29 private enum ComparisonResult
36 private static PM[] AFtoPM;
38 private static AF[] PMtoAF;
42 private bool _isDirty;
44 private readonly
bool _isCanonical;
46 private readonly
bool _isContainer;
48 private readonly
bool _isDS;
58 public sealed
override int Count 62 CanonicalizeIfNecessary();
73 CanonicalizeIfNecessary();
96 public sealed
override GenericAce this[
int index]
100 CanonicalizeIfNecessary();
101 return _acl[index].Copy();
112 for (
int i = 0; i < AFtoPM.Length; i++)
117 AFtoPM[4] = (PM.F | PM.CO | PM.GO);
118 AFtoPM[5] = (PM.F | PM.CO);
119 AFtoPM[6] = (PM.CO | PM.GO);
121 AFtoPM[8] = (PM.F | PM.CF | PM.GF);
122 AFtoPM[9] = (PM.F | PM.CF);
123 AFtoPM[10] = (PM.CF | PM.GF);
125 AFtoPM[12] = (PM.F | PM.CF | PM.CO | PM.GF | PM.GO);
126 AFtoPM[13] = (PM.F | PM.CF | PM.CO);
127 AFtoPM[14] = (PM.CF | PM.CO | PM.GF | PM.GO);
128 AFtoPM[15] = (PM.CF | PM.CO);
130 for (
int j = 0; j < PMtoAF.Length; j++)
136 PMtoAF[20] = (AF.OI | AF.NP);
137 PMtoAF[5] = (AF.OI | AF.IO);
138 PMtoAF[4] = (AF.OI | AF.IO | AF.NP);
140 PMtoAF[24] = (AF.CI | AF.NP);
141 PMtoAF[10] = (AF.CI | AF.IO);
142 PMtoAF[8] = (AF.CI | AF.IO | AF.NP);
143 PMtoAF[31] = (AF.CI | AF.OI);
144 PMtoAF[28] = (AF.CI | AF.OI | AF.NP);
145 PMtoAF[15] = (AF.CI | AF.OI | AF.IO);
146 PMtoAF[12] = (AF.CI | AF.OI | AF.IO | AF.NP);
149 private static AF AFFromAceFlags(
AceFlags aceFlags,
bool isDS)
152 if ((aceFlags &
AceFlags.ContainerInherit) != 0)
156 if (!isDS && (aceFlags &
AceFlags.ObjectInherit) != 0)
160 if ((aceFlags &
AceFlags.InheritOnly) != 0)
164 if ((aceFlags &
AceFlags.NoPropagateInherit) != 0)
171 private static AceFlags AceFlagsFromAF(AF af,
bool isDS)
174 if ((af & AF.CI) != 0)
176 aceFlags |=
AceFlags.ContainerInherit;
178 if (!isDS && (af & AF.OI) != 0)
182 if ((af & AF.IO) != 0)
186 if ((af & AF.NP) != 0)
188 aceFlags |=
AceFlags.NoPropagateInherit;
196 AF aF = AFFromAceFlags(left, isDS);
197 AF aF2 = AFFromAceFlags(right, isDS);
198 PM pM = AFtoPM[(int)aF];
199 PM pM2 = AFtoPM[(int)aF2];
200 if (pM == PM.GO || pM2 == PM.GO)
205 AF aF3 = PMtoAF[(int)pM3];
210 result = AceFlagsFromAF(aF3, isDS);
214 private static bool RemoveInheritanceBits(
AceFlags existing,
AceFlags remove,
bool isDS, out
AceFlags result, out
bool total)
218 AF aF = AFFromAceFlags(existing, isDS);
219 AF aF2 = AFFromAceFlags(
remove, isDS);
220 PM pM = AFtoPM[(int)aF];
221 PM pM2 = AFtoPM[(int)aF2];
222 if (pM == PM.GO || pM2 == PM.GO)
232 AF aF3 = PMtoAF[(int)pM3];
237 result = AceFlagsFromAF(aF3, isDS);
241 private void CanonicalizeIfNecessary()
250 private static int DaclAcePriority(GenericAce ace)
253 if ((ace.AceFlags &
AceFlags.Inherited) != 0)
255 return 131070 + ace._indexInAcl;
260 case AceType.AccessDeniedCallback:
262 case AceType.AccessDeniedObject:
263 case AceType.AccessDeniedCallbackObject:
266 case AceType.AccessAllowedCallback:
268 case AceType.AccessAllowedObject:
269 case AceType.AccessAllowedCallbackObject:
272 return 65535 + ace._indexInAcl;
276 private static int SaclAcePriority(GenericAce ace)
279 if ((ace.AceFlags &
AceFlags.Inherited) != 0)
281 return 131070 + ace._indexInAcl;
287 case AceType.SystemAuditCallback:
288 case AceType.SystemAlarmCallback:
290 case AceType.SystemAuditObject:
291 case AceType.SystemAlarmObject:
292 case AceType.SystemAuditCallbackObject:
293 case AceType.SystemAlarmCallbackObject:
296 return 65535 + ace._indexInAcl;
300 private static ComparisonResult CompareAces(GenericAce ace1, GenericAce ace2,
bool isDacl)
302 int num = isDacl ? DaclAcePriority(ace1) : SaclAcePriority(ace1);
303 int num2 = isDacl ? DaclAcePriority(ace2) : SaclAcePriority(ace2);
306 return ComparisonResult.LessThan;
310 return ComparisonResult.GreaterThan;
312 KnownAce knownAce = ace1 as KnownAce;
313 KnownAce knownAce2 = ace2 as KnownAce;
314 if (knownAce !=
null && knownAce2 !=
null)
316 int num3 = knownAce.SecurityIdentifier.CompareTo(knownAce2.SecurityIdentifier);
319 return ComparisonResult.LessThan;
323 return ComparisonResult.GreaterThan;
326 return ComparisonResult.EqualTo;
329 private void QuickSort(
int left,
int right,
bool isDacl)
337 GenericAce genericAce = _acl[left];
341 while (CompareAces(_acl[right], genericAce, isDacl) != 0 && left < right)
347 _acl[left] = _acl[right];
350 while (ComparisonResult.GreaterThan != CompareAces(_acl[left], genericAce, isDacl) && left < right)
356 _acl[right] = _acl[left];
360 _acl[left] = genericAce;
366 QuickSort(left, num3 - 1, isDacl);
370 QuickSort(num3 + 1, right, isDacl);
374 private bool InspectAce(ref GenericAce ace,
bool isDacl)
376 KnownAce knownAce = ace as KnownAce;
377 if (knownAce !=
null && knownAce.AccessMask == 0)
383 if ((ace.AceFlags &
AceFlags.InheritOnly) != 0)
387 if ((ace.AceFlags &
AceFlags.InheritanceFlags) != 0)
400 ace.AceFlags &= ~
AceFlags.NoPropagateInherit;
403 QualifiedAce qualifiedAce = knownAce as QualifiedAce;
407 if (qualifiedAce !=
null && qualifiedAce.AceQualifier != 0 && qualifiedAce.AceQualifier !=
AceQualifier.AccessDenied)
418 if (qualifiedAce !=
null && qualifiedAce.AceQualifier !=
AceQualifier.SystemAudit)
426 private void RemoveMeaninglessAcesAndFlags(
bool isDacl)
428 for (
int num = _acl.
Count - 1; num >= 0; num--)
430 GenericAce ace = _acl[num];
431 if (!InspectAce(ref ace, isDacl))
438 private void Canonicalize(
bool compact,
bool isDacl)
440 for (ushort num = 0; num < _acl.
Count; num = (ushort)(num + 1))
442 _acl[num]._indexInAcl = num;
444 QuickSort(0, _acl.
Count - 1, isDacl);
449 for (
int i = 0; i <
Count - 1; i++)
451 QualifiedAce ace = _acl[i] as QualifiedAce;
454 QualifiedAce qualifiedAce = _acl[i + 1] as QualifiedAce;
455 if (!(qualifiedAce ==
null) && MergeAces(ref ace, qualifiedAce))
463 private void GetObjectTypesForSplit(ObjectAce originalAce,
int accessMask,
AceFlags aceFlags, out
ObjectAceFlags objectFlags, out Guid objectType, out Guid inheritedObjectType)
466 objectType = Guid.Empty;
467 inheritedObjectType = Guid.Empty;
468 if ((accessMask & ObjectAce.AccessMaskWithObjectType) != 0)
470 objectType = originalAce.ObjectAceType;
471 objectFlags |= (originalAce.ObjectAceFlags &
ObjectAceFlags.ObjectAceTypePresent);
473 if ((aceFlags &
AceFlags.ContainerInherit) != 0)
475 inheritedObjectType = originalAce.InheritedObjectAceType;
476 objectFlags |= (originalAce.ObjectAceFlags &
ObjectAceFlags.InheritedObjectAceTypePresent);
480 private bool ObjectTypesMatch(QualifiedAce ace, QualifiedAce newAce)
482 Guid guid = (ace is ObjectAce) ? ((ObjectAce)ace).ObjectAceType : Guid.Empty;
483 Guid g = (newAce is ObjectAce) ? ((ObjectAce)newAce).ObjectAceType : Guid.Empty;
484 return guid.Equals(g);
487 private bool InheritedObjectTypesMatch(QualifiedAce ace, QualifiedAce newAce)
489 Guid guid = (ace is ObjectAce) ? ((ObjectAce)ace).InheritedObjectAceType : Guid.Empty;
490 Guid g = (newAce is ObjectAce) ? ((ObjectAce)newAce).InheritedObjectAceType : Guid.Empty;
491 return guid.Equals(g);
494 private bool AccessMasksAreMergeable(QualifiedAce ace, QualifiedAce newAce)
496 if (ObjectTypesMatch(ace, newAce))
501 if ((ace.AccessMask & newAce.AccessMask & ObjectAce.AccessMaskWithObjectType) == (newAce.AccessMask & ObjectAce.AccessMaskWithObjectType) && (objectAceFlags &
ObjectAceFlags.ObjectAceTypePresent) ==
ObjectAceFlags.None)
508 private bool AceFlagsAreMergeable(QualifiedAce ace, QualifiedAce newAce)
510 if (InheritedObjectTypesMatch(ace, newAce))
522 private bool GetAccessMaskForRemoval(QualifiedAce ace,
ObjectAceFlags objectFlags, Guid objectType, ref
int accessMask)
524 if ((ace.AccessMask & accessMask & ObjectAce.AccessMaskWithObjectType) != 0)
526 if (ace is ObjectAce)
529 ObjectAce objectAce = ace as ObjectAce;
534 if ((objectFlags &
ObjectAceFlags.ObjectAceTypePresent) != 0 && !objectAce.ObjectTypesMatch(objectFlags, objectType))
536 accessMask &= ~ObjectAce.AccessMaskWithObjectType;
539 else if ((objectFlags &
ObjectAceFlags.ObjectAceTypePresent) != 0)
547 private bool GetInheritanceFlagsForRemoval(QualifiedAce ace,
ObjectAceFlags objectFlags, Guid inheritedObjectType, ref
AceFlags aceFlags)
549 if ((ace.AceFlags &
AceFlags.ContainerInherit) != 0 && (aceFlags &
AceFlags.ContainerInherit) != 0)
551 if (ace is ObjectAce)
554 ObjectAce objectAce = ace as ObjectAce;
559 if ((objectFlags &
ObjectAceFlags.InheritedObjectAceTypePresent) != 0 && !objectAce.InheritedObjectTypesMatch(objectFlags, inheritedObjectType))
564 else if ((objectFlags &
ObjectAceFlags.InheritedObjectAceTypePresent) != 0)
572 private static bool AceOpaquesMatch(QualifiedAce ace, QualifiedAce newAce)
574 byte[] opaque = ace.GetOpaque();
575 byte[] opaque2 = newAce.GetOpaque();
576 if (opaque ==
null || opaque2 ==
null)
578 return opaque == opaque2;
580 if (opaque.Length != opaque2.Length)
584 for (
int i = 0; i < opaque.Length; i++)
586 if (opaque[i] != opaque2[i])
594 private static bool AcesAreMergeable(QualifiedAce ace, QualifiedAce newAce)
596 if (ace.AceType != newAce.AceType)
600 if ((ace.AceFlags &
AceFlags.Inherited) != 0)
604 if ((newAce.AceFlags &
AceFlags.Inherited) != 0)
608 if (ace.AceQualifier != newAce.AceQualifier)
612 if (ace.SecurityIdentifier != newAce.SecurityIdentifier)
616 if (!AceOpaquesMatch(ace, newAce))
623 private bool MergeAces(ref QualifiedAce ace, QualifiedAce newAce)
625 if (!AcesAreMergeable(ace, newAce))
629 if (ace.AceFlags == newAce.AceFlags)
631 if (!(ace is ObjectAce) && !(newAce is ObjectAce))
633 ace.AccessMask |= newAce.AccessMask;
636 if (InheritedObjectTypesMatch(ace, newAce) && AccessMasksAreMergeable(ace, newAce))
638 ace.AccessMask |= newAce.AccessMask;
642 if ((ace.AceFlags &
AceFlags.InheritanceFlags) == (newAce.AceFlags &
AceFlags.InheritanceFlags) && ace.AccessMask == newAce.AccessMask)
644 if (!(ace is ObjectAce) && !(newAce is ObjectAce))
646 QualifiedAce obj = ace;
647 obj.AceFlags |= (newAce.AceFlags &
AceFlags.AuditFlags);
650 if (InheritedObjectTypesMatch(ace, newAce) && ObjectTypesMatch(ace, newAce))
652 QualifiedAce obj2 = ace;
653 obj2.AceFlags |= (newAce.AceFlags &
AceFlags.AuditFlags);
657 if ((ace.AceFlags &
AceFlags.AuditFlags) == (newAce.AceFlags &
AceFlags.AuditFlags) && ace.AccessMask == newAce.AccessMask)
660 if (ace is ObjectAce || newAce is ObjectAce)
662 if (ObjectTypesMatch(ace, newAce) && AceFlagsAreMergeable(ace, newAce) && MergeInheritanceBits(ace.AceFlags, newAce.AceFlags,
IsDS, out result))
664 ace.AceFlags = (result | (ace.AceFlags &
AceFlags.AuditFlags));
668 else if (MergeInheritanceBits(ace.AceFlags, newAce.AceFlags,
IsDS, out result))
670 ace.AceFlags = (result | (ace.AceFlags &
AceFlags.AuditFlags));
677 private bool CanonicalCheck(
bool isDacl)
682 for (
int i = 0; i < _acl.
Count; i++)
685 GenericAce genericAce = _acl[i];
686 if ((genericAce.AceFlags &
AceFlags.Inherited) != 0)
692 QualifiedAce qualifiedAce = genericAce as QualifiedAce;
693 if (qualifiedAce ==
null)
697 if (qualifiedAce.AceQualifier ==
AceQualifier.AccessAllowed)
703 if (qualifiedAce.AceQualifier !=
AceQualifier.AccessDenied)
726 for (
int j = 0; j < _acl.
Count; j++)
729 GenericAce genericAce2 = _acl[j];
730 if (genericAce2 ==
null)
734 if ((genericAce2.AceFlags &
AceFlags.Inherited) != 0)
740 QualifiedAce qualifiedAce2 = genericAce2 as QualifiedAce;
741 if (qualifiedAce2 ==
null)
745 if (qualifiedAce2.AceQualifier !=
AceQualifier.SystemAudit && qualifiedAce2.AceQualifier !=
AceQualifier.SystemAlarm)
755 else if (num4 < num3)
764 private void ThrowIfNotCanonical()
768 throw new InvalidOperationException(Environment.GetResourceString(
"InvalidOperation_ModificationOfNonCanonicalAcl"));
772 internal CommonAcl(
bool isContainer,
bool isDS,
byte revision,
int capacity)
774 _isContainer = isContainer;
776 _acl =
new RawAcl(revision, capacity);
780 internal CommonAcl(
bool isContainer,
bool isDS, RawAcl rawAcl,
bool trusted,
bool isDacl)
784 throw new ArgumentNullException(
"rawAcl");
786 _isContainer = isContainer;
791 RemoveMeaninglessAcesAndFlags(isDacl);
795 _acl =
new RawAcl(rawAcl.Revision, rawAcl.Count);
796 for (
int i = 0; i < rawAcl.Count; i++)
798 GenericAce ace = rawAcl[i].Copy();
799 if (InspectAce(ref ace, isDacl))
805 if (CanonicalCheck(isDacl))
807 Canonicalize(compact:
true, isDacl);
812 _isCanonical =
false;
820 throw new ArgumentOutOfRangeException(
"accessType", Environment.GetResourceString(
"ArgumentOutOfRange_Enum"));
830 throw new ArgumentException(Environment.GetResourceString(
"Argument_InvalidAnyFlag"),
"propagationFlags");
834 if (inheritanceFlags != 0)
836 throw new ArgumentException(Environment.GetResourceString(
"Argument_InvalidAnyFlag"),
"inheritanceFlags");
838 if (propagationFlags != 0)
840 throw new ArgumentException(Environment.GetResourceString(
"Argument_InvalidAnyFlag"),
"propagationFlags");
848 throw new ArgumentNullException(
"sid");
850 ThrowIfNotCanonical();
854 throw new ArgumentException(Environment.GetResourceString(
"Arg_EnumAtLeastOneFlag"),
"flags");
858 throw new ArgumentException(Environment.GetResourceString(
"Argument_ArgumentZero"),
"accessMask");
860 GenericAce ace = (
IsDS && objectFlags != 0) ? ((QualifiedAce)
new ObjectAce(flags, qualifier, accessMask, sid, objectFlags, objectType, inheritedObjectType, isCallback:
false,
null)) : ((QualifiedAce)
new CommonAce(flags, qualifier, accessMask, sid, isCallback:
false,
null));
865 for (
int i = 0; i <
Count; i++)
867 QualifiedAce ace2 = _acl[i] as QualifiedAce;
868 if (!(ace2 ==
null) && MergeAces(ref ace2, ace as QualifiedAce))
879 OnAclModificationTried();
886 throw new ArgumentNullException(
"sid");
890 throw new ArgumentException(Environment.GetResourceString(
"Arg_EnumAtLeastOneFlag"),
"flags");
894 throw new ArgumentException(Environment.GetResourceString(
"Argument_ArgumentZero"),
"accessMask");
896 ThrowIfNotCanonical();
897 GenericAce ace = (
IsDS && objectFlags != 0) ? ((QualifiedAce)
new ObjectAce(flags, qualifier, accessMask, sid, objectFlags, objectType, inheritedObjectType, isCallback:
false,
null)) : ((QualifiedAce)
new CommonAce(flags, qualifier, accessMask, sid, isCallback:
false,
null));
902 for (
int i = 0; i <
Count; i++)
904 QualifiedAce qualifiedAce = _acl[i] as QualifiedAce;
905 if (!(qualifiedAce ==
null) && (qualifiedAce.AceFlags &
AceFlags.Inherited) ==
AceFlags.None && qualifiedAce.AceQualifier == qualifier && !(qualifiedAce.SecurityIdentifier != sid))
913 OnAclModificationTried();
920 throw new ArgumentException(Environment.GetResourceString(
"Argument_ArgumentZero"),
"accessMask");
924 throw new ArgumentException(Environment.GetResourceString(
"Arg_EnumAtLeastOneFlag"),
"flags");
928 throw new ArgumentNullException(
"sid");
930 ThrowIfNotCanonical();
933 int num = accessMask;
941 for (
int i = 0; i <
Count; i++)
943 QualifiedAce qualifiedAce = _acl[i] as QualifiedAce;
944 if (!(qualifiedAce ==
null) && (qualifiedAce.AceFlags &
AceFlags.Inherited) ==
AceFlags.None && qualifiedAce.AceQualifier == qualifier && !(qualifiedAce.SecurityIdentifier != sid))
949 bool flag3 = !GetAccessMaskForRemoval(qualifiedAce, objectFlags, objectType, ref accessMask);
950 if ((qualifiedAce.AccessMask & accessMask) == 0)
955 bool flag4 = !GetInheritanceFlagsForRemoval(qualifiedAce, objectFlags, inheritedObjectType, ref flags);
956 if (((qualifiedAce.AceFlags &
AceFlags.ContainerInherit) ==
AceFlags.None && (flags &
AceFlags.ContainerInherit) != 0 && (flags &
AceFlags.InheritOnly) != 0) || ((flags &
AceFlags.ContainerInherit) ==
AceFlags.None && (qualifiedAce.AceFlags &
AceFlags.ContainerInherit) != 0 && (qualifiedAce.AceFlags &
AceFlags.InheritOnly) != 0) || ((aceFlags &
AceFlags.ContainerInherit) != 0 && (aceFlags &
AceFlags.InheritOnly) != 0 && (flags &
AceFlags.ContainerInherit) ==
AceFlags.None))
966 else if ((qualifiedAce.AccessMask & accessMask) == 0)
970 if (!saclSemantics || (qualifiedAce.AceFlags & flags &
AceFlags.AuditFlags) != 0)
975 Guid objectType2 = Guid.Empty;
976 Guid inheritedObjectType2 = Guid.Empty;
980 Guid objectType3 = Guid.Empty;
981 Guid inheritedObjectType3 = Guid.Empty;
985 Guid objectType4 = Guid.Empty;
986 Guid inheritedObjectType4 = Guid.Empty;
989 aceFlags2 = qualifiedAce.AceFlags;
990 num2 = (qualifiedAce.AccessMask & ~accessMask);
991 if (qualifiedAce is ObjectAce)
993 GetObjectTypesForSplit(qualifiedAce as ObjectAce, num2, aceFlags2, out objectFlags2, out objectType2, out inheritedObjectType2);
997 aceFlags3 = (
AceFlags)((
int)qualifiedAce.AceFlags & (int)(
byte)(~(uint)(flags &
AceFlags.AuditFlags)));
998 accessMask2 = (qualifiedAce.AccessMask & accessMask);
999 if (qualifiedAce is ObjectAce)
1001 GetObjectTypesForSplit(qualifiedAce as ObjectAce, accessMask2, aceFlags3, out objectFlags3, out objectType3, out inheritedObjectType3);
1004 aceFlags4 = ((qualifiedAce.AceFlags &
AceFlags.InheritanceFlags) | (flags & qualifiedAce.AceFlags &
AceFlags.AuditFlags));
1005 num3 = (qualifiedAce.AccessMask & accessMask);
1006 if (!saclSemantics || (aceFlags4 &
AceFlags.AuditFlags) != 0)
1008 if (!RemoveInheritanceBits(aceFlags4, flags,
IsDS, out result, out total))
1015 result |= (aceFlags4 &
AceFlags.AuditFlags);
1016 if (qualifiedAce is ObjectAce)
1018 GetObjectTypesForSplit(qualifiedAce as ObjectAce, num3, result, out objectFlags4, out objectType4, out inheritedObjectType4);
1029 ObjectAce ace =
new ObjectAce(aceFlags2, qualifier, num2, qualifiedAce.SecurityIdentifier, objectFlags2, objectType2, inheritedObjectType2, isCallback:
false,
null);
1034 qualifiedAce.AceFlags = aceFlags2;
1035 qualifiedAce.AccessMask = num2;
1036 if (qualifiedAce is ObjectAce)
1038 ObjectAce objectAce = qualifiedAce as ObjectAce;
1039 objectAce.ObjectAceFlags = objectFlags2;
1040 objectAce.ObjectAceType = objectType2;
1041 objectAce.InheritedObjectAceType = inheritedObjectType2;
1050 if (saclSemantics && (aceFlags3 &
AceFlags.AuditFlags) != 0)
1052 QualifiedAce ace2 = (!(qualifiedAce is CommonAce)) ? ((QualifiedAce)
new ObjectAce(aceFlags3, qualifier, accessMask2, qualifiedAce.SecurityIdentifier, objectFlags3, objectType3, inheritedObjectType3, isCallback:
false,
null)) : ((QualifiedAce)
new CommonAce(aceFlags3, qualifier, accessMask2, qualifiedAce.SecurityIdentifier, isCallback:
false,
null));
1058 QualifiedAce ace2 = (!(qualifiedAce is CommonAce)) ? ((QualifiedAce)
new ObjectAce(result, qualifier, num3, qualifiedAce.SecurityIdentifier, objectFlags4, objectType4, inheritedObjectType4, isCallback:
false,
null)) : ((QualifiedAce)
new CommonAce(result, qualifier, num3, qualifiedAce.SecurityIdentifier, isCallback:
false,
null));
1067 catch (OverflowException)
1069 _acl.SetBinaryForm(binaryForm, 0);
1072 if (!flag || !flag2)
1078 OnAclModificationTried();
1084 if (accessMask == 0)
1086 throw new ArgumentException(Environment.GetResourceString(
"Argument_ArgumentZero"),
"accessMask");
1090 throw new ArgumentException(Environment.GetResourceString(
"Arg_EnumAtLeastOneFlag"),
"flags");
1094 throw new ArgumentNullException(
"sid");
1096 ThrowIfNotCanonical();
1097 for (
int i = 0; i <
Count; i++)
1099 QualifiedAce qualifiedAce = _acl[i] as QualifiedAce;
1100 if (qualifiedAce ==
null || (qualifiedAce.AceFlags &
AceFlags.Inherited) != 0 || qualifiedAce.AceQualifier != qualifier || qualifiedAce.SecurityIdentifier != sid || qualifiedAce.AceFlags != flags || qualifiedAce.AccessMask != accessMask)
1106 if (qualifiedAce is ObjectAce && objectFlags != 0)
1108 ObjectAce objectAce = qualifiedAce as ObjectAce;
1109 if (!objectAce.ObjectTypesMatch(objectFlags, objectType) || !objectAce.InheritedObjectTypesMatch(objectFlags, inheritedObjectType))
1114 else if (qualifiedAce is ObjectAce || objectFlags != 0)
1122 OnAclModificationTried();
1125 internal virtual void OnAclModificationTried()
1134 CanonicalizeIfNecessary();
1141 ThrowIfNotCanonical();
1142 for (
int num = _acl.
Count - 1; num >= 0; num--)
1150 OnAclModificationTried();
1161 ThrowIfNotCanonical();
1162 for (
int num =
Count - 1; num >= 0; num--)
1170 OnAclModificationTried();
The exception that is thrown when a null reference (Nothing in Visual Basic) is passed to a method th...
PropagationFlags
Specifies how Access Control Entries (ACEs) are propagated to child objects. These flags are signific...
bool IsCanonical
Gets a Boolean value that specifies whether the access control entries (ACEs) in the current T:System...
override void GetBinaryForm(byte[] binaryForm, int offset)
Marshals the contents of the T:System.Security.AccessControl.RawAcl object into the specified byte ar...
override int BinaryLength
Gets the length, in bytes, of the binary representation of the current T:System.Security....
sealed override void GetBinaryForm(byte[] binaryForm, int offset)
Marshals the contents of the T:System.Security.AccessControl.CommonAcl object into the specified byte...
AceType
Defines the available access control entry (ACE) types.
Represents an Access Control Entry (ACE), and is the base class for all other ACE classes.
SecurityIdentifier SecurityIdentifier
Gets or sets the T:System.Security.Principal.SecurityIdentifier object associated with this T:System....
Represents an Access Control List (ACL).
AceFlags AceFlags
Gets or sets the T:System.Security.AccessControl.AceFlags associated with this T:System....
sealed override byte Revision
Gets the revision level of the T:System.Security.AccessControl.CommonAcl.
sealed override int BinaryLength
Gets the length, in bytes, of the binary representation of the current T:System.Security....
Provides information about, and means to manipulate, the current environment and platform....
A logical OR of F:System.Security.AccessControl.AceFlags.ObjectInherit, F:System.Security....
sealed override int Count
Gets the number of access control entries (ACEs) in the current T:System.Security....
void InsertAce(int index, GenericAce ace)
Inserts the specified Access Control Entry (ACE) at the specified index.
Represents an access control list (ACL) and is the base class for the T:System.Security....
void RemoveInheritedAces()
Removes all inherited access control entries (ACEs) from this T:System.Security.AccessControl....
override int Count
Gets the number of access control entries (ACEs) in the current T:System.Security....
AceFlags
Specifies the inheritance and auditing behavior of an access control entry (ACE).
AccessControlType
Specifies whether an T:System.Security.AccessControl.AccessRule object is used to allow or deny acces...
Specifies the discretionary access control list (DACL).
override byte Revision
Gets the revision level of the T:System.Security.AccessControl.RawAcl.
Encapsulates all Access Control Entry (ACE) types currently defined by Microsoft Corporation....
Represents an access control list (ACL) and is the base class for the T:System.Security....
AceQualifier
Specifies the function of an access control entry (ACE).
Represents a security identifier (SID) and provides marshaling and comparison operations for SIDs.
bool IsContainer
Sets whether the T:System.Security.AccessControl.CommonAcl object is a container.
void Purge(SecurityIdentifier sid)
Removes all access control entries (ACEs) contained by this T:System.Security.AccessControl....
The exception that is thrown when an invoked method is not supported, or when there is an attempt to ...
bool IsDS
Sets whether the current T:System.Security.AccessControl.CommonAcl object is a directory object acces...
void RemoveAce(int index)
Removes the Access Control Entry (ACE) at the specified location.
ObjectAceFlags
Specifies the presence of object types for Access Control Entries (ACEs).
1.8.15