccessControlModification.RemoveSpecific)
230 {
231 modified = false;
232 return flag;
233 }
234 _securityDescriptor.SystemAcl = new SystemAcl(base.IsContainer, base.IsDS, GenericAcl.AclRevision, 1);
235 _securityDescriptor.AddControlFlags(ControlFlags.SystemAclPresent);
236 }
237 SecurityIdentifier sid = (SecurityIdentifier)rule.IdentityReference.Translate(typeof(SecurityIdentifier));
238 switch (modification)
239 {
240 case AccessControlModification.Add:
241 _securityDescriptor.SystemAcl.AddAudit(rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
242 break;
243 case AccessControlModification.Set:
244 _securityDescriptor.SystemAcl.SetAudit(rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
245 break;
246 case AccessControlModification.Reset:
247 _securityDescriptor.SystemAcl.SetAudit(rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
248 break;
249 case AccessControlModification.Remove:
250 flag = _securityDescriptor.SystemAcl.RemoveAudit(rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
251 break;
252 case AccessControlModification.RemoveAll:
253 flag = _securityDescriptor.SystemAcl.RemoveAudit(AuditFlags.Success | AuditFlags.Failure, sid, -1, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None);
254 if (!flag)
255 {
256 throw new InvalidOperationException();
257 }
258 break;
259 case AccessControlModification.RemoveSpecific:
260 _securityDescriptor.SystemAcl.RemoveAuditSpecific(rule.AuditFlags, sid, rule.AccessMask, rule.InheritanceFlags, rule.PropagationFlags);
261 break;
262 default:
263 throw new ArgumentOutOfRangeException("modification", System.SR.ArgumentOutOfRange_Enum);
264 }
265 modified = flag;
266 base.AuditRulesModified |= modified;
267 return flag;
268 }
269 finally
270 {
271 WriteUnlock();
272 }
273 }
274
275 protected void AddAccessRule(AccessRule rule)
276 {
277 if (rule == null)
278 {
279 throw new ArgumentNullException("rule");
280 }
281 WriteLock();
282 try
283 {
284 ModifyAccess(AccessControlModification.Add, rule, out var _);
285 }
286 finally
287 {
288 WriteUnlock();
289 }
290 }
291
292 protected void SetAccessRule(AccessRule rule)
293 {
294 if (rule == null)
295 {
296 throw new ArgumentNullException("rule");
297 }
298 WriteLock();
299 try
300 {
301 ModifyAccess(AccessControlModification.Set, rule, out var _);
302 }
303 finally
304 {
305 WriteUnlock();
306 }
307 }
308
309 protected void ResetAccessRule(AccessRule rule)
310 {
311 if (rule == null)
312 {
313 throw new ArgumentNullException("rule");
314 }
315 WriteLock();
316 try
317 {
318 ModifyAccess(AccessControlModification.Reset, rule, out var _);
319 }
320 finally
321 {
322 WriteUnlock();
323 }
324 }
325
326 protected bool RemoveAccessRule(AccessRule rule)
327 {
328 if (rule == null)
329 {
330 throw new ArgumentNullException("rule");
331 }
332 WriteLock();
333 try
334 {
335 if (_securityDescriptor == null)
336 {
337 return true;
338 }
339 bool modified;
340 return ModifyAccess(AccessControlModification.Remove, rule, out modified);
341 }
342 finally
343 {
344 WriteUnlock();
345 }
346 }
347
348 protected void RemoveAccessRuleAll(AccessRule rule)
349 {
350 if (rule == null)
351 {
352 throw new ArgumentNullException("rule");
353 }
354 WriteLock();
355 try
356 {
357 if (_securityDescriptor != null)
358 {
359 ModifyAccess(AccessControlModification.RemoveAll, rule, out var _);
360 }
361 }
362 finally
363 {
364 WriteUnlock();
365 }
366 }
367
368 protected void RemoveAccessRuleSpecific(AccessRule rule)
369 {
370 if (rule == null)
371 {
372 throw new ArgumentNullException("rule");
373 }
374 WriteLock();
375 try
376 {
377 if (_securityDescriptor != null)
378 {
379 ModifyAccess(AccessControlModification.RemoveSpecific, rule, out var _);
380 }
381 }
382 finally
383 {
384 WriteUnlock();
385 }
386 }
387
388 protected void AddAuditRule(AuditRule rule)
389 {
390 if (rule == null)
391 {
392 throw new ArgumentNullException("rule");
393 }
394 WriteLock();
395 try
396 {
397 ModifyAudit(AccessControlModification.Add, rule, out var _);
398 }
399 finally
400 {
401 WriteUnlock();
402 }
403 }
404
405 protected void SetAuditRule(AuditRule rule)
406 {
407 if (rule == null)
408 {
409 throw new ArgumentNullException("rule");
410 }
411 WriteLock();
412 try
413 {
414 ModifyAudit(AccessControlModification.Set, rule, out var _);
415 }
416 finally
417 {
418 WriteUnlock();
419 }
420 }
421
422 protected bool RemoveAuditRule(AuditRule rule)
423 {
424 if (rule == null)
425 {
426 throw new ArgumentNullException("rule");
427 }
428 WriteLock();
429 try
430 {
431 bool modified;
432 return ModifyAudit(AccessControlModification.Remove, rule, out modified);
433 }
434 finally
435 {
436 WriteUnlock();
437 }
438 }
439
440 protected void RemoveAuditRuleAll(AuditRule rule)
441 {
442 if (rule == null)
443 {
444 throw new ArgumentNullException("rule");
445 }
446 WriteLock();
447 try
448 {
449 ModifyAudit(AccessControlModification.RemoveAll, rule, out var _);
450 }
451 finally
452 {
453 WriteUnlock();
454 }
455 }
456
457 protected void RemoveAuditRuleSpecific(AuditRule rule)
458 {
459 if (rule == null)
460 {
461 throw new ArgumentNullException("rule");
462 }
463 WriteLock();
464 try
465 {
466 ModifyAudit(AccessControlModification.RemoveSpecific, rule, out var _);
467 }
468 finally
469 {
470 WriteUnlock();
471 }
472 }
473
474 public AuthorizationRuleCollection GetAccessRules(bool includeExplicit, bool includeInherited, Type targetType)
475 {
476 return GetRules(access: true, includeExplicit, includeInherited, targetType);
477 }
478
479 public AuthorizationRuleCollection GetAuditRules(bool includeExplicit, bool includeInherited, Type targetType)
480 {
481 return GetRules(access: false, includeExplicit, includeInherited, targetType);
482 }
483}
System.SR.Arg_MustBeIdentityReferenceType
static string Arg_MustBeIdentityReferenceType
Definition SR.cs:16
System.SR.Arg_EnumIllegalVal
static string Arg_EnumIllegalVal
Definition SR.cs:144
System.SR.ArgumentOutOfRange_Enum
static string ArgumentOutOfRange_Enum
Definition SR.cs:18
System.SR.Format
static string Format(string resourceFormat, object p1)
Definition SR.cs:118
System.SR
Definition SR.cs:7
System.Security.AccessControl.CommonObjectSecurity.CommonObjectSecurity
CommonObjectSecurity(CommonSecurityDescriptor securityDescriptor)
Definition CommonObjectSecurity.cs:13
System.Security.AccessControl.CommonObjectSecurity.ModifyAudit
override bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified)
Definition CommonObjectSecurity.cs:217
System.Security.AccessControl.CommonObjectSecurity.GetRules
AuthorizationRuleCollection GetRules(bool access, bool includeExplicit, bool includeInherited, Type targetType)
Definition CommonObjectSecurity.cs:31
System.Security.AccessControl.CommonObjectSecurity.GetAuditRules
AuthorizationRuleCollection GetAuditRules(bool includeExplicit, bool includeInherited, Type targetType)
Definition CommonObjectSecurity.cs:479
System.Security.AccessControl.CommonObjectSecurity.ModifyAccess
override bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified)
Definition CommonObjectSecurity.cs:120
System.Security.AccessControl.CommonObjectSecurity.AceNeedsTranslation
bool AceNeedsTranslation([NotNullWhen(true)] CommonAce ace, bool isAccessAce, bool includeExplicit, bool includeInherited)
Definition CommonObjectSecurity.cs:96
System.Security.AccessControl.CommonObjectSecurity.GetAccessRules
AuthorizationRuleCollection GetAccessRules(bool includeExplicit, bool includeInherited, Type targetType)
Definition CommonObjectSecurity.cs:474
System.Security.AccessControl.DiscretionaryAcl.AddAccess
void AddAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition DiscretionaryAcl.cs:43
System.Security.AccessControl.DiscretionaryAcl.SetAccess
void SetAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition DiscretionaryAcl.cs:51
System.Security.AccessControl.DiscretionaryAcl.RemoveAccessSpecific
void RemoveAccessSpecific(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition DiscretionaryAcl.cs:66
System.Security.AccessControl.DiscretionaryAcl.RemoveAccess
bool RemoveAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition DiscretionaryAcl.cs:59
System.Security.AccessControl.KnownAce.SecurityIdentifier
SecurityIdentifier SecurityIdentifier
Definition KnownAce.cs:25
System.Security.AccessControl.ObjectSecurity.AuditRuleFactory
AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
System.Security.AccessControl.ObjectSecurity.AccessRuleFactory
AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
System.Security.AccessControl.ObjectSecurity._securityDescriptor
readonly CommonSecurityDescriptor _securityDescriptor
Definition ObjectSecurity.cs:11
System.Security.AccessControl.SystemAcl.AddAudit
void AddAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition SystemAcl.cs:27
System.Security.AccessControl.SystemAcl.RemoveAuditSpecific
void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition SystemAcl.cs:44
System.Security.AccessControl.SystemAcl.RemoveAudit
bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition SystemAcl.cs:39
System.Security.AccessControl.SystemAcl.SetAudit
void SetAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
Definition SystemAcl.cs:33
System.Security.Principal.IdentityReferenceCollection.Translate
IdentityReferenceCollection Translate(Type targetType)
Definition IdentityReferenceCollection.cs:93
System.Security.Principal.IdentityReference.Translate
IdentityReference Translate(Type targetType)