//+-------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1993-1996.
//
// File: aclapi.h
//
// Contents: public header file for acl and trusted server access control
// APIs
//
//--------------------------------------------------------------------
#ifndef __ACCESS_CONTROL_API__
#define __ACCESS_CONTROL_API__
#include <windows.h>
#include <accctrl.h>
#ifdef __cplusplus
extern "C" {
#endif
DWORD
WINAPI
SetEntriesInAclW( IN ULONG cCountOfExplicitEntries,
IN PEXPLICIT_ACCESS_W pListOfExplicitEntries,
IN PACL OldAcl,
OUT PACL * NewAcl);
DWORD
WINAPI
SetEntriesInAclA( IN ULONG cCountOfExplicitEntries,
IN PEXPLICIT_ACCESS_A pListOfExplicitEntries,
IN PACL OldAcl,
OUT PACL * NewAcl);
#ifdef UNICODE
#define SetEntriesInAcl SetEntriesInAclW
#else
#define SetEntriesInAcl SetEntriesInAclA
#endif
DWORD
WINAPI
GetExplicitEntriesFromAclW( IN PACL pacl,
OUT PULONG pcCountOfExplicitEntries,
OUT PEXPLICIT_ACCESS_W * pListOfExplicitEntries);
DWORD
WINAPI
GetExplicitEntriesFromAclA( IN PACL pacl,
OUT PULONG pcCountOfExplicitEntries,
OUT PEXPLICIT_ACCESS_A * pListOfExplicitEntries);
#ifdef UNICODE
#define GetExplicitEntriesFromAcl GetExplicitEntriesFromAclW
#else
#define GetExplicitEntriesFromAcl GetExplicitEntriesFromAclA
#endif
DWORD
WINAPI
GetEffectiveRightsFromAclW( IN PACL pacl,
IN PTRUSTEE_W pTrustee,
OUT PACCESS_MASK pAccessRights);
DWORD
WINAPI
GetEffectiveRightsFromAclA( IN PACL pacl,
IN PTRUSTEE_A pTrustee,
OUT PACCESS_MASK pAccessRights);
#ifdef UNICODE
#define GetEffectiveRightsFromAcl GetEffectiveRightsFromAclW
#else
#define GetEffectiveRightsFromAcl GetEffectiveRightsFromAclA
#endif
DWORD
WINAPI
GetAuditedPermissionsFromAclW( IN PACL pacl,
IN PTRUSTEE_W pTrustee,
OUT PACCESS_MASK pSuccessfulAuditedRights,
OUT PACCESS_MASK pFailedAuditRights);
DWORD
WINAPI
GetAuditedPermissionsFromAclA( IN PACL pacl,
IN PTRUSTEE_A pTrustee,
OUT PACCESS_MASK pSuccessfulAuditedRights,
OUT PACCESS_MASK pFailedAuditRights);
#ifdef UNICODE
#define GetAuditedPermissionsFromAcl GetAuditedPermissionsFromAclW
#else
#define GetAuditedPermissionsFromAcl GetAuditedPermissionsFromAclA
#endif
DWORD
WINAPI
GetNamedSecurityInfoW( IN LPWSTR pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
OUT PSID * ppsidOowner,
OUT PSID * ppsidGroup,
OUT PACL * ppDacl,
OUT PACL * ppSacl,
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor);
DWORD
WINAPI
GetNamedSecurityInfoA( IN LPSTR pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
OUT PSID * ppsidOowner,
OUT PSID * ppsidGroup,
OUT PACL * ppDacl,
OUT PACL * ppSacl,
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor);
#ifdef UNICODE
#define GetNamedSecurityInfo GetNamedSecurityInfoW
#else
#define GetNamedSecurityInfo GetNamedSecurityInfoA
#endif
DWORD
WINAPI
GetSecurityInfo( IN HANDLE handle,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
OUT PSID * ppsidOowner,
OUT PSID * ppsidGroup,
OUT PACL * ppDacl,
OUT PACL * ppSacl,
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor);
DWORD
WINAPI
SetNamedSecurityInfoW( IN LPWSTR pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID psidOowner,
IN PSID psidGroup,
IN PACL pDacl,
IN PACL pSacl);
DWORD
WINAPI
SetNamedSecurityInfoA( IN LPSTR pObjectName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID psidOowner,
IN PSID psidGroup,
IN PACL pDacl,
IN PACL pSacl);
#ifdef UNICODE
#define SetNamedSecurityInfo SetNamedSecurityInfoW
#else
#define SetNamedSecurityInfo SetNamedSecurityInfoA
#endif
DWORD
WINAPI
SetSecurityInfo( IN HANDLE handle,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION SecurityInfo,
IN PSID psidOowner,
IN PSID psidGroup,
IN PACL pDacl,
IN PACL pSacl);
//----------------------------------------------------------------------------
// The following API are provided for trusted servers to use to
// implement access control on their own objects.
//----------------------------------------------------------------------------
DWORD
WINAPI
BuildSecurityDescriptorW( IN PTRUSTEE_W pOwner,
IN PTRUSTEE_W pGroup,
IN ULONG cCountOfAccessEntries,
IN PEXPLICIT_ACCESS_W pListOfAccessEntries,
IN ULONG cCountOfAuditEntries,
IN PEXPLICIT_ACCESS_W pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pOldSD,
OUT PULONG pSizeNewSD,
OUT PSECURITY_DESCRIPTOR * pNewSD);
DWORD
WINAPI
BuildSecurityDescriptorA( IN PTRUSTEE_A pOwner,
IN PTRUSTEE_A pGroup,
IN ULONG cCountOfAccessEntries,
IN PEXPLICIT_ACCESS_A pListOfAccessEntries,
IN ULONG cCountOfAuditEntries,
IN PEXPLICIT_ACCESS_A pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pOldSD,
OUT PULONG pSizeNewSD,
OUT PSECURITY_DESCRIPTOR * pNewSD);
#ifdef UNICODE
#define BuildSecurityDescriptor BuildSecurityDescriptorW
#else
#define BuildSecurityDescriptor BuildSecurityDescriptorA
#endif
DWORD
WINAPI
LookupSecurityDescriptorPartsW( OUT PTRUSTEE_W * pOwner,
OUT PTRUSTEE_W * pGroup,
OUT PULONG cCountOfAccessEntries,
OUT PEXPLICIT_ACCESS_W * pListOfAccessEntries,
OUT PULONG cCountOfAuditEntries,
OUT PEXPLICIT_ACCESS_W * pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pSD);
DWORD
WINAPI
LookupSecurityDescriptorPartsA( OUT PTRUSTEE_A * pOwner,
OUT PTRUSTEE_A * pGroup,
OUT PULONG cCountOfAccessEntries,
OUT PEXPLICIT_ACCESS_A * pListOfAccessEntries,
OUT PULONG cCountOfAuditEntries,
OUT PEXPLICIT_ACCESS_A * pListOfAuditEntries,
IN PSECURITY_DESCRIPTOR pSD);
#ifdef UNICODE
#define LookupSecurityDescriptorParts LookupSecurityDescriptorPartsW
#else
#define LookupSecurityDescriptorParts LookupSecurityDescriptorPartsA
#endif
DWORD
WINAPI
GetEffectiveRightsFromSDW( IN PSECURITY_DESCRIPTOR pSD,
IN PTRUSTEE_W pTrustee,
OUT PACCESS_MASK pAccessRights);
DWORD
WINAPI
GetEffectiveRightsFromSDA( IN PSECURITY_DESCRIPTOR pSD,
IN PTRUSTEE_A pTrustee,
OUT PACCESS_MASK pAccessRights);
#ifdef UNICODE
#define GetEffectiveRightsFromSD GetEffectiveRightsFromSDW
#else
#define GetEffectiveRightsFromSD GetEffectiveRightsFromSDA
#endif
DWORD
WINAPI
GetAuditedPermissionsFromSDW( IN PSECURITY_DESCRIPTOR pSD,
IN PTRUSTEE_W pTrustee,
OUT PACCESS_MASK pSuccessfulAuditedRights,
OUT PACCESS_MASK pFailedAuditRights);
DWORD
WINAPI
GetAuditedPermissionsFromSDA( IN PSECURITY_DESCRIPTOR pSD,
IN PTRUSTEE_A pTrustee,
OUT PACCESS_MASK pSuccessfulAuditedRights,
OUT PACCESS_MASK pFailedAuditRights);
#ifdef UNICODE
#define GetAuditedPermissionsFromSD GetAuditedPermissionsFromSDW
#else
#define GetAuditedPermissionsFromSD GetAuditedPermissionsFromSDA
#endif
//----------------------------------------------------------------------------
// The following helper API are provided for building
// access control structures.
//----------------------------------------------------------------------------
VOID
WINAPI
BuildExplicitAccessWithNameW( IN OUT PEXPLICIT_ACCESS_W pExplicitAccess,
IN LPWSTR pTrusteeName,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance);
VOID
WINAPI
BuildExplicitAccessWithNameA( IN OUT PEXPLICIT_ACCESS_A pExplicitAccess,
IN LPSTR pTrusteeName,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance);
#ifdef UNICODE
#define BuildExplicitAccessWithName BuildExplicitAccessWithNameW
#else
#define BuildExplicitAccessWithName BuildExplicitAccessWithNameA
#endif
VOID
WINAPI
BuildImpersonateExplicitAccessWithNameW(
IN OUT PEXPLICIT_ACCESS_W pExplicitAccess,
IN LPWSTR pTrusteeName,
IN PTRUSTEE_W pTrustee,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance);
VOID
WINAPI
BuildImpersonateExplicitAccessWithNameA(
IN OUT PEXPLICIT_ACCESS_A pExplicitAccess,
IN LPSTR pTrusteeName,
IN PTRUSTEE_A pTrustee,
IN DWORD AccessPermissions,
IN ACCESS_MODE AccessMode,
IN DWORD Inheritance);
#ifdef UNICODE
#define BuildImpersonateExplicitAccessWithName BuildImpersonateExplicitAccessWithNameW
#else
#define BuildImpersonateExplicitAccessWithName BuildImpersonateExplicitAccessWithNameA
#endif
VOID
WINAPI
BuildTrusteeWithNameW( IN OUT PTRUSTEE_W pTrustee,
IN LPWSTR pName);
VOID
WINAPI
BuildTrusteeWithNameA( IN OUT PTRUSTEE_A pTrustee,
IN LPSTR pName);
#ifdef UNICODE
#define BuildTrusteeWithName BuildTrusteeWithNameW
#else
#define BuildTrusteeWithName BuildTrusteeWithNameA
#endif
VOID
WINAPI
BuildImpersonateTrusteeW( IN OUT PTRUSTEE_W pTrustee,
IN PTRUSTEE_W pImpersonateTrustee);
VOID
WINAPI
BuildImpersonateTrusteeA( IN OUT PTRUSTEE_A pTrustee,
IN PTRUSTEE_A pImpersonateTrustee);
#ifdef UNICODE
#define BuildImpersonateTrustee BuildImpersonateTrusteeW
#else
#define BuildImpersonateTrustee BuildImpersonateTrusteeA
#endif
VOID
WINAPI
BuildTrusteeWithSidW( IN OUT PTRUSTEE_W pTrustee,
IN PSID pSid);
VOID
WINAPI
BuildTrusteeWithSidA( IN OUT PTRUSTEE_A pTrustee,
IN PSID pSid);
#ifdef UNICODE
#define BuildTrusteeWithSid BuildTrusteeWithSidW
#else
#define BuildTrusteeWithSid BuildTrusteeWithSidA
#endif
LPWSTR
WINAPI
GetTrusteeNameW( IN PTRUSTEE_W pTrustee);
LPSTR
WINAPI
GetTrusteeNameA( IN PTRUSTEE_A pTrustee);
#ifdef UNICODE
#define GetTrusteeName GetTrusteeNameW
#else
#define GetTrusteeName GetTrusteeNameA
#endif
TRUSTEE_TYPE
WINAPI
GetTrusteeTypeW( IN PTRUSTEE_W pTrustee);
TRUSTEE_TYPE
WINAPI
GetTrusteeTypeA( IN PTRUSTEE_A pTrustee);
#ifdef UNICODE
#define GetTrusteeType GetTrusteeTypeW
#else
#define GetTrusteeType GetTrusteeTypeA
#endif
TRUSTEE_FORM
WINAPI
GetTrusteeFormW( IN PTRUSTEE_W pTrustee);
TRUSTEE_FORM
WINAPI
GetTrusteeFormA( IN PTRUSTEE_A pTrustee);
#ifdef UNICODE
#define GetTrusteeForm GetTrusteeFormW
#else
#define GetTrusteeForm GetTrusteeFormA
#endif
MULTIPLE_TRUSTEE_OPERATION
WINAPI
GetMultipleTrusteeOperationW( IN PTRUSTEE_W pTrustee);
MULTIPLE_TRUSTEE_OPERATION
WINAPI
GetMultipleTrusteeOperationA( IN PTRUSTEE_A pTrustee);
#ifdef UNICODE
#define GetMultipleTrusteeOperation GetMultipleTrusteeOperationW
#else
#define GetMultipleTrusteeOperation GetMultipleTrusteeOperationA
#endif
PTRUSTEE_W
WINAPI
GetMultipleTrusteeW( IN PTRUSTEE_W pTrustee);
PTRUSTEE_A
WINAPI
GetMultipleTrusteeA( IN PTRUSTEE_A pTrustee);
#ifdef UNICODE
#define GetMultipleTrustee GetMultipleTrusteeW
#else
#define GetMultipleTrustee GetMultipleTrusteeA
#endif
void
WINAPI
FreeStgExplicitAccessListW( IN ULONG ccount,
IN PEXPLICIT_ACCESS_W pEA);
void
WINAPI
FreeStgExplicitAccessListA( IN ULONG ccount,
IN PEXPLICIT_ACCESS_A pEA);
#ifdef UNICODE
#define FreeStgExplicitAccessList FreeStgExplicitAccessListW
#else
#define FreeStgExplicitAccessList FreeStgExplicitAccessListA
#endif
VOID
WINAPI
BuildAccessRequestW( OUT PACCESS_REQUEST_W pAr,
IN LPWSTR Name,
IN DWORD Mask);
VOID
WINAPI
BuildAccessRequestA( OUT PACCESS_REQUEST_A pAr,
IN LPSTR Name,
IN DWORD Mask);
#ifdef UNICODE
#define BuildAccessRequest BuildAccessRequestW
#else
#define BuildAccessRequest BuildAccessRequestA
#endif
ULONG
WINAPI
NTAccessMaskToProvAccessRights( IN SE_OBJECT_TYPE SeObjectType,
IN BOOL fIsContainer,
IN ACCESS_MASK AccessMask);
ACCESS_MASK
WINAPI
ProvAccessRightsToNTAccessMask( IN SE_OBJECT_TYPE SeObjectType,
IN ULONG AccessRights);
#ifdef __cplusplus
}
#endif
#endif // __ACCESS_CONTROL_API__
