Ejemplo n.º 1
0
void
HandleAAOption (
    int argc,
    TCHAR **argv
    )
{
    DWORD returnValue;
    HKEY  registryKey;
    TCHAR appid [256];
    TCHAR keyName [256];

    if (argc < 4)
        ShowUsage (TEXT("Invalid number of arguments."));

    if (_tcscmp (_tcsupr (argv[3]), TEXT("LIST")) == 0)
    {
        if (argc < 4)
            ShowUsage (TEXT("Invalid number of arguments."));

        _tprintf (TEXT("Access permission list for AppID %s:\n\n"), argv[2]);
        ListAppIDAccessACL (argv[2]);
        return;
    }

    if (_tcscmp (_tcsupr (argv[3]), TEXT("DEFAULT")) == 0)
    {
        if (argv [2][0] == '{')
            wsprintf (appid, TEXT("%s"), argv [2]); else
            wsprintf (appid, TEXT("{%s}"), argv [2]);

        wsprintf (keyName, TEXT("APPID\\%s"), appid);

        returnValue = RegOpenKeyEx (HKEY_CLASSES_ROOT, keyName, 0, KEY_ALL_ACCESS, &registryKey);
        if (returnValue != ERROR_SUCCESS && returnValue != ERROR_FILE_NOT_FOUND)
            Error (TEXT("ERROR: Cannot open AppID registry key."), returnValue);

        returnValue = RegDeleteValue (registryKey, TEXT("AccessPermission"));
        if (returnValue != ERROR_SUCCESS && returnValue != ERROR_FILE_NOT_FOUND)
            Error (TEXT("ERROR: Cannot delete AccessPermission value."), returnValue);

        RegCloseKey (registryKey);
        return;
    }

    if (argc < 5)
        ShowUsage (TEXT("Invalid number of arguments."));

    if (_tcscmp (_tcsupr (argv [3]), TEXT("SET")) == 0)
    {
        if (argc < 6)
            ShowUsage (TEXT("Invalid number of arguments."));

        if (_tcscmp (_tcsupr (argv [5]), TEXT("PERMIT")) == 0)
            returnValue = ChangeAppIDAccessACL (argv[2], argv [4], TRUE, TRUE); else

        if (_tcscmp (_tcsupr (argv [5]), TEXT("DENY")) == 0)
            returnValue = ChangeAppIDAccessACL (argv[2], argv [4], TRUE, FALSE); else
        {
            ShowUsage (TEXT("You can only set a user's permissions to \"permit\" or \"deny\".\n\n"));
        }

        if (returnValue != ERROR_SUCCESS)
            Error (TEXT("ERROR: Cannot add user to application access ACL."), returnValue);
    } else
    if (_tcscmp (_tcsupr (argv [3]), TEXT("REMOVE")) == 0)
    {
        returnValue = ChangeAppIDAccessACL (argv[2], argv[4], FALSE, FALSE);

        if (returnValue != ERROR_SUCCESS)
            Error (TEXT("ERROR: Cannot remove user from application access ACL."), returnValue);
    } else
        ShowUsage (TEXT("You can only \"set\" or \"remove\" a user."));
}
Ejemplo n.º 2
0
void HandleApplicationAccessOption (
    int cArgs,
    TCHAR **pptszArgv
    )
{
    DWORD dwReturnValue                 = ERROR_SUCCESS;
    HKEY  hkeyRegistry                  = NULL;
    TCHAR tszAppID [SIZE_NAME_BUFFER]   = {0};
    TCHAR tszKeyName [SIZE_NAME_BUFFER] = {0};

    DWORD dwAccessMask = COM_RIGHTS_EXECUTE;

    if (cArgs < 4)
        ShowUsage (_T("Invalid number of arguments."));

    if (_tcsicmp (pptszArgv[3], _T("LIST")) == 0)
    {
        if (cArgs < 4) ShowUsage (_T("Invalid number of arguments."));

        _tprintf (_T("Access permission list for AppID %s:\n\n"), pptszArgv[2]);
        
        ListAppIDAccessACL (pptszArgv[2]);
        
        return;
    }

    if (_tcsicmp (pptszArgv[3], _T("DEFAULT")) == 0)
    {

        _stprintf_s (tszAppID, RTL_NUMBER_OF(tszAppID), pptszArgv [2][0] == '{' ? _T("%s") : _T("{%s}"), pptszArgv [2]);
        _stprintf_s (tszKeyName, RTL_NUMBER_OF(tszKeyName), _T("APPID\\%s"), tszAppID);

        dwReturnValue = RegOpenKeyEx (HKEY_CLASSES_ROOT, tszKeyName, 0, KEY_ALL_ACCESS, &hkeyRegistry);
        if (dwReturnValue != ERROR_SUCCESS && dwReturnValue != ERROR_FILE_NOT_FOUND)
        {
            Error (_T("ERROR: Cannot open AppID registry key."), dwReturnValue);
        }

        dwReturnValue = RegDeleteValue (hkeyRegistry, _T("AccessPermission"));
        if (dwReturnValue != ERROR_SUCCESS && dwReturnValue != ERROR_FILE_NOT_FOUND)
        {
            Error (_T("ERROR: Cannot delete AccessPermission value."), dwReturnValue);
        }

        if(hkeyRegistry) RegCloseKey (hkeyRegistry);

        _tprintf (_T("Successfully set the Application Access to the machine default.\n"));
        
        return;
    }

    if (cArgs < 5) ShowUsage (_T("Invalid number of arguments."));

    if (_tcsicmp (pptszArgv [3], _T("SET")) == 0)
    {
         if (cArgs < 6) ShowUsage (_T("Invalid number of arguments."));

        if(cArgs == 7) 
        {
            SetAccessMaskFromCommandLine(pptszArgv[6], &dwAccessMask, SDTYPE_APPLICATION_ACCESS);
        }
        else if(!IsLegacySecurityModel())
        {
            _tprintf (_T("WARNING: Default access flags designated on a system with an enhanced security model.\n"));
        }

        if (_tcsicmp (pptszArgv [5], _T("PERMIT")) == 0)
        {
            dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv [4], TRUE, TRUE, dwAccessMask); 
        }
        else if (_tcsicmp (pptszArgv [5], _T("DENY")) == 0)
        {
            dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv [4], TRUE, FALSE, dwAccessMask); 
        }
        else
        {
            ShowUsage (_T("You can only set a user's permissions to \"permit\" or \"deny\".\n\n"));
        }

        if (dwReturnValue != ERROR_SUCCESS)
        {
            Error (_T("ERROR: Cannot add user to application access ACL."), dwReturnValue);
        }
    } 
    else if (_tcsicmp (pptszArgv [3], _T("REMOVE")) == 0)
    {
        dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv[4], FALSE, FALSE, dwAccessMask);

        if (dwReturnValue != ERROR_SUCCESS)
        {
            Error (_T("ERROR: Cannot remove user from application access ACL."), dwReturnValue);
        }
        
    } 
    else
    {
        ShowUsage (_T("You can only \"set\" or \"remove\" a user."));
    }

     _tprintf (_T("Successfully set the Application Access ACL.\n"));

    ListAppIDAccessACL(pptszArgv[2]);
}