diff options
Diffstat (limited to 'lib/chef/win32/security/sid.rb')
-rw-r--r-- | lib/chef/win32/security/sid.rb | 199 |
1 files changed, 199 insertions, 0 deletions
diff --git a/lib/chef/win32/security/sid.rb b/lib/chef/win32/security/sid.rb new file mode 100644 index 0000000000..7ca21eee79 --- /dev/null +++ b/lib/chef/win32/security/sid.rb @@ -0,0 +1,199 @@ +# +# Author:: John Keiser (<jkeiser@opscode.com>) +# Copyright:: Copyright 2011 Opscode, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require 'chef/win32/security' + +class Chef + module ReservedNames::Win32 + class Security + class SID + + def initialize(pointer, owner = nil) + @pointer = pointer + # Keep a reference to the actual owner of this memory so we don't get freed + @owner = owner + end + + def self.from_account(name) + domain, sid, use = Chef::ReservedNames::Win32::Security.lookup_account_name(name) + sid + end + + def self.from_string_sid(string_sid) + Chef::ReservedNames::Win32::Security::convert_string_sid_to_sid(string_sid) + end + + def ==(other) + other != nil && Chef::ReservedNames::Win32::Security.equal_sid(self, other) + end + + attr_reader :pointer + + def account + Chef::ReservedNames::Win32::Security.lookup_account_sid(self) + end + + def account_name + domain, name, use = account + (domain != nil && domain.length > 0) ? "#{domain}\\#{name}" : name + end + + def size + Chef::ReservedNames::Win32::Security.get_length_sid(self) + end + + def to_s + Chef::ReservedNames::Win32::Security.convert_sid_to_string_sid(self) + end + + def valid? + Chef::ReservedNames::Win32::Security.is_valid_sid(self) + end + + # Well-known SIDs + def self.Null + SID.from_string_sid('S-1-0') + end + def self.Nobody + SID.from_string_sid('S-1-0-0') + end + def self.World + SID.from_string_sid('S-1-1') + end + def self.Everyone + SID.from_string_sid('S-1-1-0') + end + def self.Local + SID.from_string_sid('S-1-2') + end + def self.Creator + SID.from_string_sid('S-1-3') + end + def self.CreatorOwner + SID.from_string_sid('S-1-3-0') + end + def self.CreatorGroup + SID.from_string_sid('S-1-3-1') + end + def self.CreatorOwnerServer + SID.from_string_sid('S-1-3-2') + end + def self.CreatorGroupServer + SID.from_string_sid('S-1-3-3') + end + def self.NonUnique + SID.from_string_sid('S-1-4') + end + def self.Nt + SID.from_string_sid('S-1-5') + end + def self.Dialup + SID.from_string_sid('S-1-5-1') + end + def self.Network + SID.from_string_sid('S-1-5-2') + end + def self.Batch + SID.from_string_sid('S-1-5-3') + end + def self.Interactive + SID.from_string_sid('S-1-5-4') + end + def self.Service + SID.from_string_sid('S-1-5-6') + end + def self.Anonymous + SID.from_string_sid('S-1-5-7') + end + def self.Proxy + SID.from_string_sid('S-1-5-8') + end + def self.EnterpriseDomainControllers + SID.from_string_sid('S-1-5-9') + end + def self.PrincipalSelf + SID.from_string_sid('S-1-5-10') + end + def self.AuthenticatedUsers + SID.from_string_sid('S-1-5-11') + end + def self.RestrictedCode + SID.from_string_sid('S-1-5-12') + end + def self.TerminalServerUsers + SID.from_string_sid('S-1-5-13') + end + def self.LocalSystem + SID.from_string_sid('S-1-5-18') + end + def self.NtLocal + SID.from_string_sid('S-1-5-19') + end + def self.NtNetwork + SID.from_string_sid('S-1-5-20') + end + def self.BuiltinAdministrators + SID.from_string_sid('S-1-5-32-544') + end + def self.BuiltinUsers + SID.from_string_sid('S-1-5-32-545') + end + def self.Guests + SID.from_string_sid('S-1-5-32-546') + end + def self.PowerUsers + SID.from_string_sid('S-1-5-32-547') + end + def self.AccountOperators + SID.from_string_sid('S-1-5-32-548') + end + def self.ServerOperators + SID.from_string_sid('S-1-5-32-549') + end + def self.PrintOperators + SID.from_string_sid('S-1-5-32-550') + end + def self.BackupOperators + SID.from_string_sid('S-1-5-32-551') + end + def self.Replicators + SID.from_string_sid('S-1-5-32-552') + end + def self.Administrators + SID.from_string_sid('S-1-5-32-544') + end + + # Machine-specific, well-known SIDs + # TODO: don't use strings, dummy + def self.None + SID.from_account("#{::ENV['COMPUTERNAME']}\\None") + end + def self.Administrator + SID.from_account("#{::ENV['COMPUTERNAME']}\\Administrator") + end + def self.Guest + SID.from_account("#{::ENV['COMPUTERNAME']}\\Guest") + end + + def self.current_user + SID.from_account("#{::ENV['USERDOMAIN']}\\#{::ENV['USERNAME']}") + end + end + end + end +end
\ No newline at end of file |