partly implemented AuthzInitializeResourceManager and AuthzFreeResourceManager (no support for auditing so far)
Modified: trunk/reactos/lib/authz/authz.c
Modified: trunk/reactos/lib/authz/authz.xml
Modified: trunk/reactos/lib/authz/precomp.h
Added: trunk/reactos/lib/authz/resman.c

Modified: trunk/reactos/lib/authz/authz.c
--- trunk/reactos/lib/authz/authz.c	2005-10-07 00:35:10 UTC (rev 18307)
+++ trunk/reactos/lib/authz/authz.c	2005-10-07 02:28:42 UTC (rev 18308)
@@ -148,19 +148,6 @@
 AUTHZAPI
 BOOL
 WINAPI
-AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
-{
-    UNIMPLEMENTED;
-    return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
 AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
                                IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass,
                                IN DWORD BufferSize,
@@ -275,24 +262,6 @@
 AUTHZAPI
 BOOL
 WINAPI
-AuthzInitializeResourceManager(IN DWORD flags,
-                               IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck,
-                               IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups,
-                               IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups,
-                               IN PCWSTR ResourceManagerName,
-                               IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
-{
-    UNIMPLEMENTED;
-    return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
 AuthzInstallSecurityEventSource(IN DWORD dwFlags,
                                 IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration)
 {

Modified: trunk/reactos/lib/authz/authz.xml
--- trunk/reactos/lib/authz/authz.xml	2005-10-07 00:35:10 UTC (rev 18307)
+++ trunk/reactos/lib/authz/authz.xml	2005-10-07 02:28:42 UTC (rev 18308)
@@ -11,6 +11,7 @@
 	<library>kernel32</library>
 	<library>advapi32</library>
 	<file>authz.c</file>
+	<file>resman.c</file>
 	<file>authz.rc</file>
 	<pch>precomp.h</pch>
 </module>

Modified: trunk/reactos/lib/authz/precomp.h
--- trunk/reactos/lib/authz/precomp.h	2005-10-07 00:35:10 UTC (rev 18307)
+++ trunk/reactos/lib/authz/precomp.h	2005-10-07 02:28:42 UTC (rev 18308)
@@ -11,5 +11,22 @@
 #define UNIMPLEMENTED DbgPrint("AUTHZ.DLL: %s is UNIMPLEMENTED!\n", __FUNCTION__)
 #endif
 
+#if DBG
 
+#define RESMAN_TAG  0x89ABCDEF
+#define VALID_RESMAN_HANDLE(handle) ASSERT(((PAUTHZ_RESMAN)handle)->Tag == RESMAN_TAG)
+#ifndef ASSERT
+#define ASSERT(cond) if (!(cond)) { DbgPrint("%s:%i: ASSERTION %s failed!\n", __FILE__, __LINE__, #cond ); }
+#endif
+
+#else
+
+#define VALID_RESMAN_HANDLE(handle)
+#ifndef ASSERT
+#define ASSERT(cond)
+#endif
+
+#endif
+
+
 /* EOF */

Added: trunk/reactos/lib/authz/resman.c
--- trunk/reactos/lib/authz/resman.c	2005-10-07 00:35:10 UTC (rev 18307)
+++ trunk/reactos/lib/authz/resman.c	2005-10-07 02:28:42 UTC (rev 18308)
@@ -0,0 +1,271 @@
+/*
+ * ReactOS Authorization Framework
+ * Copyright (C) 2005 ReactOS Team
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+/* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
+ *
+ * PROJECT:         ReactOS Authorization Framework
+ * FILE:            lib/authz/resman.c
+ * PURPOSE:         Authorization Framework
+ * PROGRAMMER:      Thomas Weidenmueller <w3seek@reactos.com>
+ *
+ * UPDATE HISTORY:
+ *      10/07/2005  Created
+ */
+#include <precomp.h>
+
+typedef struct _AUTHZ_RESMAN
+{
+#if DBG
+    DWORD Tag;
+#endif
+
+    PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
+    PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
+    PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
+    
+    DWORD flags;
+    PSID UserSid;
+    LUID AuthenticationId;
+
+    WCHAR ResourceManagerName[1];
+} AUTHZ_RESMAN, *PAUTHZ_RESMAN;
+
+static BOOL
+AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan,
+                 IN HANDLE hToken)
+{
+    TOKEN_USER User;
+    TOKEN_STATISTICS Statistics;
+    DWORD BufLen;
+    PSID UserSid = NULL;
+    BOOL Ret = FALSE;
+    
+    /* query information about the user */
+    BufLen = sizeof(User);
+    Ret = GetTokenInformation(hToken,
+                              TokenUser,
+                              &User,
+                              BufLen,
+                              &BufLen);
+    if (Ret)
+    {
+        BufLen = GetLengthSid(User.User.Sid);
+        if (BufLen != 0)
+        {
+            UserSid = (PSID)LocalAlloc(LMEM_FIXED,
+                                       BufLen);
+            if (UserSid != NULL)
+            {
+                CopyMemory(UserSid,
+                           User.User.Sid,
+                           BufLen);
+            }
+            else
+                Ret = FALSE;
+        }
+        else
+            Ret = FALSE;
+    }
+    
+    if (Ret)
+    {
+        /* query general information */
+        BufLen = sizeof(Statistics);
+        Ret = GetTokenInformation(hToken,
+                                  TokenUser,
+                                  &Statistics,
+                                  BufLen,
+                                  &BufLen);
+    }
+    
+    if (Ret)
+    {
+        ResMan->UserSid = UserSid;
+        ResMan->AuthenticationId = Statistics.AuthenticationId;
+        Ret = TRUE;
+    }
+    else
+    {
+        if (UserSid != NULL)
+        {
+            LocalFree((HLOCAL)UserSid);
+        }
+    }
+
+    return Ret;
+}
+
+static BOOL
+AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
+{
+    HANDLE hToken;
+    BOOL Ret;
+
+    Ret = OpenThreadToken(GetCurrentThread(),
+                          TOKEN_QUERY,
+                          TRUE,
+                          &hToken);
+    if (Ret)
+    {
+        Ret = AuthzpQueryToken(ResMan,
+                               hToken);
+        CloseHandle(hToken);
+    }
+    
+    return Ret;
+}
+
+static BOOL
+AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
+{
+    HANDLE hToken;
+    BOOL Ret;
+
+    Ret = OpenProcessToken(GetCurrentProcess(),
+                           TOKEN_QUERY,
+                           &hToken);
+    if (Ret)
+    {
+        Ret = AuthzpQueryToken(ResMan,
+                               hToken);
+        CloseHandle(hToken);
+    }
+
+    return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzInitializeResourceManager(IN DWORD flags,
+                               IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck  OPTIONAL,
+                               IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups  OPTIONAL,
+                               IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups  OPTIONAL,
+                               IN PCWSTR ResourceManagerName  OPTIONAL,
+                               IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
+{
+    BOOL Ret = FALSE;
+
+    if (pAuthzResourceManager != NULL &&
+        !(flags & ~(AUTHZ_RM_FLAG_NO_AUDIT | AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)))
+    {
+        PAUTHZ_RESMAN ResMan;
+        SIZE_T RequiredSize = sizeof(AUTHZ_RESMAN);
+        
+        if (ResourceManagerName != NULL)
+        {
+            RequiredSize += wcslen(ResourceManagerName) * sizeof(WCHAR);
+        }
+        
+        ResMan = (PAUTHZ_RESMAN)LocalAlloc(LMEM_FIXED,
+                                           RequiredSize);
+        if (ResMan != NULL)
+        {
+            /* initialize the resource manager structure */
+#if DBG
+            ResMan->Tag = RESMAN_TAG;
+#endif
+
+            ResMan->flags = flags;
+            ResMan->UserSid = NULL;
+
+            if (ResourceManagerName != NULL)
+            {
+                wcscpy(ResMan->ResourceManagerName,
+                       ResourceManagerName);
+            }
+            else
+                ResMan->ResourceManagerName[0] = UNICODE_NULL;
+            
+            ResMan->pfnAccessCheck = pfnAccessCheck;
+            ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
+            ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
+            
+            if (!(flags & AUTHZ_RM_FLAG_NO_AUDIT))
+            {
+                /* FIXME - initialize auditing */
+                DPRINT1("Auditing not implemented!\n");
+            }
+            
+            if (flags & AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)
+            {
+                Ret = AuthzpInitUnderImpersonation(ResMan);
+            }
+            else
+            {
+                Ret = AuthzpInitSelf(ResMan);
+            }
+            
+            if (Ret)
+            {
+                /* finally return the handle */
+                *pAuthzResourceManager = (AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
+            }
+            else
+            {
+                DPRINT1("Querying the token failed!\n");
+                LocalFree((HLOCAL)ResMan);
+            }
+        }
+    }
+    else
+        SetLastError(ERROR_INVALID_PARAMETER);
+    
+    return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
+{
+    BOOL Ret = FALSE;
+
+    if (AuthzResourceManager != NULL)
+    {
+        PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
+        
+        VALID_RESMAN_HANDLE(AuthzResourceManager);
+        
+        if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
+        {
+            /* FIXME - cleanup auditing */
+        }
+        
+        if (ResMan->UserSid != NULL)
+        {
+            LocalFree((HLOCAL)ResMan->UserSid);
+        }
+        
+        LocalFree((HLOCAL)AuthzResourceManager);
+        Ret = TRUE;
+    }
+    else
+        SetLastError(ERROR_INVALID_PARAMETER);
+
+    return Ret;
+}
+
Property changes on: trunk/reactos/lib/authz/resman.c
___________________________________________________________________
Name: svn:keywords
   + author date revision
Name: svn:eol-style
   + native