-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSecurityInfo.cs
123 lines (98 loc) · 3.44 KB
/
SecurityInfo.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#region Copyright
/*
* Copyright (c) 2004-2006 IP Commerce, INC. - All Rights Reserved.
*
* This software and documentation is subject to and made
* available only pursuant to the terms of an executed license
* agreement, and may be used only in accordance with the terms
* of said agreement. This document may not, in whole or in part,
* be copied, photocopied, reproduced, translated, or reduced to
* any electronic medium or machine-readable form without
* prior consent, in writing, from IP Commerce, INC.
*
* Use, duplication or disclosure by the U.S. Government is subject
* to restrictions set forth in an executed license agreement
* and in subparagraph (c)(1) of the Commercial Computer
* Software-Restricted Rights Clause at FAR 52.227-19; subparagraph
* (c)(1)(ii) of the Rights in Technical Data and Computer Software
* clause at DFARS 252.227-7013, subparagraph (d) of the Commercial
* Computer Software--Licensing clause at NASA FAR supplement
* 16-52.227-86; or their equivalent.
*
* Information in this document is subject to change without notice
* and does not represent a commitment on the part of IP Commerce.
*
*/
#endregion
using System;
using System.Runtime.InteropServices;
using System.Text;
// TODO: Handle multiple ACEs
namespace HttpConfig
{
public enum UrlPermission
{
All,
Registration,
Delegation
}
public class SecurityInfo
{
private string _fqdn;
private UrlPermission _permission;
private SecurityInfo() { }
public SecurityInfo(string fqdn, UrlPermission permission)
{
_fqdn = fqdn;
_permission = permission;
}
public string ToSddl()
{
StringBuilder sddl = new StringBuilder();
sddl.Append("D:(A;;");
switch(_permission)
{
case UrlPermission.All:
sddl.Append("GA");
break;
case UrlPermission.Registration:
sddl.Append("GX");
break;
case UrlPermission.Delegation:
sddl.Append("GW");
break;
}
sddl.Append(";;;");
sddl.Append(EncodeSid());
sddl.Append(")");
return sddl.ToString();
}
public static SecurityInfo FromSddl(string sddl)
{
string[] tokens = sddl.Split(new char[] {':', ';'});
if(tokens.Length != 7)
{
throw new ArgumentException("Invalid SDDL string. Too many or too few tokens.", "sddl");
}
string permString = tokens[3];
string stringSid = tokens[6].Substring(0, tokens[6].Length - 1);
SecurityInfo info = new SecurityInfo();
switch(permString)
{
case "GA":
info._permission = UrlPermission.All;
break;
case "GX":
info._permission = UrlPermission.Registration;
break;
case "GW":
info._permission = UrlPermission.Delegation;
break;
default:
throw new ArgumentException("Invalid SDDL string. Unrecognized permission identifier.", "sddl");
}
info._fqdn = DecodeSid(stringSid);
return info;
}
}
}